Introduction
In ActivityInfo, user roles determine what actions users can perform and what information they can access within a database. Roles are central to managing security, data quality, collaboration, and accountability across projects and organizations. Even a small change in the user’s role can significantly affect how data is entered, viewed, edited, or managed.
ActivityInfo uses roles to combine permissions and grants that define access to resources such as databases, folders, forms, and reports.
ActivityInfo roles are built around three key concepts:
- Resources: Such as forms, folders, reports, and databases
- Operations: Such as viewing, editing, deleting records, managing users, or editing forms
- Grants which define where those permissions apply within the database structure
Changing a user’s role immediately changes the permissions associated with that user. For example, a user previously assigned a “Data Entry” role may only have permissions to add records, while assigning them an “Administrator” role could allow them to edit forms and manage users. Similarly, reducing permissions can restrict access to sensitive information or prevent users from making changes to records and database structure.
Immediate effects of changing a role
When a user’s role changes, the impact is immediate and can affect several aspects of their work. These include:
Access to records and data
Assignment to a new role may allow a user to:
- View additional records that they had no access to.
- Edit existing records
- Delete records
- Export data
Alternatively, a reduced role may remove these capabilities entirely. This can directly affect ongoing data entry and reporting activities.
Access to forms and folders
Roles can also determine which forms or folders users can access. If permissions are removed from a form, the user may no longer see it in the database navigation. Similarly, a role with added permissions may expose new forms and datasets to the user.
This becomes particularly important in multi-partner projects where different organizations should only access data relevant to their activities.
Ability to manage the database structure
Higher privileged roles may include permissions to:
- Add or edit forms
- Create folders
- Publish reports
- Configure locks
- Manage users and roles
These permissions can significantly alter the structure and data governance of a database. Assigning such permissions to the wrong users may introduce risks to data integrity and security.
Sensitive data access
Sensitive data such as personally identifiable information (PII) is well safeguarded by well-assigned roles and permissions. For example, a medical database may allow clinicians to view a patient’s identity, diagnosis and treatment details while restricting access to other staff members.
If a user’s role changes:
- Previously hidden fields may become visible
- Information that is important for a user to perform their work may become unavailable
- Edit access to specific fields may be redacted or revoked
This capability helps organizations comply with internal data protection policies and reduce unnecessary exposure of confidential information.
Impact on collaboration and workflows
Role changes can affect how teams collaborate within ActivityInfo. For example:
- A reviewer role validates submissions but cannot edit records
- A data entry role may add records but not approve them
- A project administrator may manage users and configure permissions
If roles are modified without proper planning and communication, workflows may break. Users may suddenly lose the ability to complete tasks required in approval or reporting processes.
Well-designed roles help to maintain clear separation of responsibilities and improve accountability across teams.
Offline usage
ActivityInfo supports offline usage, allowing users to enter data and navigate forms without an active internet connection. However, because role changes happen on the server, a change made while a user is offline creates a delayed effect:
- Delayed enforcement: A user will continue to operate under the old role permissions locally on their device until the device is connected to the internet.
- Blocked synchronization: If a user’s role is downgraded on the server to restrict adding or editing of records, any changes made while offline will be blocked from syncing once the device is connected to the internet and will require the administrator to resolve the missing permissions for synchronization to take place successfully.
Inconsistent user experience
Frequent or undocumented changes to roles can confuse users, especially in large organizations with multiple databases and partners. In ActivityInfo, the role assigned determines not only what users can do, but also what they can see within the interface. As a result, changes to a role may suddenly alter the visibility of forms, folders, records, reports, or administrative features.
Conclusion
User roles are one of the most important components of data security and governance in ActivityInfo. A role change does more than alter what a user can see. It can affect data visibility, workflow responsibilities, access to sensitive information, database administration capabilities, and overall collaboration across projects.
Read more about role design best practices to ensure that roles are well designed to support the organization’s data governance policies. Roles should not be static and require regular review and thoughtful application of changes to reduce operational risks while maintaining secure and efficient database management.