Access to data cleanup

Users can gain access to F2 Data Cleanup in two ways: through a standard role and through a privilege. The organisation’s structure and internal policies regarding cleanup and deletion determine how these should be assigned. The two types of access are as follows:

  • The “Access to data cleanup” standard role grants rights to view and delete all records and cases in the F2 installation that match a cleanup search regardless of the user’s regular access to the cases and their records. This includes cases and records otherwise protected from deletion due to their registration status or similar.

  • The “Limited access to data cleanup” privilege grants the rights to manage and delete records and cases to which the user already has write access. This excludes cases with registered records or other regular protections against deletion. Users with the privilege will be able to view but not delete cases to which they have read access.

Users across the installation with either the “Access to data cleanup” standard role or the “Limited access to data cleanup” privilege have access to the same cleanup searches. However, the searches will yield different results, i.e. different cleanup lists, for users with the role and for each user with the privilege. This is because the result lists for users with the privilege are determined by record access levels, access restrictions, and similar metadata. Only users with either the standard role or the privilege can view the installation’s cleanup searches.

The graph below illustrates the two types of access. This may create an overlap between the cases different users have the rights to clean up, and their cleanup work may affect one another.

image2
Figure 1. How cleanup list vary between users

The role is assigned by a user with the “User administrator” privilege, and the privilege by a user with the “Privilege administrator” privilege.