Apply Constituent Security to a User in a System Role

Constituent security groups enable you to “partition” constituents by assigning them to groups that can have different permissions specified for them in different roles. For example, one role may not have access to constituents belonging to a “Major Donors” group, while another role does.

You set constituent security group access when you assign a user to a system role, so that different users in the same role can have different access.

A single feature can also apply to more than one type of record level security. For a user to access the record, that user must have rights to all “pieces” of record level security, both site AND constituent security group. For example, a registrant for an event could belong to a constituent group and the event containing the registrant record could be assigned to a site, so that both types of security would apply to the registrant.

Robert Hernandez is famous and belongs to a “Celebrities” constituent security group. Regular data entry users might not have access to constituents in the “Celebrities” group to help protect the constituents’ privacy. However, mangers at the organization should have access to constituents in the group. What the user could do with that record would be determined by the feature permissions of the role(s) to which the user belongs.

  1. Open the system role and select the user on the Users tab to which you want to assign an accounting element security group.

  2. Select Edit. The Edit system role user screen appears.

  3. On the Accounting element security tab, you can determine the record access for the user in the role.

    • All records - The user can access all accounting element records in features to which he has granted rights. This is the default setting.

    • Allow use of records in selected groups - The user has access only to those records that belong to the selected groups.

    • Allow use of all records except those in selected groups - The user can access all records which are not part of the selected security groups.

  4. Select Save and return to the system role.