Skip to main content
CollegeSource Support

Dashboard Security

 

The Dashboard serves as the area for configuring security settings the same way across all uAchieve applications. 

Security menu dropdown.png

The way security settings are configured affect the UI of the uAchieve applications (e.g., the display or absence of different button, icons, and menu options).

NOTE: For setting changes and updates to take effect, the user must log out and back in again for the change to be applied. This is especially useful during the testing phase.

Because of the powerful security controls housed within the Dashboard, institutions must be extremely selective with regards to who they allow access to Dashboard Security. After installing the database, a User designated as a "superuser" gains first access in order to set up the Dashboard at your institution. Application Admins are then set up. Generally speaking, these Admins are the only users allowed access to this area, with few exceptions. If user permissions allow, a Security option appears on the coral-colored menu bar on the Dashboard Home page.

Security roles and permissions were streamlined in 4.4 to make setting of these values easier to control. Application-specific security settings for users (e.g., advisor, student, user, and anonymous) have been replaced with simple CollegeSource (CS_) equivalents.

CS roles table.png

App Function

Description

CS_ROLE_ANONYMOUS Allows the user access to the "Access Denied" page. A user with CS_ROLE_ANONYMOUS with READ set to FULL can access the login screen without the "Access Denied" error.
CS_ROLE_USER Allows the user to gain entry into the application. Every user MUST have this role and role must have CREATE set to FULL.
CS_ROLE_STUDENT Allows the user to access the student menu within the application
CS_ROLE_STAFF Allows the user to access the staff menu within the application
CS_ADMIN_FUNCTIONAL Allows the user to access all admin functions except the logging area
CS_ADMIN_TECHNICAL Allows the user to access only the logging area–no admin functions

You must have CS_USER AND CS_STUDENT or CS_STAFF or an "Access Denied" message will display on the screen.

How Security Component Relate

The components of security include Roles, Users, Groups, and Properties. The illustration below demonstrates how the security components are interrelated:

security components interrelation.png

  • On their own, app functions and permissions are not useful–they only have meaning when combined together to form a Role
  • Users are never directly assigned to a Role. Instead, both Users and Roles are placed into Groups, which serve as placeholders for associating Roles with Users
  • Domains and Properties are used to restrict permissions rather than grant more permissions

Security Component Terminology

Term Definition
Application Function

("App Function")

A predefined area available in uAchieve web applications where the level of user access can be controlled. App functions are determined by the Product Development team at CollegeSource.

Permission

The level of access granted for a specific application function, in terms of four types:

  1. Create
  2. Read
  3. Update
  4. Delete

("CRUD" permissions)

Role

A functional grouping of permissions that apply to application functions that simulate a real life capacity (e.g., Advisor, Student)

Group A bucket where roles and users can be assigned together
Domain A hierarchy that defines an institution; can be used to limit user permissions to specific levels of the hierarchy
Property An attribute that can be assigned to a user or group to limit permissions
User An individual given permissions to use certain application functions within the uAchieve web applications

 

To access the actual settings for RolesUsersGroups, and Properties, select them from the Security drop-down menu:

Security menu dropdown options.png

In designing your security, we suggest the following order:

  1. Start first with Roles
  2. Then, define the Groups for those Roles to fit within
  3. Lastly, assign Domains to certain Groups (where applicable)

Other Important Considerations

  • Groups and Roles are generally set up only once: initially during Dashboard Security installation and configuration. Groups and Roles may be revisited when upgrading or if installing again.
  • Domains are only acknowledged by the uAchieve Planner application and only when building Roadmaps.
  • For setting changes and updates to take effect, log out and log back in again. The change will then be applied. (This is especially useful during the testing phase.)

 

  • Was this article helpful?