Permissions

Fusion Online provides a highly flexible permissions system, allowing administrators to control access to different types of data for various users. Users can be granted permissions through several mechanisms:

  1. Manager permissions: Assigned by designating a user as a manager for a task, project, or resource.

  2. Assigned user permissions: Granted automatically when a user is assigned to a task, based on system settings.

  3. Inherited permissions: Users inherit permissions from their user group memberships.

  4. Direct permissions: Assigned explicitly to individual users or user groups through permission records.

Manager permissions

Manager permissions are granted when a user is assigned as a manager for a task, project, or resource. This feature can be enabled or disabled via the Manager Permissions option on the System Options page.

  • Project Manager: The Project Manager has full permissions (read, write, delete) for the project if they have a Team Lead license. A Team Member license allows update permissions but does not permit deleting projects. The Project Manager can be assigned from the Project Details view.

  • Task Manager: The Task Manager has update permissions for the assigned tasks. The Task Manager can be assigned from the Task Details view.

  • Resource Manager: The Resource Manager has update permissions for all tasks assigned to their managed resources. The Resource Manager can be assigned to resources from the Resource Details view. The resources can then be assigned to tasks on the Task Details view.

Assigned user permissions

Assigned user permissions are automatically granted to users assigned to tasks, based on the Assigned User Permissions setting in the System Options page:

  • Update: Grants the user update permissions for tasks they are assigned to.

  • View: Grants the user view-only permissions for tasks they are assigned to.

  • None: Does not automatically grant any permissions. Users may still have permissions through other means (e.g., user groups or direct permissions).

Inherited permissions

Permissions can be created for individual users or for user groups. If a permission record is created for a user group, all members inherit those permissions. Inherited permissions cannot be edited directly from the User Details view; you must modify them from the User Group’s Permissions tab.

Types of permission records

Permission records can be created for individual Users, User Groups, and API Keys. Below are the different types of permission records available:

1. System Permissions

System permission records grant administrative privileges:

  • System Administrator: Grants full access to all data in Fusion Online, including system-wide settings and all projects and tasks.

  • User Administrator: Allows creating and managing user accounts and user groups. User Administrators can only edit users with a subset of their permissions.

2. Organization Permissions

Organization permission records grant access specific to a selected organization:

  • Add Projects: Allows the user to add new projects to the specified organization.

  • Manage Groups: Grants permission to create and modify project, task, and resource groups within the organization.

3. Project Permissions

Project permission records grant access to one or more projects within a specified organization:

  • Access Level: Choose between View or Update.

  • Project Selection: You can select specific projects, project groups, or choose All Projects within the organization.

  • Scope: Project permissions grant access to all tasks within the specified projects.

4. Task Permissions

Task permission records provide granular control over task-level access within specified projects:

  • Access Level: Choose between View or Update.

  • Project Selection: You can select specific projects, project groups, or choose All Projects within the organization.

  • Task Scope: Define which tasks to grant access to, using the following options:

    • All Tasks: Grants access to all tasks within the selected projects.

    • Task Groups: Grants access to tasks in specified task groups.

    • Resources: Grants access to tasks assigned to specific resources.

    • Resource Groups: Grants access to tasks assigned to resources in selected resource groups.

    • Assigned Users: Grants access to tasks assigned to specific users.

Managing permission records

Each tab (User Details, User Groups, and API Key Permissions) allows you to easily expand or collapse sections by clicking the up or down arrow to the left of each section title. When a section is expanded, you can:

  • Click on the + create new permission link to create a new permission record for the selected category.

  • Use the Action Menu for each record to Edit or Delete the permission record.

Note:

  • You can only add or edit one permission record at a time.

  • Be sure to click the Save button to apply any changes you’ve made to the permission record.

Permissions tab on User Details

Inherited vs. direct permissions

Users can have a combination of inherited and direct permissions:

  • Inherited permissions: Users inherit permissions from their user group memberships. These permissions are displayed on the Permissions tab in the User Details view but cannot be edited directly from there.

  • Direct permissions: Assigned explicitly to individual users. These can be edited directly from the User Details view.

Best practices

  • Use User Groups to assign common permissions to multiple users efficiently.

  • Regularly review and update permissions to ensure they align with your organization’s access policies.

  • Enable the Manager Permissions option in System Options for easier project and task management.

See also

Last updated

Was this helpful?