Difference between revisions of "Roles"

From TMS Support Wiki
Jump to navigation Jump to search
Line 73: Line 73:


==User Actions==
==User Actions==
===New Role===
Start adding a new role as discussed [[Roles#Adding_new_roles|above]].
===Edit Active Directory Group Mapping===
[[File: ADGroupMapping.png|600px|right|thumb|The Roles setup page is where you configure your Active Directory mappings.]]
When Active Directory integration is enabled it works by mapping AD groups to PTS roles. You can configure the mappings here in the Roles setup page.


Whenever someone accesses PTS in their web browser the system first detects their current Active Directory group and attempts to map it to a PTS role using the mappings defined here. PTS then either creates an associated PTS user account using their AD details, or updates their existing one if it already exists and either the role mappings anything in Active Directory has been amended. They are then automatically logged in to PTS as the appropriate PTS user account.
To map an AD group:
<ul>
<li><strong>Priority</strong><br/>
As users can be assigned to multiple AD groups, you can assign a mapping priority to determine which role they will be given if they match two groups. A lower number (e.g. "1") is a higher priority.</li>
<li><strong>AD Group (Principle Name)</strong><br/>
Free type the name of the group as it appears in Active Directory.</li>
<li><strong>PTS Role</strong><br/>
Select the PTS Role that the AD group should relate to.</li>
</ul>
==Actions for selected roles==
==Actions for selected roles==
===Reset selected roles===
===Reset selected roles===

Revision as of 10:01, 7 September 2023

Roles are used to define the default parameters for each user assigned to that role, such as the default user views and permissions, the activities they are permitted to record, and more. Some of these parameters can be adjusted on a per-user basis; it's not necessary nor recommended to create new roles for small individual changes.

Accessing the setup page

The PTS sidebar with Setup selected.

Like many of the different PTS utilities, setup is found in the left-hand side bar.

Hover over the sidebar with the mouse cursor and the side bar will expand. Select Setup to reveal a drop-down list of the various setup pages you have permission to access.

To choose a setup page click on its name in the list to be taken to the setup page.

PTS 5 is the most user configurable version of our Prescription Tracking System to date. As a result parts of this Wiki assumes that the reader has permission to access the elements of the system in question. If you don't see specific items and utilities where they are supposed to be you may not have permission to access them.

Adding new roles

When creating a role you can select a pre-existing role to use as the template.

PTS is shipped with a number of popular roles pre-configured, such as Pharmacist, Porter, Ward Staff and more. If you need to create a new role access the actions menu by clicking on the actions menu icon at the top right of the page, then from the actions menu click the New Role button.

To speed up the Role creation process you can create the role based upon an existing role. Select the closest Role to the one to be created by selecting it from the list; you can make changes to it next.

Click OK when you're done. The process then continues in the role popup.

Editing existing roles

To edit an existing role, select the role you wish to amend by clicking on its entry in the list to load the role popup (note clicking the tickbox has another dedicated function).

Role popup

The activity permissions tab. Many prefer to access this via the Activities setup page where the process is easier to follow.

The role popup appears after adding a new role, or clicking on a role in the list to edit it.

Enter the following information and click the Save button to finish creating or editing the role. Some fields may be optional.

Role details tab

  • Description
    This is a free format field that is used to describe the Role.

Activities tab

Here it is possible to limit which roles are permitted to perform certain dispensing activities. Activities in red are disabled, activities in green are enabled, and activities in amber are inferred to be enabled. This is because they have not been specifically added to any other role, and are therefore by default considered to be available to any and all roles. Once an activity permission is added to at least one role, it is considered to be unavailable to other roles (n.b. it shows up in red) unless also specifically added to them.

If this process is hard to follow consider making your changes to activity permissions in the Activities setup page, where the flow is reversed and arguably makes more sense.

You can hover over the activity to read a explanation of its current status within the current role.

To add a new activity to the list of permitted activities, click on the Plus button, and then select the activity from the list. This will add the activity in green. Click the Save button to save your changes.

The note permissions tab.

Note permissions tab

Every note added to PTS will be listed here next to a dropdown where you can set the access that this role has to it.

  • Hidden
    Users of this role will not see this note anywhere, even when viewing a prescription that contains it. This is useful for hiding potentially sensitive note types.
  • View
    The note will be visible when recorded, but the user will not be able to record the note themselves.
  • Create
    User will be able to see and record this note themselves, assuming the user has permission to create notes in general i.e. CREATENOTES = Yes. This setting will not override CREATENOTES = No.

Type permissions tab

Every prescription type added to PTS will be listed here next to a dropdown where you can set the access that this role has to it.

  • Hidden
    Users of this role will not see prescriptions of this type anywhere, even when viewing a home page view that contains one.
  • View
    The prescription type will be visible to the user, but the user will not be able to book in a prescription of this type themselves.
  • Create
    User will be able to see and book in prescriptions of this type, assuming the user has permission to book in in general i.e. BOOKIN = Yes. This granular control has proved useful in allowing ward users to book in prescriptions of specific types only, such as an Order for Controlled Drugs. This setting will not override BOOKIN = No.

User views tab

This section allows the default user views for users of this role to be configured.

See the User Views page for more about user views.

Permissions tab

This section allows the default general permissions for users of this role to be configured.

Applying changes to existing users

Applying changes to the role to existing users.

Upon saving changes to a role PTS will ask if you want to apply those changes to all existing users who are assigned that role. Choose Yes or No from the dialog box. This can save a lot of time when you make broad changes to user view configurations, for example.

You can also perform this task at any time via the Actions menu.

Be advised that this process can take some time to complete if there are a large number of affected users. Please be patient and avoid closing down PTS until you see the confirmation message.

Actions menu

There are two types of action that can be performed from the roles setup page: actions for selected roles and actions for the logged on user.

The actions menu can be accessed using the actions menu button at the top right of the screen ActionsMenuButton.png. If roles are selected the menu slides out automatically.

User Actions

New Role

Start adding a new role as discussed above.

Edit Active Directory Group Mapping

The Roles setup page is where you configure your Active Directory mappings.

When Active Directory integration is enabled it works by mapping AD groups to PTS roles. You can configure the mappings here in the Roles setup page.

Whenever someone accesses PTS in their web browser the system first detects their current Active Directory group and attempts to map it to a PTS role using the mappings defined here. PTS then either creates an associated PTS user account using their AD details, or updates their existing one if it already exists and either the role mappings anything in Active Directory has been amended. They are then automatically logged in to PTS as the appropriate PTS user account.

To map an AD group:

  • Priority
    As users can be assigned to multiple AD groups, you can assign a mapping priority to determine which role they will be given if they match two groups. A lower number (e.g. "1") is a higher priority.
  • AD Group (Principle Name)
    Free type the name of the group as it appears in Active Directory.
  • PTS Role
    Select the PTS Role that the AD group should relate to.

Actions for selected roles

Reset selected roles

Allows you to reset the user views and permissions of a role based on another existing role.

Re-apply selected roles to users

Choose this option to manually re-apply the role's user views and permissions to specific users. This is a good way of rolling back any manual changes to the user's views and permissions and reverting them to the current role defaults.