Newer Version Available
Required Permissions for the Hiring Manager
Our next set of required permissions is more challenging. Ben Stuart,
our hiring manager, needs to be able to access the recruiting records
related to his open positions, but he shouldn't be mucking around
with other recruiting records (unless they're owned by other hiring
managers who report to him). Also, there are certain sensitive fields
that he has no need to see, like the social security number field.
Let's go object by object to really drill down on what Ben does and
doesn't need to access in order to perform his job.
- Position
- First of all, Ben likes to post his own positions so that he can publicize them as fast as possible, but in our app, Mario the recruiter ultimately needs to take ownership of the record to make sure the position gets filled. As a result, Ben needs the ability to create positions, but then we'll need to find a mechanism to make sure that they ultimately get transferred to Mario for ownership. (Hint: as you'll see in Automating Business Processes, we'll tackle that problem with a workflow rule that transfers position ownership to a recruiter when a new position is created by a hiring manager. For now just assume that this already works.)
- Ben should also be able to update and view all fields for positions for which he's the hiring manager, but he should only be able to view other managers' positions.
- Candidate
- Ben sometimes wants to poach a prime candidate who's applying for a position under another manager, but this is a practice that Universal Containers frowns upon. As a result, Ben should only be able to view those candidates who have applied for a position on which he's the hiring manager. Also, since Ben has no reason to see a candidate's social security number, this field should be restricted from his view.
- Job Application
- As the hiring manager, Ben needs to be able to update the status of those job applications to specify which candidates should be selected or rejected. However, he should not be able to change the candidate listed on the job application, nor the position to which the candidate is applying, so we'll have to find a way of preventing Ben from updating the lookup fields on job applications.
- Review
- To make a decision about the candidates who are applying, Ben needs to see the reviews posted by the interviewers, as well as make comments on them if he thinks the interviewer was being too biased in his or her review. Likewise, Ben needs to be able to create reviews so that he can remember his own impressions of the candidates he interviews.
- Job Posting
- Ben wants to make sure his harder-to-fill positions are visible to the most talented people in the field. The most efficient way to do this is by posting open positions on various employment websites. Given that employment websites have different types of users with varying skill sets, we should give Ben the power to unilaterally create job postings on employment websites, since Ben is the best person to ascertain which skill sets are necessary for his open positions.
- Employment Website
- If Ben had his way, he would usurp all of the company's budget for posting his open positions on employment websites; therefore, Ben shouldn't be allowed to modify employment website records, as that would let him redefine the company's budget for posting jobs and could lead to an accounting fiasco. Still, we need to make sure that Ben can view employment website records to get an idea of the employment websites with which Universal Containers has accounts, and how much of the budget for that employment website is available.
Here's a summary of the required permissions we need to implement
for a hiring manager:
* Only for those records that are associated with a position to which the hiring manager has been assigned
