Permissions
Permissions define which Users can access which functions in the system and the ways in which those functions can be accessed.
Every single function within Accentis Enterprise can be protected by assigning certain permissions for every User and User Group for that function. The ultimate access rights for a given function and a given user are determined by combining the permissions for the individual user for that function with the permissions for the user’s group for the same function.
Permissions to a function are specified by a set of one or more of the following:
- Read: Records can be viewed
- Add: Records can be added. This also implies Read access
- Edit: Records can be modified. This also implies Read access
- Delete: Records can be deleted. This also implies Read access
- Admin: Special privileges apply. This automatically encompasses all of the above permissions
The special privileges allowed by users with Admin permissions for a particular function are dependent on the function and are documented with each function.
Features
- Every single function can be protected with specific access rights with a simple yet powerful interface
- Permissions for each function can be assigned for a User Group, giving the specified access to all Users in the group
- Permissions for each function can be assigned for individual Users (in addition to permissions defined for that user’s group)
- Permissions for all functions within a function group can be set at once
- A user’s permissions can be modified while they are logged in giving them immediate access as required
- Users and groups with assigned permissions for a function appear in Red to allow easy recognition
Permissions form
Module: System
Category: Permissions
Activation: Main > System > Users > Permissions
Form style: Multiple instance, SODA
Special actions available for users with Administrator permissions:
- None
Database rules:
- None
Field definitions
List of users / groups
This list displays either all available users or user groups currently in Accentis Enterprise, based on the user/group option selected below the list. As you click on each of these items, their details will be displayed to the right of the list.
When you are ready to modify a record, ensure that you have selected it in the list before clicking on the Edit button.
Users that have permissions assigned to them individually will appear in the list in red for easy recognition.
Users & Groups
Reference: Yes/no
This set of options effects the display of the user / group list above it. When either the Users or the Groups option is selected, a single level list is displayed showing either all available users or user groups. When the Users & groups option is selected, the list displays a two-level list. The first level shows all user groups available, while the second level shows all users available as part of their appropriate user groups.
List of functions
This list shows a two-level representation of the functions and function groups available in Accentis Enterprise. Modifying permissions can be achieved by either:
- Selecting a function from the second level of the list and setting permissions for it
- Selecting a function group from the first level of the list and setting permissions for it
If permissions are set for a function group, then the permissions will affect ALL functions within that function group.
As you select an item from the list by clicking on it, the permissions for that function or function group are displayed in the Permissions box at the bottom.
Any functions that have permissions assigned to them for the currently selected user or user group will appear in the list in bold green for easy recognition. Any function groups that have functions will also appear in bold green.
Permissions
Reference: Yes/no
This section allows a combination of access rights to be selected. Five types of permissions are available as follows:
- Administrator: Special privileges apply. This automatically encompasses all the other permissions
- Read: Records can be viewed
- Add: Records can be added. This also implies Read access
- Edit: Records can be modified. This also implies Read access
- Delete: Records can be deleted. This also implies Read access
Three columns of permissions:
- Function: This relates to accessing and using the form.
- Memos / Tasks: This relates to reading, adding etc, any memos or tasks attached to that form
- Documents: This relates to reading, adding etc, any documents attached to that form
Changing a permission check box while a function group is selected will change the permissions for each of the functions within that function group.
Icons displayed in the Permissions section:
|
Active for the Group | Signifies that permission has been granted at the Group level for that function and permission type (Read, Add, etc) i.e. all users within that user group will have that same specific permission. |
|
Active for the User | Signifies that permission has been granted to the User specifically for that function and permission type (Read, Add, etc). This icon will not be present when viewing permissions for the User group, as opposed to individual user. |
|
Partial permissions to a Function group | Signifies that the user (or user group) has permission on some of functions within the viewed function group.
For example, viewing the Accounts receivable Function group. This icon will display (inside the Accounts receivable group) if they have that permission type for Sales orders, but not for Sales invoices. i.e. partial permission for that entire Accounts receivable group. Opening the Function group to see individual functions will display specific permissions. This icon is only relevant when viewing at a Function group level (e.g. Accounts payable, Manufacturing, etc) |
|
Inactive or no permissions | Signifies that the user (or group) has no permission for that function and permission type combination |
The following constraints are placed on the selection of permissions:
- Selecting Add, Edit or Delete permissions will automatically cause the Read permissions to be selected
- Selecting Admin permissions will automatically cause Read, Add, Edit and Delete permissions to be selected
- Deselecting Read permissions will automatically cause Add, Edit and Delete permissions to be deselected
Last edit: 23/03/21