There a 3 levels of user access in QSToolbox. Here's a summary of what they can and can't do.
When you add a user to QSToolbox, you can choose which level of access to give them:
There are some subtleties with global vs. local managers, but here we’ll just be talking about global roles.
A QSToolbox site needs to have at least one ‘Manager’ user so that they can add, edit, and delete users. No other users can perfom these tasks.
A site manager also has the permission to manage the site configuration – i.e. to edit choices in the drop down lists, change the “from” email, etc.
Managers have full view, add, edit, and delete rights to all content throughout the site regardless of workflow state.
By default, new users will be a ‘Member’.
Members can add any content.
Members can view all content, except some documents.
Editing rights are limited to things you added.
Here’s more details on permissions for a couple of modules with extra rules:
Document permissions depend on their workflow state: ‘Draft’, ‘Pending’, or ‘Released’
A member can create a new document, page, process map, or audit report. They are then the ‘owner’.
Members can only view ‘Released’ documents (unless they are ‘owner’)
The ‘owner’ of a document can view the document in all workflow states.
The ‘owner’ can edit the document when it is in ‘Draft’ but not while in ‘Pending’.
As ‘owner’, a member can change the workflow state from ‘Draft’ to ‘Pending’ and back again, but members cannot release a document. (Only a ‘manager’ can release a document)
A member can create an issue, and add a response to any existing issue.
A member cannot reassign an issue to a new action officer unless they are already an action officer for the issue.
A member cannot close and verify an issue unless they were the creator of the issue.
The rule where members cannot edit content they did not create, extends to not being able to add training records for a training event they did not create.
This is a reduced access level that can only view ‘Released’ documents.