Open topic with navigation

Maintaining Roles

• Users inherit their security privileges and permits from the Role they are assigned to.

Menu

Mandatory Prerequisites

There are no Mandatory Prerequisites related to creating a Role.

Screenshot and Field Descriptions: Role

Role: this is the primary identifier for the Role.

 

Name: this is the friendly name given to the Role. Examples might be “Read-Only Users”, or “Lease Managers”.

 

Password Period: this is the number of days for which the password remains valid for Users allocated to this Role. This forces the User to change their password, ensuring that they do not continue to use the same password indefinitely.

 

Log-On Attempts: this is the number of failed log-on attempts allowed for Users allocated to this Role before an automatic Stop is applied to their account.

 

Time-Out: this is the length of time that a User allocated to this Role can leave the Device inactive before they will be automatically logged off.

 

Shut Down: this is the length of time after a User has been automatically logged off, due to inactivity, before the whole application shuts down.

 

Flags: these are used to define how Users can access the system.

Allow Administration Privileges: tick to give members of this Role access to elevated privileges that aren’t normally available to a User. These are:

1. Viewing the password and password expiry date fields on the User screen.
2. Maintaining Code Fragments.
3. Being able to forcibly change the checked-out status of Documents.
4. Maintaining and running Queries that can change data in the database.
5. Being able to save a Grid Display Layout as a shared layout.
6. Being able to delete shared Grid Display Layouts.
7. Being able to delete a Bank Reconciliation record.
8. Being able to edit transactions that have been interfaced with other systems.

 

Allow Transactional Maintenance After Posting: tick to give members of this Role authority to change transactions after they have been entered.

 

Allow Archiving: tick to give members of this Role the ability to archive records.

 

Bypass Permits:

• Bypass User Permits: tick to allow members of this Role access to any Division, without having to explicitly grant them access to the individual Divisions through the User Permit function.

• Bypass Application Permits - View: tick to allow members of this Role access to Applications (in View mode) without having to explicitly grant them access to the individual applications through the Application Permit function. If any User does not have access rights to a particular application, this will permit them to view the application, but NOT to maintain (Add / Change / Delete) the data.

• Bypass Application Permits - Maintenance: tick to allow members of this Role access to Applications (in Maintenance mode) without having to explicitly grant them access to the individual applications through the Application Permit function.

How Do I : Search For and Maintain Entities

These General Rules are described in the Fundamentals Manual: How Do I : Search For and Maintain Entities

How Do I : Add a new Role

1. At the Role field, enter a new Role ID.
2. At the Name field, enter a friendly name for the Role.
3. At the Password Period field, enter the number days the User's Password is valid before expiry.
4. At the Log-On Attempts field, enter the number of tries a User can attempt a valid Password for logging on before being permanently rejected.
5. At the Time-Out field, enter the number of minutes a User can leave the system untouched before being automatically logged off.
6. At the Shut Down field, enter the number of minutes before the system shuts down after a User has been automatically logged off due to inactivity.
7. At the Flags check boxes, optionally select the Allow and Bypass permits.
8. Click the Application tool-bar push button: Add.
9. Confirm that you wish to add the new record.

How Do I : Modify an existing Role

1. At the Role field, locate the Role ID.
2. At the Name field, enter a friendly name for the Role.
3. At the Password Period field, enter the number days the User's Password is valid before expiry.
4. At the Log-On Attempts field, enter the number of tries a User can attempt a valid Password for logging on before being permanently rejected.
5. At the Time-Out field, enter the number of minutes an User can leave system untouched before being automatically logged off.
6. At the Shut Down field, enter the number of minutes before the system shuts down after a User has been automatically logged off due to inactivity.
7. At the Flags check boxes, optionally select the Allow and Bypass permits.
8. Click the Application tool-bar push button: Change.
9. Confirm that you wish to change the record.

How Do I : Delete an existing Role

1. At the Role field, locate the Role ID.
2. Click the Application tool-bar push button: Delete.
3. Confirm that you wish to delete the record.

Note: A Role record can only be deleted if there are no other records associated with it.  An example of an associated record would be a User belonging to this Role.

Related Topics

Roles are associated with the following Topics:

• Application Permit - Maintaining Application Permits
• Query Permit - Maintaining Query Permits
• Report and Interface Items Permit - Maintaining Report and Interface Items Permits
• User - Maintaining Users
• User Permit - Maintaining User Permits