Overview
The user levels are controlled by us and are fixed. They cannot be changed by the user as they control discrete items within the system. I believe we only have three at the moment. One to control whether the user is a system administrator and another to control what they can do with reports and another to control how they change their own settings.
The other 20 (this may be increased) or so are system definable levels they can be named to whatever you like.
Let’s take an example;
Click on ‘Modify Areas’ and change
Area 1 - Sales
Area 2 - Purchasing
Area 3 - Manufacturing
Area 4 - Customers
Area 5 - Suppliers
You can then create a new security profile and assign the required levels to these areas.
For instance;
Profile ‘SalesGuy’ may get Modify for Area 1 and Full for Area 4
Profile ‘PurchaseGuy’ may get Modify for Area 2 and Area 5
Profile ‘CustomerGuy’ may get Admin Area 4
A user can then be set up, and this is where it really differs from 6, with one or many security profiles. When that users security setting is being evaluated the highest level for an area is taken. For example; If a user had all three security profiles set as specified above they would have Area 1 : Modify, Area 2 : Modify, Area 5 : Modify and Area 4 :Admin
In the ‘Programs’ utility you can then use the security tab to define what Area a program falls under. When a program is run this Area is used in conjunction with the users security level at that area to evaluate what they are able to use within the program.
The security areas are set out like this.
Where the SecurityLevel ranges from 0-5 with the following levels of access:
SecurityLevel | Access allowed | Function parameter |
0 | No access | None |
1 | View only | View |
2 | View and amend | Amend |
3 | View, amend & add | Add |
4 | Full user access | FullUser |
5 | Full administrator access | FullAdministrator |
The access name is indicative of its role but the way the access is used varies from program to program and can be overridden by process events and even assigned down to field level. So you may set a field to have an access level of Add which means only users with that level in the program will be able to modify it. Generally if you have access None you will not be able to launch that program and if you have Admin you are able to do pretty much anything within that program, modify layout etc. This is not the same as a system administrator who can assign roles, users, process events etc.