Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Log-in as a Staff Member.

...

  • Admin Staff Role

    • Update the User’s profile to School Personnel

    • Add the user to the permission-set group

      • Go to Setup > Users > click the user > click permission set assignment > look for the permission set group assignment> Edit Assignement > drag the PosiEd Admin Staff to the right > click Save.

    • Add the user to the Public Group

      • Go to Setup > Public Group >click the edit button beside School: ACC Marsden Park > set the Search to Public Groups and look for the Admin staff > drag the Admin staff to the right > click Save.

  • Admin Leader

    • Update the User’s profile to School Personnel

    • Add the user to the permission-set group

      • Go to Setup > Users > click the user > click permission set assignment > look for the permission set group assignment> Edit Assignement > drag the PosiEd Admin Leader to the right > click Save.

    • Add the user to the Public Group

      • Go to Setup > Public Group >click the edit button beside School: ACC Marsden Park > set the Search to Public Groups and look for the Admin Leader > drag the Admin leader to the right > click Save.

  • Teacher

    • Update the User’s profile to School Personnel

    • Add the teacher to the Public Group and to the Grade Level they’re handling.

      • Go to Setup > Public Group >click the edit button beside School: ACC Marsden Park > set the Search to Public Groups and look for the teacher > drag the teacher to the right > click Save.

      • Same process > look for the Grade Level and click the edit button beside it > look for the teacher > drag the teacher to the right > click Save.

Setup Permission:

Profile Setups

School Personnel ; This will be the base profile for all users except for System Administrators.

Permission Sets

To extend permissions without changing the base profile, the following permission set must be created and grouped by its permission set group.

[PosiEd] Log a Wellbeing Observation

Allows the user to create a wellbeing observation and other related objects

Objects

Wellbeing Observation

Wellbeing Involvement

Wellbeing Action

[PosiEd] Mark a Roll

Allows the user to mark a roll of any class.

Objects

Session

Account (Lookup)

Bell Time (Lookup

Asset (Lookup

Event

Cohort Session

Cohort

 [PosiEd] Read Day Attendance

Allows the user to view the day attendance of any class.

Objects

Day Attendance

Attendance Management Component

Account (Lookup)

Session

Absence Submission

[PosiEd] Read School Accounts

Allows the user to view all school accounts in the org

Objects

Account (School)

Kiosk Definition (Lookup)

Timetable Structure

External System Connection

[PosiEd] Read Student Accounts

Allows the user to view all student accounts in the org

Objects

Account (Students)

[PosiEd] Edit Accounts
Allows the user to edit core student, teacher, and carer details in objects such as Person Account and Student Attributes, etc

Objects

Account Student Comms

Student Attribute

Student Record

Employee Role

Student Recognition

[PosiEd] Attendance Management

This permission set allows users to access the Attendance App and associated objects

Objects

Day Attendance Calendar Event Session Cohort Session

Comms Template

Absence Submission

Absence Reason

Calendar Event

Session

Cohort Session

[PosiEd] Create/Edit Cohorts

The ability to create and edit Cohorts and Cohort Members

Objects

Cohort

Cohort Member

Cohort Schedule

Cohort Schedule Connection

Cohort Session

School Calendar Cohort

Cohort Assessment

[PosiEd] Create/Edit Timetable Structure

The ability to create and edit timetable structure and other related objects

Objects

Timetable Structure

Bell Time

Date Maps

Timetable Terms

Timetable Periods

Cohort

[PosiEd] Create/Edit Kiosk Definition

The ability to create and edit Kiosk Definition and other related objects

Objects

Kiosk Definition

Kiosk Reasons

Permission Set Groups

Add each permission set to each designated permission set group

PosiEd Admin Staff

This will be the base permission for users of General Admin Staff users. Create Cohort/Members Edit Cohort/Member

  • Edit Accounts

  • Attendance

  • Create Cohort/Members

  • Edit Cohort/Members

PosiEd Admin Leader

This will be the base permission for users of Admin Leader.

  • Edit Accounts

  • Attendance

  • Create Cohort/Members

  • Edit Cohort/Members

  • Create/Edit Timetable Structures/Bell Times

  • Create/Edit Kiosk Definition

PosiEd Enrolment Staff

This will be the base permission for users of Enrolment Staff users

  • Create Accounts

[PosiEd] Teaching Staff

This will be the base permission for users of Primary Teaching Staff and Secondary Teaching Staff users.

  • [PosiEd] Read Day Attendance

  • [PosiEd] Mark a Roll

  • [PosiEd] Read School Accounts

  • [PosiEd] Read Student Accounts

Assignments

  • Assign School Personnel profile to all users with roles.

  • Assign Teaching Staff permission set group to all users with Primary Teaching Staff and Secondary Teaching Staff roles.

  • Assign Admin Staff permission set group to all users with Admin Staff role.

  • Assign Admin Leader permission set group to all users with Admin Leader role.

  • Assign Enrolment Staff permission set group to all users with Enrolment Staff role.

Setup: Record Access

Org-Wide Defaults

Set all objects to Private/Controlled by Parents and only share records with other users via Sharing Rules. This would be the base record access for each user where they can only see records they owned and records that are shared with them via sharing rules.

image-20240923-030502.pngImage Added

image-20240923-030512.pngImage Added

Roles Setup

This directly influences the organization's Sharing Settings (OWD and Sharing Rules) to establish the access levels for users.

...

Public Groups

 A public group for all the staff of a certain school. You must create a public group for each school/university/department in a multi-school setting. This will also be used in the sharing rules setup for school-wide record access (e.g. read access to all students in a specific school).

Integration Users:  A public group for all the staff of a certain school. You must create a public group for each school/university/department in a multi-school setting. This will also be used in the sharing rules setup for school-wide record access (e.g. read access to all students in a specific school).

The public groups listed below are designed for the Year Advisor and Stage Coordinator, who only need access to a wellbeing involvement related to their assigned grade level students.

[ACC] Early Stage 1: Kindergarten

A public group intended for the Year Advisor/Stage Coordinator users of Early Stage 1 Kindergarten students.

[ACC] Grade Level: Foundation

A public group intended for the Year Advisor/Stage Coordinator users of Foundation students.

[ACC] Grade Level: Kindergarten

A public group intended for the Year Advisor/Stage Coordinator users of Kindergarten students.

[ACC] Grade Level: Pre-Kinder

A public group intended for the Year Advisor/Stage Coordinator users of Pre-Kinder students.

[ACC] Grade Level: Pre-Primary

A public group intended for the Year Advisor/Stage Coordinator users of Pre-Primary Students

[ACC] Grade Level: Prep

A public group intended for the Year Advisor/Stage Coordinator users of Prep students

[ACC] Grade Level: Year 1

A public group intended for the Year Advisor/Stage Coordinator users of Year 1 students

[ACC] Grade Level: Year 2

A public group intended for the Year Advisor/Stage Coordinator users of Year 2 students

[ACC] Grade Level: Year 3

A public group intended for the Year Advisor/Stage Coordinator users of Year 3 students

[ACC] Grade Level: Year 4

A public group intended for the Year Advisor/Stage Coordinator users of Year 4 students

[ACC] Grade Level: Year 5

A public group intended for the Year Advisor/Stage Coordinator users of Year 5 students

[ACC] Grade Level: Year 6

A public group intended for the Year Advisor/Stage Coordinator users of Year 6 students.

[ACC] Grade Level: Year 7

A public group intended for the Year Advisor/Stage Coordinator users of Year 7 students

[ACC] Grade Level: Year 8

A public group intended for the Year Advisor/Stage Coordinator users of Year 8 students

[ACC] Grade Level: Year 9

A public group intended for the Year Advisor/Stage Coordinator users of Year 9 students

[ACC] Grade Level: Year 10

A public group intended for the Year Advisor/Stage Coordinator users of Year 10 students

[ACC] Grade Level: Year 11

A public group intended for the Year Advisor/Stage Coordinator users of Year 11 students.

[ACC] Grade Level: Year 12

A public group intended for the Year Advisor/Stage Coordinator users of Year 12 studentS.

Assignments

  • Add all users to their designated School public group.

    • Currently, there is a public group named School: ACC Marsden Park in CEM org, all users under ACC Marsden Park should be added to it.

  • All Year Advisor and Stage Coordinator users must be added to their respective grade-level public groups.

    • E.g. John Doe is the designated Stage Coordinator to Grade Levels 2 and 3 students of ACC Marsden Park, thus, John Doe should be added to the [ACC] Grade Level: Year 2 and [ACC] Grade Level: Year 3 public groups. Please note that in a multi-school setting, all grade-level public groups should be created for each school. The reason behind this is that this public group is used in sharing rules that will satisfy this requirement the stage coordinator/year advisor should not have access (or visibility) to the confidential records of other schools.

Automations Required for Sharing Rules Multi-School Setup

Not available yet

Sharing Rules

...

Design Considerations

  • Formula field is not supported in sharing rules

  • We can't use relationship fields in sharing rules

  • We can't use multi picklist in sharing rules

  • We can create a boolean formula field on an object where we can check if the logged-in user has the same school code on the viewed record but we don't have a way to get the updated value of that formula field when being recalculated

    • We could create a trigger on the same object to get the value of the formula field and duplicate that value to a text field but the record should fire an update action - which is not ideal.

  • We can only reference one public group in a single-sharing rule

    • This means we can't set both grade level and school public groups in one setup. If we create a sharing rule for a specific grade level that means it will enable all user under that public group to see records only in their designated level regardless of what school. If we create a sharing rule for a specific school this means all users can see data related to that school regardless of what grade level. We can only choose one or the other, not both.

  • We can only set a maximum of two restriction rules per object.

    • This means that it is not recommended to utilize this feature if a certain organization has more than 2 schools.

  • Restriction only supports one criteria and only supports limited field data types.