WoPora
Request access
Settings & Configuration

Settings & Configuration

Complete guide to system settings, user management, security configuration, and administrative features in Timesheet.

Settings & Configuration

Timesheet provides comprehensive administrative settings for system configuration, user management, security controls, and operational preferences. This guide covers all administrative features available to system administrators.

Overview

The settings system includes:

  • System Settings - Core application configuration and preferences
  • User Management - User accounts, roles, and permissions
  • Security Settings - Authentication, access control, and audit logging
  • Integration Settings - External service configuration and API settings
  • Notification Settings - Email templates and notification preferences
  • Backup & Maintenance - Data backup, cleanup, and system maintenance

Key Features

Centralized Configuration

  • Single interface for all system settings
  • Environment-specific configurations
  • Real-time setting updates without restart
  • Configuration validation and error checking

Role-Based Administration

  • Granular permission controls
  • Delegated administration capabilities
  • Audit trails for all administrative actions
  • Multi-level approval workflows

Security Management

  • Comprehensive security controls
  • Password policies and enforcement
  • Session management and timeout controls
  • IP restrictions and access logging

System Monitoring

  • Real-time system health monitoring
  • Performance metrics and analytics
  • Error logging and alerting
  • Automated maintenance tasks

System Settings

General Configuration

Company Information

Configure basic company details displayed throughout the system:

SettingDescriptionExample
companyNameCompany name displayed in headers"Acme Corporation Pty Ltd"
companyLogoLogo URL for branding"/assets/logo.png"
contactEmailPrimary contact email"support@company.com"
contactPhonePrimary contact phone"+61 3 9000 0000"
addressCompany address"123 Collins St, Melbourne VIC 3000"
abnAustralian Business Number"12 345 678 901"

Date and Time Settings

Configure date/time formats and timezone:

SettingDescriptionOptions
timezoneSystem timezoneAustralia/Melbourne, Australia/Sydney
dateFormatDate display formatDD-MM-YYYY, MM/DD/YYYY, YYYY-MM-DD
timeFormatTime display format12-hour, 24-hour
weekStartDayFirst day of weekSunday, Monday
fiscalYearStartFiscal year start monthJanuary, July

Regional Settings

Configure regional preferences for Australian compliance:

SettingDescriptionDefault
currencyDefault currencyAUD
currencySymbolCurrency symbol$
decimalPlacesCurrency decimal places2
numberFormatNumber formatting1,234.56
publicHolidaysPublic holiday calendarAustralian national + state

Application Preferences

User Interface Settings

SettingDescriptionOptions
defaultThemeDefault UI themelight, dark, auto
enableDarkModeAllow dark mode toggletrue, false
defaultLanguageSystem languageen-AU, en-US
showEmployeePhotosDisplay employee photostrue, false
enableAnimationsUI animationstrue, false

Dashboard Configuration

SettingDescriptionDefault
defaultDashboardViewDefault timesheet viewweek
dashboardRefreshIntervalAuto-refresh interval (seconds)300
showQuickStatsDisplay quick statisticstrue
enableRealTimeUpdatesReal-time data updatestrue

Feature Toggles

Control which features are available:

FeatureDescriptionDefault
enableFaceDetectionFace detection for clock-intrue
enableGeofencingLocation-based restrictionstrue
enableOfflineModeOffline functionalitytrue
enableShiftSwapsEmployee shift swappingtrue
enableLeaveRequestsLeave request systemtrue
enableAnalyticsAnalytics and reportingtrue

Time Tracking Settings

Clock Interface Configuration

SettingDescriptionDefault
clockIdleTimeoutAuto-logout timeout (seconds)30
enablePhotoCaptureRequire photos for clock-intrue
photoQualityPhoto compression quality0.85
faceDetectionConfidenceFace detection threshold0.65
minFaceSizeMinimum face size ratio0.18

Geofencing Configuration

SettingDescriptionDefault
defaultGeofenceRadiusDefault radius (metres)100
defaultGeofenceModeDefault enforcement modesoft
enableGpsTrackingGPS location trackingtrue
locationAccuracyThresholdGPS accuracy requirement (metres)50

Break Rules Configuration

SettingDescriptionDefault
autoApplyBreakRulesAutomatically apply break rulestrue
breakReminderEnabledSend break reminderstrue
breakReminderThresholdReminder threshold (hours)4.5
unpaidBreakDeductionAuto-deduct unpaid breakstrue

User Management

User Roles and Permissions

System Roles

RoleDescriptionPermissions
super_adminSystem administratorFull system access
adminCompany administratorAll company data access
managerDepartment managerAssigned location/role access
supervisorTeam supervisorTeam member access only
userRegular employeeOwn data access only

Permission Categories

  • Employee Management - Create, edit, delete employees
  • Timesheet Management - View, edit timesheet data
  • Roster Management - Create, edit rosters and schedules
  • Award Management - Configure awards and pay rules
  • Device Management - Register and manage devices
  • System Settings - Access system configuration
  • Reporting - Generate and export reports
  • User Management - Manage user accounts

User Account Management

Creating User Accounts

POST /api/users
Content-Type: application/json

{
  "name": "Jane Manager",
  "email": "jane.manager@company.com",
  "role": "manager",
  "location": ["Head Office", "Warehouse"],
  "managedRoles": ["Casual Employee", "Part-time Employee"],
  "isActive": true,
  "requirePasswordChange": true
}

User Profile Fields

FieldTypeDescription
nameStringFull name
emailStringEmail address (unique)
roleStringSystem role
locationArrayAccessible locations
managedRolesArrayRoles user can manage
isActiveBooleanAccount status
lastLoginDateLast login timestamp
passwordChangedAtDateLast password change

Password Policies

Configure password requirements:

SettingDescriptionDefault
minPasswordLengthMinimum password length8
requireUppercaseRequire uppercase letterstrue
requireLowercaseRequire lowercase letterstrue
requireNumbersRequire numberstrue
requireSpecialCharsRequire special characterstrue
passwordExpiryPassword expiry (days)90
preventReusePrevent password reuse count5

Access Control

Location-Based Access

Users can be restricted to specific locations:

  • View employees at assigned locations only
  • Create timesheets for assigned locations
  • Generate reports for accessible locations
  • Manage devices at assigned locations

Role-Based Management

Managers can be assigned specific roles to manage:

  • Create/edit employees with managed roles
  • View timesheets for managed role employees
  • Assign managed roles to employees
  • Generate reports for managed roles

Time-Based Access

Configure access time restrictions:

  • Business hours only access
  • Weekend access restrictions
  • Holiday access controls
  • Emergency access procedures

Security Settings

Authentication Configuration

Session Management

SettingDescriptionDefault
sessionTimeoutSession timeout (minutes)480
sessionExtendOnActivityExtend session on activitytrue
maxConcurrentSessionsMax sessions per user3
forceLogoutOnPasswordChangeForce logout on password changetrue

Login Security

SettingDescriptionDefault
maxLoginAttemptsMax failed login attempts5
lockoutDurationAccount lockout duration (minutes)30
enableTwoFactorTwo-factor authenticationfalse
requireStrongPasswordsEnforce password policytrue

IP Restrictions

Configure IP-based access controls:

  • Whitelist specific IP addresses
  • Block suspicious IP addresses
  • Geo-location restrictions
  • VPN detection and blocking

Audit Logging

Audit Events

The system logs all significant events:

  • User login/logout activities
  • Employee data modifications
  • Timesheet entries and edits
  • System setting changes
  • Security events and violations

Log Configuration

SettingDescriptionDefault
enableAuditLoggingEnable audit loggingtrue
logRetentionDaysLog retention period (days)2555 (7 years)
logLevelLogging detail levelinfo
enableRealTimeAlertsReal-time security alertstrue

Compliance Reporting

Generate compliance reports for:

  • Fair Work audit requirements
  • Privacy Act compliance
  • Security incident reporting
  • Data access auditing

Data Protection

Privacy Settings

SettingDescriptionDefault
enableDataEncryptionEncrypt sensitive datatrue
anonymizeOldDataAnonymize old employee datafalse
dataRetentionYearsData retention period7
enableRightToErasureSupport data deletion requeststrue

Backup Configuration

SettingDescriptionDefault
enableAutoBackupAutomatic database backupstrue
backupFrequencyBackup frequencydaily
backupRetentionBackup retention (days)90
encryptBackupsEncrypt backup filestrue

Integration Settings

External Services

Cloudinary Configuration

Image storage and management:

SettingDescriptionRequired
cloudinaryCloudNameCloudinary cloud nameYes
cloudinaryApiKeyAPI keyYes
cloudinaryApiSecretAPI secretYes
uploadPresetUpload preset nameNo
imageQualityDefault image qualityNo

Email Configuration (SMTP)

Email notifications and communications:

SettingDescriptionRequired
smtpHostSMTP server hostnameYes
smtpPortSMTP server portYes
smtpUserSMTP usernameYes
smtpPasswordSMTP passwordYes
smtpSecureUse SSL/TLSNo
emailFromAddressFrom email addressYes
emailFromNameFrom display nameNo

API Configuration

Rate Limiting

SettingDescriptionDefault
apiRateLimitRequests per minute100
apiRateLimitWindowRate limit window (seconds)60
enableApiThrottlingEnable request throttlingtrue
maxRequestSizeMaximum request size (MB)10

API Security

SettingDescriptionDefault
enableApiAuthenticationRequire API authenticationtrue
apiKeyExpiryAPI key expiry (days)365
enableCorsEnable CORStrue
allowedOriginsAllowed CORS origins*

Notification Settings

Email Templates

Template Configuration

Customize email templates for various notifications:

  • Employee onboarding emails
  • Password reset notifications
  • Timesheet approval requests
  • System alert notifications
  • Roster change notifications

Template Variables

Available variables for email templates:

  • {{employeeName}} - Employee full name
  • {{companyName}} - Company name
  • {{date}} - Current date
  • {{time}} - Current time
  • {{rosterId}} - Roster ID
  • {{shiftDate}} - Shift date
  • {{location}} - Location name

Notification Preferences

System Notifications

Notification TypeDescriptionDefault
lateArrivalAlertsLate arrival notificationstrue
overtimeAlertsOvertime threshold alertstrue
missedBreakAlertsMissed break notificationstrue
deviceOfflineAlertsDevice offline notificationstrue
systemErrorAlertsSystem error notificationstrue

Recipient Configuration

SettingDescriptionDefault
adminNotificationEmailAdmin notification emailadmin@company.com
systemNotificationEmailSystem notification emailsystem@company.com
enableEmployeeNotificationsSend notifications to employeestrue
enableManagerNotificationsSend notifications to managerstrue

API Endpoints

System Settings

Get Settings

GET /api/settings?category=general

Query Parameters:

  • category - Settings category (general, security, notifications)

Response:

{
  "settings": {
    "companyName": "Acme Corporation Pty Ltd",
    "timezone": "Australia/Melbourne",
    "dateFormat": "DD-MM-YYYY",
    "enableFaceDetection": true,
    "defaultGeofenceRadius": 100
  }
}

Update Settings

PATCH /api/settings
Content-Type: application/json

{
  "companyName": "Updated Company Name",
  "enableFaceDetection": false,
  "defaultGeofenceRadius": 150
}

User Management

List Users

GET /api/users?role=manager&isActive=true

Create User

POST /api/users
Content-Type: application/json

{
  "name": "New Manager",
  "email": "manager@company.com",
  "role": "manager",
  "location": ["Head Office"],
  "managedRoles": ["Casual Employee"]
}

Update User Permissions

PATCH /api/users/{userId}/permissions
Content-Type: application/json

{
  "location": ["Head Office", "Warehouse"],
  "managedRoles": ["Casual Employee", "Part-time Employee"]
}

Security Management

Get Audit Logs

GET /api/audit-logs?startDate=2024-01-01&endDate=2024-01-31&eventType=login

Security Report

GET /api/security/report?period=monthly

Best Practices

System Configuration

  • Regular Reviews - Review settings quarterly
  • Documentation - Document all configuration changes
  • Testing - Test settings in development environment first
  • Backup - Backup configuration before major changes

User Management

  • Principle of Least Privilege - Grant minimum required permissions
  • Regular Audits - Review user access regularly
  • Offboarding Process - Disable accounts promptly when employees leave
  • Training - Provide training on system usage and security

Security Management

  • Strong Passwords - Enforce strong password policies
  • Regular Updates - Keep system and dependencies updated
  • Monitoring - Monitor for suspicious activities
  • Incident Response - Have incident response procedures

Performance Optimization

  • Regular Maintenance - Perform regular database maintenance
  • Monitor Performance - Track system performance metrics
  • Capacity Planning - Plan for growth and scaling
  • Optimization - Optimize queries and processes

Troubleshooting

Common Issues

Settings Not Saving

  • Check user permissions for settings management
  • Verify setting validation requirements
  • Check for conflicting settings
  • Review error logs for validation failures

User Access Issues

  • Verify user role and permissions
  • Check location and role assignments
  • Confirm account is active
  • Review IP restrictions and access controls

Email Notifications Not Working

  • Verify SMTP configuration
  • Check email template configuration
  • Test email connectivity
  • Review spam/junk folders

Performance Issues

  • Check database performance
  • Review system resource usage
  • Optimize slow queries
  • Consider scaling options

Diagnostic Tools

System Health Check

GET /api/system/health

Configuration Validation

POST /api/system/validate-config

Performance Metrics

GET /api/system/metrics

Next Steps

Device Management

Complete guide to managing kiosk devices, activation codes, and device-based time tracking in Timesheet.

On this page

Settings & ConfigurationOverviewKey FeaturesCentralized ConfigurationRole-Based AdministrationSecurity ManagementSystem MonitoringSystem SettingsGeneral ConfigurationCompany InformationDate and Time SettingsRegional SettingsApplication PreferencesUser Interface SettingsDashboard ConfigurationFeature TogglesTime Tracking SettingsClock Interface ConfigurationGeofencing ConfigurationBreak Rules ConfigurationUser ManagementUser Roles and PermissionsSystem RolesPermission CategoriesUser Account ManagementCreating User AccountsUser Profile FieldsPassword PoliciesAccess ControlLocation-Based AccessRole-Based ManagementTime-Based AccessSecurity SettingsAuthentication ConfigurationSession ManagementLogin SecurityIP RestrictionsAudit LoggingAudit EventsLog ConfigurationCompliance ReportingData ProtectionPrivacy SettingsBackup ConfigurationIntegration SettingsExternal ServicesCloudinary ConfigurationEmail Configuration (SMTP)API ConfigurationRate LimitingAPI SecurityNotification SettingsEmail TemplatesTemplate ConfigurationTemplate VariablesNotification PreferencesSystem NotificationsRecipient ConfigurationAPI EndpointsSystem SettingsGet SettingsUpdate SettingsUser ManagementList UsersCreate UserUpdate User PermissionsSecurity ManagementGet Audit LogsSecurity ReportBest PracticesSystem ConfigurationUser ManagementSecurity ManagementPerformance OptimizationTroubleshootingCommon IssuesSettings Not SavingUser Access IssuesEmail Notifications Not WorkingPerformance IssuesDiagnostic ToolsSystem Health CheckConfiguration ValidationPerformance MetricsNext Steps