Permissions in ATiM are based on groups. To reach the configuration page,
- Reach the tools page
- Select administration
- Select the group on which you want to change the permissions
- In the last menu tab, select permissions
Access permissions can be defined within the tree view. For each ATiM plugin, you have all controllers. (Controllers are a sub group of ATiM pages. Eg.: The pages/functions based on participant can be found under the "Clinicalannotation" plugin, and then under the "Participants" controller.) There you can chose to allow/block access to any of those pages/functions.
Permissions work from bottom to top. So, to know if a permission for a specific function is granted, find that permission in the tree. If it's defined right there, you have your answer. If not, go up until you reach the first defined element. That is your permission.
With version 2.2.0+, ATiM has a new group permission - Show confidential information. When checked, ATiM behaves like in previous versions. When unchecked, ATiM does three things:
- It masks the confidential information
- It replaces it with a "confidential data" label.
- It blocks access to add/edit forms containing one or more confidential fields.
Example - A user belongs to a group without the ability to see confidential information and the participants first and last name are defined as confidential fields. This use can still view the participant profile, but will never see the first and last name.
It is impossible for a user without access to confidential information to do a search based on a confidential field. It would still be possible to perform a search using non-confidential criteria such as gender, but not with one based on first name.
Participant identifiers are a specially managed case. They have to be configured one by one when ATiM is installed. As an example, one may want a bank identifier to be public but the health insurance number to be confidential. So, a user without confidential access can still see that a participant has an health insurance number but cannot see the actual value or update it. For users without confidential privileges, search has a dual mode. Searching on identifier types works as before. Searching on identifier values automatically removes confidential identifiers from the result set.