User Permissions

Owned by Josh Farina
Last updated: Dec 04, 2023
2 min read

Providing Appropriate User Access

Introduction

Security is paramount in the Aneto EVM application. Every component is crafted with precision, ensuring that sensitive data is strictly accessible to authorized users. This rigorous design is vital in safeguarding confidential information within the app

Disclaimer

Understanding the security protocols of Aneto EVM is essential before incorporating any sensitive data or users. Critical information includes hourly rates, project budgets, costs, prices, and specific Earned Value Management (EVM) Key Performance Indicators (KPIs) like Budget at Completion (BAC). It is incumbent upon your organization to meticulously configure access settings and permissions to effectively shield this sensitive data.

Configuring User Permissions

Aneto EVM allows two distinct permission levels:

Regular Users:

  • Restricted from accessing financial details in the Performance tabs of projects and retainers.

  • In the Hourly Rates module, regular users can view, but not alter, information.

  • Cannot modify app user settings.

Admin Users:

  • Full access to monetary information across Companies, projects, and retainers but only to the Companies, Project and Retainers to which they are added.

  • Capabilities to modify user settings in the system.

Permissions can be assigned across various modules:

Application Level:

  • Regular users: Restricted to app usage without user modification rights.

  • Admin users: Full access, including user management.

Hourly Rates Module:

  • Admin users can add, modify, or delete rate information if added to this module.

  • Regular users are limited to viewing the information if added to this module.

Companies Module:

  • Granted access implies control over the company's project and retainer portfolio.

  • Specific project and retainer access can be individually customized.

Projects and Retainers:

  • Admin users can access to manage EVM projects and retainers as well as see monetary information

  • Regular users can only see EVM KPIs that are not monetary and cannot modify access levels

Outlined below is the Role-Based Access Control (RBAC) system, which details how the Aneto EVM app facilitates enhanced control over user access:

Product Documentation