Summary
This article covers the tasks, including adding a new user and understanding and editing user permissions, that are available to user administration.
Table of Contents
- Accessing User Administration
- User Lists
- Adding a New User
- Understanding Permission Configurations
- Editing User Permissions
- Generating User Accounts
User Administration in CTMS is performed entirely within the CTMS interface. With the exception of assigning high level administrative and support access to the utility, administrators handling the permissions granted to users in CTMS should never need to access the Enterprise Manager outside the CTMS platform. Account and permission assignment is performed in several stages. The process begins by generating User Accounts for the users to which you’d like to assign access to. Once these user accounts are established, roles can be configured and assigned using an interface-driven approach that is both flexible and granular. Prerequisite training can be used to enforce training requirements before providing the requested users with access to CTMS. Information on Prerequisites can be found here.**
Accessing User Administration
Access the CTMS Dashboard with an account that has the User Administration Permission, and click the “User Administration” option found in the Actions Menu.
User Lists
There are two User Lists available from the User Administration Screen, one for Unrestricted Users and another for Restricted Users. These two types of users have access to different sets of permissions and their access to the system is configured in slightly different manners. The tables that display them however, are the same.
Each row in the table displays the information for a user account that is being managed by CTMS. The first column displays the First and Last Name of the user, followed by its associated username and email address. The Edit column contains an edit icon that, when clicked will display a dialog to modify the user’s current access privileges, and the Delete column has a corresponding icon that will display a dialog to confirm the removal of a user’s access.
Changing Displayed User List
To navigate between the Unrestricted and Restricted User Lists, click the associated tab at the top of the table displayed.
Adding a New User
Before adding a new user, first ensure that the personnel to whom you are granting access have both a Personnel Record and an associated Fountayn username.
Open the Actions menu and click the Add New User option. This will display the following dialog prompting you to select the usernames you would like to configure.
The field is an auto-complete prompt, so you may search for the desired persons by typing either their first name, last name, or username. Multiple usernames can be selected at once to define access privileges to more than one person at a time.
Clicking the Next button will take you to the next stage of the permissions definition process. This is where the process diverges based on the types of users you are defining. See the associated section below for the subsequent steps.
Adding Unrestricted Users
Clicking Next will take you to the Role Selection Dialog. From here you can choose from all Unrestricted Roles configured in CTMS Settings which you would like to grant to the users you have selected.
Selecting one or more roles will enable the Save button which, when clicked, will close the dialog and add the selected roles to each of the user accounts chosen at the beginning of the process. These new users will now be displayed in the Unrestricted Roles table.
Adding Restricted Users
Clicking Next will take you to the Role Selection Dialog. Choose from all Restricted Roles configured in CTMS Settings which you would like to grant to the users you have selected.
Selecting one or more roles will enable the Next button which, when clicked, will direct you to the Entity Selection Dialog. From here you may choose from all entities that have been configured in CTMS Settings.
It is not necessary to select an entity to proceed with the user administration process. Clicking Next will take you to the Study Access Tree. From this dialog you can select more granular components of your CTMS database for which you would like to grant these Restricted Users access.
By expanding the navigation tree provided and selecting the checkboxes displayed, you can choose entire studies, countries or individual sites you would like the chosen users to have access to in the capacity defined by their roles. Clicking Save will conclude the configuration process and save the usernames’ new permissions in CTMS. The newly added users will now be displayed in the Restricted Users List.
Understanding Permission Configurations
At first glance, particularly in the case of restricted users, the configuration process might seem a bit strange. This section will explain how access definitions are handled differently between restricted and unrestricted users.
Unrestricted User Permissions
These are the easiest to understand. At the conclusion of user creation for unrestricted users there was only one step, the assignment of roles. This is really all there is to understanding the permissions of an unrestricted user. Their assigned roles grant them access to parts of the system in the capacity defined by those roles in CTMS Settings.
- Read/Write – Grants visibility of associated screens and full access to any actions or editing.
- Read Only – Grants visibility of associated screens and limits editing capabilities.
- No Access – Prevents access to associated screens.
Restricted User Permissions
Restricted users have more dimensions as to how their permissions are interpreted. Like unrestricted users they have access to screens in read/write, read only, or no access capacity defined by the roles they are given. However on a given screen or manager table, restricted users will, by default see no records displayed.
Restricted users begin by having no visibility of any records on the screens they have access to. This total filter of information can be removed in two different ways:
- The first was described in the second step of Restricted User Configuration, Entity Assignment. By assigning entities to a role, we inform the system that, for that role or set of roles, this user is allowed to see studies and records associated with those studies that fit the criteria defined by the entity.
Take, for example, an entity with the definition of Sponsor A, Sponsor B, and the Countries USA and Canada. If we granted a Restricted User a role that only had access to the Payments Managers, and assigned this user the Entity described, then that user’s Payment Manager would ONLY display payments from studies associated with Sponsor A or Sponsor B that also occurred in USA, Canada, or both. - The second way that visibility of records can be granted to a Restricted User is through the final stage of account creation, the Access Tree. By selecting items in the Access Tree we can grant access to a restricted user at a granular level. These permissions will be granted to the configured role in addition to those provided by any chosen entities.
Restricted user can only exist in CTMS if they have been assigned to an entity or a study.
Note: Restricted users can only exist in CTMS if they have been assigned to an entity or a study.
IF | THEN |
If a user is assigned to an entity | User will only see studies under that entity |
If a user is assigned to an entity AND an additional study | User will see studies under that entity and any additional studies assigned to them |
If a user is not assigned to an entity but is assigned to a specific study | User will only see the specific study |
Editing User Permissions
When you click the Edit button beside a particular user, you will be directed to a stage in the account creation process to modify the changes you have made.
Editing Unrestricted Users
When the Edit button is clicked for an unrestricted user, you will be presented with the Role Selection Dialog. By changing the selection of roles you made previously and clicking Save, the user’s access will be updated to reflect the modifications.
Editing Restricted Users
In the case of restricted users the edit button will again present you with the Role Selection Dialog, except in this case you will be asked to select a single role to modify. For restricted users, only one role can be edited at a time.
Selecting Configure for a selected role will take you to the Entity Selection Dialog where the entities associated with the chosen role can be reconfigured. Clicking Next will direct you to the Access Tree.
Again, from this screen you can modify the individual choices made for the chosen role on the Access Tree. Clicking Save will conclude the modification process and close the dialog.
Generating User Accounts
The first step in user administration is to ensure that those users that will be accessing the system have user accounts assigned to a Personnel Record recorded in the CTMS database. This can be done in two different ways depending on whether or not the user already has an existing Fountayn account; Linking Personnel Records to Existing Users or FOUNTAYN ONE Account Generation. When an account is generated from CTMS, the user becomes a member of the workgroup where the CTMS tool resides. Users with existing Fountayn accounts can be added to the appropriate workgroup in by managing users in Enterprise Manager.
Need more help?
Please visit the Fountayn Contact Information page.