System Security

Owned by Former user (Deleted)
Last updated: May 09, 2019 by Nora Kinal


Overview

 This section demonstrates how to add users, change passwords, assign and create roles, and set permissions within the system.

Users
Roles
Permissions

Users

In the User section you can change passwords, attach users, indicate the type of user, and inactivate a user when necessary.
From the Administration and Maintenance tab, select Users. 

Attach User(s)

  1. Click the Attach User(s) button in the ribbon.

    The list of users comes from the Admin Console. A new user must first be added into Admin Console before it is available to attach in Franklin.

  2. Select the Username from the list or use the search function to locate a particular user. Next, click Ok.

  3. School to the bottom of the User Maintenance window to locate the new user and establish User Information. Then, click Save Changes.

    1. Full Name - Enter the user's full name.
    2. Email Address - Enter the user's email address.
    3. Report Menu Config - Use the drop-down arrow to select a report menu configuration (allowing access to certain reports).
    4. Inactive - If a user no longer requires access to the system, place a check mark in the inactive box.
    5. Roles - Place a checkmark in the box to define the user's role.
      1. System Administrator
      2. Normal User
      3. User-Defined Role(s)

Change Password

  1. Select the user from the list and click Change Password.

  2. Enter the New Password and then Confirm Password. Then, click Ok.

    As an Administrator, you have the ability to reset User passwords without entering the old passwords. Non-administrators will need to enter old password before changing.

    Passwords must contain at least one (1) letter and one(1) digit or punctuation and must be at least six (6) characters. e.g. Franklin1

Return to Top

Roles

Roles match the users with Security and Permissions within the system.

  1. From the Administration and Maintenance tab, select Roles.
  2. Create a new role. Then, click Save Changes.
    1. Description - Enter a description of the new role in the blank space with the asterisk * (typically the last row).

    2. Template - The template is used to initially copy existing permissions when the new role is created.  It is also used when permissions are added by future program updates to determine appropriate defaults.

      1. (none) - No future permissions will ever be automatically granted to this role. 

      2. System Administrator - All future permissions will be automatically granted to this role by default.
      3. Normal (recommended) - Future permissions that default to admin-only will not be granted to this role; but future permissions that default to all users will be granted by default.

Return to Top

Permissions

Defines the access and actions available within the system for a specific role.

  1. From the Administration and Maintenance tab, select Permissions.

  2. Establish security levels for each permission and role. Then, click Save Changes.

    Permissions

    Information about each permission is given at the bottom of the window to further explain each in better detail.

    1. Select a permission from the list.

    2. Use the drop-down menu to establish the permission setting for each Role.

      NoneUsers assigned to only one role will not have the ability to perform this function (see below for more details)
      AllowUsers will have the ability to perform this function.
      DenyUsers will not have the ability to perform the function.

      Deny

      If a user has been set to Deny a function and a user attempts to perform the denied task, the option of performing an override MAY be available depending on the nature of the operation. If the user requests an override attempt, an administrator or additional higher level role has the ability to accept or reject the override attempt. For more information on releasing override attempts, refer to Release Override Requests in the Utilities section.

Permission Matrix

If a user is only assigned to one role, the None setting acts the same as the Deny setting. If a second role is assigned to the user and places an Allow setting for a function already set as None, the user will be allowed access. None will always be treated as Deny unless overwritten by an Allow. This allows secondary roles to be created that explicitly Allow or Deny a single function without having to reset every other function.

FunctionRole 1Role 2Results
Add StudentAllowNoneAllow
Delete LettersDenyNoneDeny
Student LookupNoneDenyDeny
Merge StudentsAllowDenyDeny
Review ApplicationNoneNoneDeny
 Applications
  • Application batch maintenance
  • Application batch scanning
  • Audit/review applications
  • Detach processed application
  • Edit application form type
  • Edit rejected applications
  • Lookup not-found auto-match
  • Lookup not-found manual-review
  • MySchoolApps.com integration
  • MySchoolApps.com setup
  • Override locks
  • Paper delivery bag count
  • Paper delivery bag maintenance
  • Paper delivery bag receiving
  • Process-all applications in review
  • Recognize scanned batch
  • Review applications
  • Scan form maintenance
  • Scanning Q/A
  • Scanning Q/A, manual pick batch
  • Skip processing of applications
  • Unrecognize scanned batch
 Comments and Action Logs
  • Edit/delete others' comments
  • Edit/delete own comments
  • Log actions or add comments on students and applications
 Direct Certification
  • Auto-link all DC siblings
  • Edit Direct Certification status
  • Import DC file
  • Run DC match
 General
  • Alert maintenance
  • Change password
  • DataCenter synchronization
  • Export data
  • Export maintenance
  • Import student-data
  • Import student-data maintenance
  • Login to Franklin
  • Release permission override requests
  • Report layout override maintenance
  • Report-menu configurations
  • Scheduled job maintenance
  • Security maintenance
  • Send data to tech
  • Shrink database
  • System setup
  • Test-database maintenance
  • Upgrade application
  • Use prior-year databases
  • Use test databases
  • User-defined report maintenance
  • View alert details
  • View news and announcements
 Household Matching
  • Generate household match list
  • Review-household match - manual pick
  • Review household matches
 Letters
  • Delete letter batch
  • Delete letters
  • Edit letters
  • Manually queue letters
  • Print letters
  • Queue warning letters
  • Reprint letters
  • Requeue letters
  • Review letter batches
 Student Maintenance
  • Add new student
  • Clear grace period
  • Edit special circumstances
  • Edit student
  • Merge students
  • Override prior-year eligibility
  • Override zero-income expiration date
  • Refigure eligibility
  • Set legacy approval
  • Set temporary status override
  • Student lookup
 Supporting Documents
  • Add supporting document images
  • Edit/delete supporting document images
  • Link supporting documents
  • Review supporting document images
 Verification
  • Add/remove students from verification household
  • Confirm verification selections
  • Confirm-all selections in verification sample
  • Edit application in verification
  • Edit verification household
  • Mark verification household as complete
  • Reject eligible households from verification sample
  • Remove application-income row from verification worksheet
  • Remove verification household
  • Verification sample maintenance
  • Verify for cause


Return to Top