Explanation of all permissions

 

These are all the permissions which are available to assign to your roles within Kaizen


Allow user to manage their own login credentials
Enables the user to be able to add new login credentials for themselves and to edit their username.

Allow user to manage the login credentials of other users
Enables the user to be able to manage existing and create new login credentials of all users they have access to. This relates to local credentials only, not SSO.

Allow user to create new users
This enables new users to be created direct from the user list within user management. 

Allow user to edit the profile of other users
Each user's profile is shown within the profile tile on their dashboard. This permission enables the role to edit all of the user fields for all those users who they are able to view (including locked user fields). 

Allow user to edit their own profile
This will display the option to edit within the dashboard profile tile. The user will be able to change all fields except for those user fields which have been locked.

Allow user to edit locked user fields
This goes together with the above permission 'Allow user to edit their own profile'. This will additionally allow them to edit even those user fields on their own profile which are locked.

Allow user to view users list and profile details
This gives access to the list of users from the user management dropdown. The users that they see will always be determined by any relation or user dependent restrictions that are set within the role.  

Allow user to disable and enable users
Users can be disabled so that they no longer have access to Kaizen.

Allow user to login as other users
This gives the permission to login as other users and view their account exactly as that user does.

Allow user to view roles list
This will allow the user to view (as read only) the list of all roles which exist in the system). 

Allow user to create and edit roles
If the user can view the list of roles then they will additionally be able to create new ones, assign permissions and edit existing roles.

Allow user to delete roles 
If the user can view the list of roles then they will additionally be able to delete existing roles. Doing this will remove this role from anyone who it is currently assigned to, as well as removing it entirely from the system.

Allow user to assign roles to other people
This goes together with the permission to edit a user profile. If this is enabled then this role can assign any of the roles in the system to the user whose profile they are editing. 

Allow user to assign roles to themselves
This goes together with the permission to edit your own user profile. If this is enabled then this role can assign themselves any of the roles in the system. 

Allow user to view blueprints list
This will provide access to the list of blueprints which exist in the system in read only mode. The role will be able to view all blueprints and their content but not be able to edit them in any way. 

Allow user to create and edit blueprints
This grants the permission to make changes to existing blueprints and to create brand new ones. 

Allow user to view event types list
This will provide access to the list of event types which exist in the system in read only mode. The role will be able to view all event types and their content but not be able to edit them in any way. 

Allow user to create and edit event types
This grants the permission to edit existing event types and to create brand new ones. As event types are version controlled then editing in this context means creating and publishing a new version and archiving an event type. 

Allow user to create events on the timelines of other users
New events can be created for other users without requiring the permission to view that person’s portfolio. This does of course require the existence of an event type which is configured with the appropriate owner and user role responsible for completing the first section. 

Allow user to create events on their own timeline
Users can create events for themselves. This does of course require the existence of an event type which is configured with the appropriate owner and user role responsible for completing the first section. 

Allow user to delete their own draft events
This grants the permission to delete your own events in certain non destructive situations. If you are in the process of creating a new event but have not yet submitted it then this can be deleted. If there are any completed sections then the event will not be able to be deleted. If you submit the first section and then retract the invitation then the event is back in draft and can therefore be deleted with this permission. 

Allow user to delete completed events of other users
Completed events are those which have been through all of the sections specified in the event type template and are now green on the timeline. This permission allows the role to permanently remove these completed events owned by other people from the system. This action is not recoverable and will also remove the record of the ‘section of’ events from any contributor’s timeline. 

Allow user to delete their own completed events
Completed events are those which have been through all of the sections specified in the event type template and are now green on the timeline. This permission allows the role to permanently remove their own completed events from the system. This action is not recoverable and will also remove the record of the ‘section of’ events from any contributor’s timeline. 

Allow user to fill in sections of other users' events
This permission is necessary to allow users to respond to invitations they have been sent. This grants ability to fill in sections of events owned by other people without the necessity of viewing that person’s timeline. 

Allow user to edit editable authored sections
With this permission users can edit any completed section which they authored which was explicitly set to be editable after completion within the event type section settings. The event must be fully completed in order for the section to be editable.

Allow user to approve all pending sections
If responses to invitations are set to need approval before being submitted back into the event then these are referred to as pending sections. Within the event type section settings you choose which role(s) have the power to approve these. This permission provides the ability to view all pending sections which exist in Kaizen, irrespective of the approval settings in the event type. 

Allow user to close and re-open multi source events of other users
If an event section is set to gather multiple responses then it will need to be closed in order to advance it on to the next section. This permission grants the ability to close those sections of other users, even if the minimum number has not been reached. These sections can also be re-opened to accept further responses. 
Re-opening is only possible where the multi source section is not followed by another section. 

Allow user to close their own multi source events even if the minimum number is not reached
If an event section is set to gather multiple responses then it will need to be closed in order to advance it on to the next section. This permission grants the ability to close your own sections of this kind, even if the minimum number has not been reached. 
No permission is required to close your own sections of this type provided the minimum number of responses has been reached. 

Allow user to remove multi source responses of other users
This gives the ability to be able to delete responses from another user's multi source section. This will completely remove this response from this event.

Allow user to re-open their own multi source events
If the multi source section is not followed by any further sections then this permission allows the owner to re-open the multi source section in order to accept further responses. 

Allow user to re-open their own goal events
Goal sections work in a similar way to multi source sections, in that they need to be closed in order to advance the event through the workflow. If there are no further sections after the one containing the goals then this permission allows owners to re-open the section containing their goals in order to continue to work on them. 

Allow user to close and re-open the goals of other users
Goal sections work in a similar way to multi source sections, in that they need to be closed in order to advance the event through the workflow. If there are no further sections after the one containing the goals then this permission allows the role to re-open this section containing goals from the timeline or goals list of another user.

Allow user to edit all completed events of other users
Events are complete once they have advanced through all sections in the workflow and are green on the owner’s timeline. This permission allows the role to edit all content in any of the sections for events on the timelines of other users which they can view. 

Allow user to edit all their own completed events
Events are complete once they have advanced through all sections in the workflow and are green on the owner’s timeline. This permission allows the role to edit all content in any of the sections for their own events. 

Allow user to view the events of other users
This grants the ability to view the timeline and individual event contents for users which they have access to in their users list. 

Allow user to view their own events
This grants the ability for users to access their own timeline and to view the content of their own individual events. 

Allow user to view anonymised sections
Within the event type section settings there is the ability to anonymise the response. This hides the name of the person who has filled in the section when viewing this event in the future. This permission grants the role the ability to view that person’s name. 

Allow user to import users
This grants the ability to access the import data area and to import CSVs to create and edit users.

Allow user to import events
This grants the ability to access the import data area and to import CSVs to create and edit events.

Allow user to delete all comments
This allows the role to delete any comments which have been made against the events which they can view. 

Allow user to delete all comments on own events
This allows the role to delete any comments which have been made against their own events. 

Allow user to delete own comments
This allows the role to delete their own comments, both from their own events and those events owned by others. 

Allow user to delete own comments on own events
This allows the role to delete their own comments on their own events. 

Allow user to view the shared goals of other users
This provides access to the goals list on another user’s portfolio. Once there, only the goals which have been marked as shared will be visible. 

Allow user to work on shared goals of other users from open goal sets
If the role can access another user’s goals list then this permission additionally allows them to change the marking of those goals. This permission will only take effect when combined with the setting who can mark the goals? which can be found when configuring a goal field within an event type.

Allow user to view and work on their own goals
This provides access to your own goals list to view your current and past goals. Working on goals means the ability to link events to your goal targets in order to demonstrate progress against them. 

Allow user to add, edit, delete or resolve any goals of other users
This provides the ability to be able to add additional goals, edit existing goals, delete existing goals and to change the resolution (marking) of any goal of another user.

Allow user to view the document library of other users
Provides access to the documents area for a user which you can view in the users list. 

Allow user to manage their own document library
New documents can be uploaded and deleted, new folders can be created and documents can be reorganised within your own document area. 

Allow user to view FAQ
The FAQ is a list of frequently asked questions which the organisation manages themselves. This permission provides access to this list in read only capacity. 

Allow user to edit FAQ
The FAQ is a list of frequently asked questions which the organisation manages themselves. This permission gives the ability to create new FAQs and to edit existing ones. 

Allow user to view user fields list
User fields are customisable fields which appear on all users’ profiles. This permission allows the role to view the list of user fields which exist in the system. 

Allow user to edit or create user fields
Provides the ability to create new user fields, delete or edit existing ones. 

Allow user to view relations list
Provides access to the list of relations in read only capacity. 

Allow user to edit relations
Allows the role to create new relations and make changes to existing ones. 

Allow user to run reports
Provides the role access to the reports tab in order to run published reports. Only the reports set to be visible to the roles which you have will be shown. 

Allow user to manage report templates for the entire organisation
New report templates can be created and existing ones can be edited. 

Allow user to view announcements list
Provides access to the list of announcements which exist, including draft, published and expired, along with the content of each. 

Allow user to edit announcements
Provides the ability to make changes to any of the announcements in the system. 

Allow user to view dashboard templates list
Provides the ability to view the list of dashboard templates which exist in the system in read only capacity. 

Allow user to edit dashboard templates
Provides the ability to make changes to any of the dashboard templates which exist. 

Allow user to view summary templates list
Provides the ability to view the list of summary templates which exist in the system in read only capacity. 

Allow user to edit summary templates
Provides the ability to make changes to any of the summary templates which exist. 

Allow user to manage timelines
Timelines are set to show all events of any type by default. You can additionally provide categorisation so that your users can filter by groups that make sense to them. This permission provides the ability to create and manage those groups.

Allow user to manage goal categories
The goals list is set to show all goals from events of any type by default. You can additionally provide categorisation so that your users can filter by groups that make sense to them. This permission provides the ability to create and manage those groups.

Allow user to view email templates
Gives the permission to view the list of email templates and to view the list of sent emails.

Allow user to manage email templates
Gives the permission to modify the content of all email templates.