VacationTrackers Privilege Scopes & Levels Explained:
VacationTracker User Access Control is dependant upon two important factors:
- Privilege Scopes
- Privilege Levels
User Privilege Scopes
Privilege scopes control the scope/boundary of a users access.
When we speak about the Privilege Scope, we are referring to specific barriers (set by the Administrator) which allow or prevent other users access to certain information within VacationTracker. The Privilege Level of an Employee is limited by their Privilege Scope.
Privilege Scopes can be:
- Global
- By Department
- By Location
- By Location & Department
Department and Location refer to the department and location which is assigned to the individual Employee/user of the VacationTracker system. There is no limit to the amount of departments and/or locations you can define.
For example, an employee who is limited by a “By Location” scope will only be able to see Calendar Events (time-off etc.) from themselves and/or other employees who share the same location as them.
Another example would be where employees in the “Accounts” department of a company can only see Calendar Events for other employees who also work in the “Accounts” department and they will not see Calendar Events for employees from e.g. the “HR” department of the same company.
Taking these two examples further, if you were to change both employee scopes to be restricted by Department AND Location scope this would mean that they could only see time-off requests for other Employees in the same Department within the physical Location.
User Privilege Levels
Privilege Levels restrict how much control a user has over the VacationTracker system. There’s five types of Privilege Levels:
- Restricted
- Standard
- Manager
- Administrator
- HR Administrator
Privilege Levels Explained
Restricted User
Restricted users is the most restrictive user type available and is typically only used where you want the user to only have visibility for their own time-off and nothing else. Restricted users can only request time-off for themselves and can only see their own time-off requests on the calendar. They cannot see time-off requests for anybody else. Outside of this a restricted user has no further abilities. Typically we recommend the use of standard users instead of restricted users since combined with an appropriate privilege scope it allows users to see time-off requests from other members in their team/department/location for increased awareness on who’s on, or who’s off.
Standard User
The standard user is the most commonly used user type on a typical VacationTracker configuration. A standard user has basic access to the vacation tracking calendar and they can view time-off requests for all other users in their scope on the PTO/time-off calendar view. They have no access to overall VacationTracker settings. Standard Users can only book time-off for themselves and can only see Calendar Events (time-off etc.) within their own scope.
Manager
Manager users have the same access as Standard users (as well as being able to be restricted by scope) but in addition to being able to book their own time-off, they can also book/approve/reject time-off events for anyone they manage. Like Standard users, Managers have no access to overall VacationTracker settings.
HR Administrator
HR Administrators can book/approve/reject time-off requests for anyone in their scope. In addition, HR Administrators can manage (add/edit) employees on the VacationTracker system within their scope. Outside of this, HR Administrator users have no access to overall VacationTracker settings or billing information.
Administrator
Administrators are the most powerful, they have global access to everything and always have a global scope.