For security reasons, your Zegeba site should have at least two Administrators. Users who will be capturing data using Forms in the Next app should be defined as Data Collectors. For smaller companies who do not use tasks, these are generally the only roles needed.
If a Data Collector needs access to the data others have entered in a form, the collector must also be defined as a Data Manager. Those who use tasks will automatically get the roles they need — Data Collector and Task User — the first time that are assigned to a task in Zegeba. If users are being assigned to a task without having been given specific access to the task forms nor being Task Users, they will automatically get the form and task permissions for this.
Companies that use tasks, or who are larger, will need the access control provided by the various other roles.
Only Admins and Access Managers have the menu option Users. Admins will see all users registered in Zegeba, but for security reasons Access Managers will not see other Access Managers nor Admins (users who are ob them same leves as them, or above) in the user list. Also note that Access Managers can only assign to others the additional roles they have themselves, such as Data Collector, Task User, etc. But only Admins can assign the Access Manager role.
Note: We recommend registering each user with their own name, as opposed to for instance defining one user per tablet and have many people log in with this one user. For control and security purposes it’s important to be able to identify each person that registers data in the system.
The table below contains all available user roles per Zegeba version 4.4.
|Superuser, has the privileges of all roles and has full rights to manage users, forms, tasks and resources.
|Can create new users and assign roles and permissions to other users. The roles and permissions are limited to the ones this user has in addition to the Access Manager role.
|Can archive and unarchive (from v 4.4).
|Can create, edit and delete context types (from v 4.4).
|Can create and edit contexts (from v 4.4).
|Can fill out the forms the user has access to and edit own data.
|Can view and edit all data the user has access to.
|Can request ‘whitelisting’: a temporary connection to a MySQL database giving access to all Zegeba data.
|Can create and edit folders and forms.
|Can access all files listed in Resources and perform all file operations.
|Can create, edit and delete task templates.
|Can create tasks, edit tasks, and assign users (from v 4.4).
|Can perform the tasks assigned to them for the forms they have permission to access.
Assigning a role
The picture below shows the user role for user johan: Admin. If we want to give him a “lesser” role than this, we must first click on the [Admin] button to remove that role.
We can now assign to johan one or more roles that are appropriate for his work. In the picture below, we have assigned roles to do with creating contexts and tasks. As a Context Manager implicitly has the role of Task Manager, the latter role is shown in pale green.
When the Admin role was removed, the Permissions tab showed up. An Admin has permissions to access all folders, forms and data on the server, but all other roles must be given permissions explicitly, as described in Managing: 3.4 User permissions, or through assigned tasks.