Customizing user roles

The system uses the concept of User. A user is an object that contains information about one person working in the system. The system can store information about both its own employees and employees of other organizations.

The functionality available to a User is determined by their Role or list of  Roles. The Role determines which forms, fields, and buttons are available.

The User’s card (Admin \\ Access \\ Users) indicates the Main role; if necessary, Additional roles are assigned (Fig. 1.).

Fig. 1. Assigning Employee Roles

Setting access to system elements

The security policy for each Role is configured in the Admin \\ Access \\ Security Policy \\ Roles tab. This is where the makeup of the Roles is determined, using the «Add», «Delete», and «Copy» buttons. When a Role is copied, all rights are copied too. If «default main role» is specified, then when a new employee is saved without a primary role they will be assigned a role from this field.

Fig. 2. Configuring security policy by role

For each Role, you can define some initial rights:

Tabs on the «Security policy»\\ tab «Roles» form:

Fig. 3. Example of configuring access to forms

As a result, when a user logs in with this role, they will be able to access the «Invoice» form but they will not see the «Processing internal orders» form. (fig. 4.)

Fig. 4. Result of setting access to forms

Fig. 5. How to configure access to an individual property

In the window that opens, check «Disable view». in the «Access» section. This means that for all roles, by default, this button in this form will not be visible. And further, by checking permit against certain roles, we enable employees of only these roles to use this button (Fig.7.7.).

Fig. 6. Option for configuring access to an individual property

In the same way, you can organize access to fields and columns on any form. All changes made when configuring access to an individual element of the Form are transmitted to the «Properties» tab on the «Security policy» form.

Fig. 7. Setting an additional security policy

For Forms and Properties for which access rights have not been set (the enable / disable flags are not specified) at the role level, the rights specified in the «Default» are applied (Fig. 8.).

Fig. 8. Setting a default security policy

All changes made on the «Security policy» form are activated after the next user login.