Previous Enhancements
Next Enhancements

September 2022 Enhancements


Legacy Security Tasks Retired

This change is not applicable to Cub Scout and Girl Scout sites, which never had legacy tasks.

Each TroopWebHost user is authorized for one or more User Roles that determine what functions they will be able to access.  Normally, each adult member will be authorized for the "Adult" user role, which provides access to the most commonly needed functions for parents.  Similarly, each scout is authorized for the "Scout" user role, which allows them to use functions appropriate for scouts.

Leaders should be authorized for additional roles that let them access other parts of the system not available to most users.  For example, the treasurer should have the "Treasurer" user role and the advancement chair should have the "Rank Advancement" role.

Your site came with a set of pre-defined user roles, but your site administrator can reconfigure these roles to meet your unit's needs.

User roles are defined by authorizing them for Security Tasks.  Some security tasks are very specific, like "Download Photos", which allows a user to access one function in TroopWebHost, the one that allows you to download photos.  Other security tasks authorize a broader range of activities, such as "Maintain Rank Advancement", which opens the door to all advancement sign-off and reporting functions.

There are a small number of security tasks which were carried over from the original TroopWebHost design, which did not allow for configurable user roles.  The names of these tasks begin with an underscore (e.g., "_Adult") and are authorized for a very broad range of activities.

These "legacy tasks" made it difficult to fine tune security for roles that used them.

This month we retired these legacy tasks and replaced each with a set of more granular tasks.  So, for example, if your site had a "Scout" user role that was authorized for the "_Scout" task, that link has been replaced with links to a collection of tasks - some of which were added as part of this project.

The "_Scout" legacy task has been replaced by the following tasks:

The "_Adult" legacy task has been replaced by the following tasks:

The "_Adult Leader" legacy task has been replaced by the following tasks:

The "_Adult Leader" task had been authorized for some, but not all advancement reports, in a somewhat arbitrary manner.  By including "View Rank Advancement and Reports" these users are now authorized for all advancement reports and the View Advancement query function.

The "_Event Planner" legacy task has been replaced by the following tasks:

The "_Event Planner" task had been authorized for some, but not all event participation reports, again in what seemed to be a somewhat arbitrary manner.  By including "View Event Participation Reports" these users are now authorized for all event participation reports.

The "_Historian" legacy task has been renamed to "Historian", with the same authorizations.

The "_Guest" legacy task has been renamed to "Guest"; it is not authorized for anything.


None of these changes affect the security configuration for the TroopWebHost Mobile App.  The only tasks that affect the mobile app have names that begin with "Mobile App - ".



New Security Tasks

This change is not applicable to Cub Scout and Girl Scout sites, which never had legacy tasks.

In the process of retiring the legacy security tasks, it was necessary to add a number of new security tasks which define smaller areas of functionality within TroopWebHost.  These new tasks are shown below.

New Security TaskWhat It Does
Post To ForumAdd topics and posts to the forum
Update My Scouts Advancement - Add Awards & BadgesAllow parent to update their children's advancement to add awards and badges, but not sign off on any requirements
View Email AddressesAllow the user to see the email addresses of other members when composing an email
View Emergency Contact ReportsAllow the user to produce the emergency contact reports
View Event Participation Reports For One EventAllows the user to produce the participant lists, non-participant list, and undecided list for a selected event
View Medical Form ReportsAllow user to generate reports based on the medical form submission dates
View My AwardsAllows the user to view the awards that they have earned
View My Awards (Scout)Allows a scout to see the awards that they've earned
View My Rank AdvancementAllows a scout to view their Scouts BSA rank advancement
View My ScoutsAllows parents to view their children's scouting information from My Stuff --> My Scouts
View My Scouts AwardsAllow a parent to view the awards earned or in progress for their children
View My Scouts Financial AccountAllow parent to view their children's financial account
View My Scouts Merit BadgesAllow a parent to see their children's merit badge status from the My Stuff --> My Scouts page
View My Scouts Rank AdvancementAllow parent to see their children's status on Scouts BSA rank advancement
View My Scouts Sales OrdersAllows parents to see their scouts sales orders for fundraising campaigns
View My Scouts Sea Scout AdvancementAllow parent to view their children's Sea Scout advancement status
View My Scouts Venturing AdvancementAllow parent to view their children's Venturing advancement status
View My Sea Scout AdvancementAllow a scout to view their Sea Scout advancement detail
View My Training HistoryAllow adult to view their training history
View My Venturing AdvancementAllow a scout to view their Venturing advancement detail
View Swim Test Results ReportAllow the user to generate the Swim Test Results report



Limit Access To Contact Information

This is not applicable to Cub Scout and Girl Scout sites.

Some scouting units do not want everyone to see the contact information for all members of the troop.  Prior to the changes introduced this month, this was difficult to implement.

Now, if you want to prevent the Adult or Scout user roles from accessing the contact information for members (other than their own family), simply remove the authorizations for the following security tasks:

The email composition pages have always displayed the email addresses and SMS addresses of the potential recipients.  This is now contingent upon the user being authorized for the new "View Email Addresses" task (which we have already linked to all user roles that are authorized to send email.)  If they are not authorized for this task - i.e., if you remove this authorization for their user roles - but are still authorized for email, they will only see an indication as to whether each potential recipient has an email address or SMS address; it will also show if either of these are blocked, as shown below:



Remove Unused Buttons From My Scouts

This is not applicable to Cub Scout and Girl Scout sites.

Let's face it - the My Scouts page has gotten a bit busy, with all of the buttons available on each row.

Not all scouting units use all of these features, and this long row of buttons can be a bit overwhelming to the parents who use this page.

You now have the ability to remove unused buttons from this page by de-authorizing the corresponding security task from the following list:

So, for example, if your troop is not using the accounting subsystem (and why aren't you?), you can remove the Balance column and the Account Detail button from this page by going to Administration → Security Configuration → Assign Tasks To Roles and clicking the Assign To Roles button on the "View My Scouts Financial Account" task, then remove all checkmarks from the list of user roles on the next page.

Follow the same approach to remove any of the advancement buttons or the Fundraiser Orders button.



Send Us Your Questions and Suggestions

Send us a ticket from the My Support Tickets page on your site's Help menu.   This is absolutely the best way to communicate with us!

Or simply contact us at CustomerSupport@TroopWebHost.com.  If you do, please include your troop number and city in your message so we can identify your site.