Objects Permissions
Tendo’s system is based on objects in which fields are stored. For example, an Appointment object includes appointment-related fields such as start and end time, the name of the patient and provider, the appointment location, and other related fields. So that designated users can see and/or interact with a specific Object Record, such as an individual patient’s appointment, roles must be defined that allow them to take certain actions on the objects, including Create, Read, Update, or Delete.
An administrator can specify these permissions on the Object tab on an individual role in the Access section of Tools by checking boxes in each column that apply to each Object in an app. This example is for a CDI Manager role in Tendo’s QDI application.
If you as administrator want the user to have a read only view, you need to give the role the same application permissions that you would give another user of the application, but Read Only permission on objects.
Note: If you want to give Create, Read, Update, and Delete access to a child object (e.g. DeviceOrder), you need to give the same permissions to its parent object first (e.g. Order).
Read All and Modify All Object Data Permissions
Administrators often need permissions on objects to access all the data with full Read or full Modify ability. For this reason, objects can have Read All and Modify All data permissions alongside standard Create, Read, Modify and Delete operation permissions in the Access feature of Tools.
- View All lifts all record level query restrictions on an object. When View All is selected, the Object Read permission is automatically selected.
- Modify All lifts all create, read, update and delete operation restrictions and all record level query restrictions on an object. For an Object with User Sharing (such as Reports), Modify All gives the user access to the Sharing feature so that they can add and remove users. For Modify All, users also have full Read, Update, and Delete access to the data.