Baan Tools User Management

Similar documents
Baan Finance Financial Statements

BAAN IVc/BaanERP. Conversion Guide Oracle7 to Oracle8

Web OS Switch Software

BEA WebLogic Process Integrator

BAAN IV. BAAN IV Installation Manual for DB2 on Windows NT

1 Enterprise Modeler

MOTIF XF Extension Owner s Manual

Customer Portal Quick Reference User Guide

Avid Interplay Bundle

BaanERP. DB2 Installation Guide for BaanERP on Windows NT

BaanERP. Installation Guide for BaanERP on AS/400

Security of Bluetooth: An overview of Bluetooth Security

CSC 220: Computer Organization Unit 11 Basic Computer Organization and Design

Chapter 1. Introduction to Computers and C++ Programming. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

Getting Started. Getting Started - 1

One advantage that SONAR has over any other music-sequencing product I ve worked

Global Support Guide. Verizon WIreless. For the BlackBerry 8830 World Edition Smartphone and the Motorola Z6c

BEA elink Business Process Option Server Installation Guide

Workflow Extensions User Guide. StarTeam 12.0

System and Software Architecture Description (SSAD)

Using the Keyboard. Using the Wireless Keyboard. > Using the Keyboard

BEA Tuxedo. Using the BEA Tuxedo System on Windows NT

GE FUNDAMENTALS OF COMPUTING AND PROGRAMMING UNIT III

BAAN IVb/c. Structure, master data, and configuration of BEMIS

Task scenarios Outline. Scenarios in Knowledge Extraction. Proposed Framework for Scenario to Design Diagram Transformation

n Learn how resiliency strategies reduce risk n Discover automation strategies to reduce risk

BaanERP Tools. Programming features

BEA WebLogic Enterprise. Using the WebLogic EJB Deployer

BEA WebLogic XML/Non-XML Translator

BEA Tuxedo. Using the BEA Tuxedo Workstation Component

3.1 Overview of MySQL Programs. These programs are discussed further in Chapter 4, Database Administration. Client programs that access the server:

Oracle Server. What s New in this Release? Release Notes

Princeton Instruments Reference Manual

Configuring Rational Suite

TargetLink. Installation Notes. MATLAB R14SP3 Compatibility Update for TargetLink 2.1

Data Warehousing. Paper

Schema for the DCE Security Registry Server

Oracle Balanced Scorecard

BEA WebLogic Server. Installing and Setting up WebLogic Server 5.1

BEA WebLogic Commerce Server. Registration and User Processing Package

Guide to Applying Online

Python Programming: An Introduction to Computer Science

L5355 Modbus Plus Communications Interface

ICS Regent. Communications Modules. Module Operation. RS-232, RS-422 and RS-485 (T3150A) PD-6002

BaanERP. Oracle Installation Guide for BaanERP on UNIX

Τεχνολογία Λογισμικού

Python Programming: An Introduction to Computer Science

Weston Anniversary Fund

Elementary Educational Computer

Avid Unity Media Engine and Avid MEDIArray XT

Sharing Collections. Share a Collection via . Share a Collection via Google Classroom. Quick Reference Guide

BEA Tuxedo. Creating CORBA Client Applications

User s Guide. OMEGAMON XE for Oracle. Version 300 GC April 2002

Avid DS Nitris. Installation and Administration Guide. Version 7.0. Avid make manage move media

Parabolic Path to a Best Best-Fit Line:

Application Notes for Configuring Dasan Electron Headsets from JPL Europe with Avaya 9600 Series IP Deskphones using a DA-30 Cord Issue 1.

Architectural styles for software systems The client-server style

Avid recommends that you read all the information in this ReadMe file thoroughly before installing or using any new software release.

Interactive PMCube Explorer

JavaFX. JavaFX 2.2 Installation Guide Release 2.2 E August 2012 Installation instructions by operating system for JavaFX 2.

Copyright 1999, Lucent Technologies All Rights Reserved Printed in U.S.A.

TUTORIAL Create Playlist Helen Doron Course

Human-Computer Interaction IS4300

User Guide. Using Caliber Datamart

Custodial Integrator Automation Guide

Transitioning to BGP

BEA WebLogic XML/Non-XML Translator

Adapter for Mainframe

Code Review Defects. Authors: Mika V. Mäntylä and Casper Lassenius Original version: 4 Sep, 2007 Made available online: 24 April, 2013

USB TO PARALLEL USB to DB25 Parallel Adapter Cable

Panel for Adobe Premiere Pro CC Partner Solution

n Explore virtualization concepts n Become familiar with cloud concepts

Service Oriented Enterprise Architecture and Service Oriented Enterprise

In this chapter, you learn the concepts and terminology of databases and

Descriptive Statistics Summary Lists

Installing the BEA WebLogic Commerce Servers. including the Personalization Server and Commerce Server Components

LifeBook P Series Notebook BIOS BIOS SETUP UTILITY

Humans are visual creatures, so it isn t surprising that we want to

Oracle Process Manufacturing

Avid DS Nitris. Installation and Administration Guide. Version 7.5. Avid make manage move media

Chapter 4 Threads. Operating Systems: Internals and Design Principles. Ninth Edition By William Stallings

Network Time Protocol (NTP)

Fujitsu LifeBook P Series

User s Guide. OMEGAMON XE for WebSphere MQ Integrator. Version 110 GC July 2002

Computers and Scientific Thinking

Using VTR Emulation on Avid Systems

Outline n Introduction n Background o Distributed DBMS Architecture

Guide for Online Renewal

% Sun Logo for. X3T10/95-229, Revision 0. April 18, 1998

Network Time Protocol (NTP)

Chapter 10. Defining Classes. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

Operating manual for message text display reporter 690

PowerView. Model AP9215. User s Manual

BEA Tuxedo. Creating CORBA Server Applications

HP Media Center PC Getting Started Guide

BODiBEAT Station. Owner s Manual. Contents

IXS-6600-C IXS-6700-C

BEA WebLogic Portal. JSP Commerce and Campaign Tour

Chapter 11. Friends, Overloaded Operators, and Arrays in Classes. Copyright 2014 Pearson Addison-Wesley. All rights reserved.

BE Software Upgrades to ITALYCS 5. It s in the. Software

Transcription:

Baa Tools User Maagemet Module Procedure UP008A US

Documetiformatio Documet Documet code : UP008A US Documet group : User Documetatio Documet title : User Maagemet Applicatio/Package : Baa Tools Editio : A Date : August 1998 Copyright 1998 Baa Developmet B.V. All rights reserved The iformatio i this documet is subject to chage without otice. No part of this documet may be reproduced, stored or trasmitted i ay form or by ay meas, electroic or mechaical, for ay purpose, without the express writte permissio of Baa Developmet B.V. Baa Developmet B.V. assumes o liability for ay damages icurred, directly or idirectly, from ay errors, omissios or discrepacies betwee the software ad the iformatio cotaied i this documet. User Maagemet

Table of cotets 1. The User Maagemet module i BaaERP 1-1 1.1 User Maagemet as applied i BaaERP 1-1 1.2 User Maagemet s fuctioal procedures 1-1 1.3 The modules related to User Maagemet 1-3 2. Creatig BaaERP users 2-1 2.1 Defiig additioal user settigs 2-4 2.2 The sessios that are related to the mai procedure 2-5 3. Defiig the ormal user s authorizatios with the AMS busiess object 3-1 3.1 Defiig user roles ad subroles 3-1 3.2 Defiig authorizatios per role ad subrole 3-2 3.3 Coectig the BaaERP user to a role 3-11 3.4 Covert the user file to the rutime datadictioary 3-12 4. Usig templates i AMS 4-1 4.1 Defiig Templates that cotai data for a group of users 4-1 4.2 Covert the templates to the ru-time data dictioary 4-5 4.3 Coectig the BaaERP user to a template 4-5 5. Usig the Role Browser 5-1 User Maagemet i

User Maagemet ii

About this documet Read this documet to get a overview of the User Maagemet module s fuctioality ad to lear more about the fuctioal procedures that are related to user maagemet. You eed o detailed kowledge of the BaaERP software to read this documet. However, you are more likely to uderstad the cotets if you are familiar with the overall structure of packages, modules, ad sessios withi the BaaERP software. For detailed descriptios of the module s sessios, refer to BaaERP s comprehesive olie Help. To use this documet Read Chapter 1, The User Maagemet module i BaaERP, if you wat to kow more about: The module s fuctioality The relatioship of the module with other modules The fuctioality of the module s busiess objects Read Chapter 2, Creatig BaaERP users, if you wat to kow more about: How to create BaaERP users The results of the procedure The sessios i the procedure How to defie additioal user settigs How to defie default user settigs Read Chapter 3, Defiig the ormal user s authorizatios with the Authorizatio Maagemet System (AMS) busiess object, if you wat to kow more about: How to defie the user s roles ad subroles How to defie the authorizatios by role for a ormal user How to covert the roles ad authorizatios to the ru-time data dictioary Read Chapter 4, Usig templates i the Authorizatio Maagemet System (AMS) busiess object, if you wat to kow more about: How to defie templates that cotai relevat data for a group of users How to covert the templates to the ru time data dictioary How to coect the BaaERP user to a template Read Chapter 5, Usig the role browser, if you wat to kow how you ca use a graphical user iterface to view the user s roles. User Maagemet 1

Acroyms ad defiitios used i this documet AMS Authorizatios COM DBA DDE DLL OCX OLE ORB Role Template VRC Authorizatio Maagemet System A set of permissios that limit the access to various objects i BaaERP. For example, sessios, tables, ad compaies. Compoet Object Model. A specificatio developed by Microsoft for buildig software compoets that ca be assembled ito programs or add fuctioality to existig programs that ru o Microsoft Widows platforms. Database Admiistrator Dyamic Data Exchage. A commuicatio method which allows two or more programs that are ruig simultaeously to exchage data ad commads. Dyamically Liked Library. A meas of sharig fuctios betwee several programs that are ruig at the same time. This library cotais fuctios for commo use. The library ca be liked to the object at fuctio call, ad at ru-time. Implemetatio of a DLL reduces the size of objects to a miimum because the stadard program is o loger merged with each program script. Short for OLE custom cotrol. A software module that is based o OLE ad COM techologies ad that, whe called by a applicatio, produces a cotrol that adds some desired feature to the applicatio. Object Likig ad Embeddig. A techology for trasferrig ad sharig iformatio amog applicatios. Object Request Broker. I cliet/server applicatios, a iterface to which the cliet makes a request for a object. The ORB directs the request to the server that cotais the object ad the returs the resultig values to the cliet. From a users poit of view, a fuctio, or part of a fuctio i a orgaizatio. For example, maager, secretary, ad so o. From a authorizatio poit of view, a idetifyig ame for a group of users. A role ca cotai several subroles. A predesiged documet that is used to maitai commo data for a group of users with the same role. Versio Release Customizatio User Maagemet 2

Leged Madatory sessio Optioal sessio Madatory busiess object Optioal busiess object CF PCS PCS Idicates a madatory sessio Idicates a optioal sessio Idicates a madatory busiess object Idicates a optioal busiess object Idicates a package Idicates a module Idicates a module that is described i the module procedure User Maagemet 3

User Maagemet 4

1. The User Maagemet module i BaaERP This chapter provides iformatio about: User maagemet as applied i BaaERP User maagemet s fuctioal procedures The modules related to user maagemet 1.1 User Maagemet as applied i BaaERP Note The User Maagemet module is part of Baa Tools. You ca use it to eter user data ito the system to eable the users to work with the BaaERP software. This meas that the BaaERP users must have a user logo ad a password. For the descriptio of the User Maagemet module it is assumed that the user has a system logo for the operatig system. For more iformatio o how to create the user accout o the operatig system, refer to the appropriate istallatio maual. 1.2 User Maagemet s fuctioal procedures The User Maagemet module cotais the followig fuctioal procedures, which you ca use to create a BaaERP user with the proper authorizatios: Creatig BaaERP users Defiig the BaaERP user s authorizatios The User Maagemet module cotais the followig busiess objects: Geeral User Data Authorizatio Maagemet System Text Parameters Developers Data Miscellaeous Geeral User Data You ca use the Geeral User Data busiess object to eter the basic user data required to create a BaaERP user. For example, user type, BaaERP logo, laguage code, ad so o. Geeral User Data also provides the tools eeded to create remote user accouts for the BaaERP user o remote or distributed databases, ad split user iterfaces. Authorizatio Maagemet System (AMS) To be able to use BaaERP, a user must have some authorizatios. You ca use the AMS busiess object to restrict the authorizatios for the ormal users. User Maagemet 1-1

The User Maagemet module i BaaERP Figure 1 shows a overview of how the user authorizatios are defied. User Role Templates Database Sessio Library Figure 1. User authorizatios based o roles ad templates The user s authorizatios are defied i the role ad some additioal authorizatios are defied i templates. These templates cotai developmet parameters, device prefereces, ad so o. The role-authorizatio procedure is described i chapter 3. The template authorizatios are described i chapter 4. Text Parameters The Text Parameters busiess object is part of the Text Maagemet module. Some of the parameters, such as the Text Group ad Text Field authorizatios, are used as iput for the User Maagemet module. These parameters are discussed i this module procedure where ecessary. Developers Data The Developers Data busiess object is part of the Applicatio Developmet (ADV) module. However, the parameters are also used as iput for BaaERP users who are resposible for the developmet of customized software compoets. These parameters are discussed i this module procedure where ecessary. Miscellaeous You ca use the Miscellaeous busiess object to prit or delete the user history. You ca also use this busiess object to remove the default settigs that have bee defied by the user for other sessios. User Maagemet 1-2

The User Maagemet module i BaaERP 1.3 The modules related to User Maagemet You ca use the Database Admiistrator (DBA) module i Baa Tools to create database users. A database user is a BaaERP user who is authorized to access a database. The cofiguratio iformatio for the database user cotais all ecessary settigs to logo to a database. These settigs are automatically loaded whe the BaaERP user logs o. You ca use the AMS busiess object, which is part of the User Maagemet module, to restrict the BaaERP user s database authorizatios. User Maagemet 1-3

The User Maagemet module i BaaERP User Maagemet 1-4

2. Creatig BaaERP users The procedure s results This chapter describes how you ca use the User Maagemet module to create BaaERP users. Most of the steps i the procedure are part of the Geeral User Data busiess object. Some additoal user parameters are set i other bussies objects. With this procedure, the user ca start BaaERP ad use the meu browser. The user ca start sessios from the meu browser. The BaaERP user also has permissios o a database level that ca be restricted with the AMS busiess object. Figure 2 shows the steps i the procedure. 1 User Data (ttams2500m000) Authorizatios 2 User Data (ttams1100s000) Templates 3 Remote User Data (ttaad2501m000) 4 Covert User Data to Rutime Data Dictioary (ttams2200m000) Figure 2. Creatig the BaaERP user Step 1 Step 2 The procedure that you ca use to create BaaERP users cosists of the followig steps. User Data (ttaad2500m000) You ca use this sessio as the begiig ad ed of the procedure. Click New o the toolbar to start the details sessio. I the details sessio you ca defie the basic user data. The Specific meu supplies the tools to: Covert the user s data to ru-time whe the procedure is completed. Give the BaaERP user database permissios. For a detailed descriptio refer to the Database Admiistrator module descriptio (UP007A US). User Data (ttams1100s000) You ca use this sessio to defie the basic user data for the BaaERP user. The basic data cotais: The system data The defaults settigs. For example, the roles ad templates to which the user is liked The authorizatios of the user User Maagemet 2-1

Creatig BaaERP users System Data You ca use this tab to defie the ame of the user, the user s BaaERP system logo, the user type, the package combiatio, the default compay, the laguage code of the BaaERP software, ad the startup data. You ca make a distictio betwee two user types: Normal users, which have restricted authorizatios for startig sessios, accessig table fields, workig with data pertaiig to specific compay umbers, ad so o. Super users, which have urestricted authorizatios. The restrictios o the authorizatios are defied with the Authorizatio Maagemet System (AMS). The startup data cosists of: The startup meu The startup program The startup program defies how BaaERP is preseted to the user after startup. You ca select oe of the followig optios: The Meu Browser, a graphical user iterface betwee BaaERP ad the users represetig the meu structure. The Desktop Maager, a graphical user iterface betwee BaaERP ad the users that represet group icos ad item icos. These group icos ad item icos represet related items such as BaaERP programs ad sessios. You must defie a desktop ame for this optio. The Dyamic Eterprise Modeler (DEM) browser, which represets the BaaERP fuctioality i busiess processes. The Workflow Cliet, which represets the work items (tasks) of the users accordig to their role i the compay. Defaults You ca use this tab to defie some geeral Widows settigs ad the templates that cotai the commo data relevat to the user. If you select the Save ad restore Widows Defaults check box, the positio ad size of a sessio's widow is saved whe you quit Widows. At the ext startup, the widow is displayed i the same positio ad size as whe you last quit the sessio was last exited. You ca select oe or more of the followig templates: User Data Default Text Groups Default Text Fields Developmet Parameters Device Prefereces User Maagemet 2-2

Creatig BaaERP users Step 3 Step 4 Refer to chapter 4 for a detailed descriptio of the templates Authorizatios The data o this tab is password protected ad ca oly be chaged by system admiistrators ad users with system admiistrator permissios. You ca use this tab to defie the role(s) of the user ad the templates that defie some of the geeral authorizatios of the users. If you select the Auth for all Package VRCs check box the developer ca customize software compoets i all package VRCs. If you defie a package VRC i the Developer Authorizatio template, this check box is overruled ad the developer will o loger be authorized for all package VRCs. The developer will oly be authorized for the package VRCs that are defied i the template. The package VRCs that you defie i the Developers Authorizatio template are also the package VRCs for which the developer is authorized if the Auth for all Package VRCs check box is cleared. You ca select oe or more of the followig authorizatio templates: Termial authorizatios, which defie the termials the user ca use to start BaaERP. Developers authorizatios, These defie the package VRCs, laguages ad modules for which the developer is authorized to customize software compoets. This template also defies whether or ot the developer is authorized to customize software compoets that are created by other developers. Text Group authorizatios. These defie the text groups for which the ormal user must have Use, Read, or Update authorizatios. Remote User Data (ttaad2501m000) You ca use this optioal sessio if the BaaERP user must be able to work with distributed or remote databases, or split user iterfaces. You ca defie the remote system ad remote system logo. The remote user file is used to make the coectio to the remote system for a specific user. For example, the user must be able to start BaaERP from a workstatio while the database is located at aother system. To make this possible it is ecessary that the remote user file must be created o the workstatio. Covert User Data to Ru-time Data Dictioary (ttams2200m000) You ca start this sessio from the Specific meu i the User Data (ttaad2500m000) sessio. You ca use this sessio to covert the user file, or chages to the user file, to the ru-time data dictioary. You must restart BaaERP to activate the chages. User Maagemet 2-3

Creatig BaaERP users 2.1 Defiig additioal user settigs Some user parameters or default settigs are defied i other busiess objecs the Geeral User Data. For example: Developers Data Default Settigs Developers Data Some of the user s parameters ad templates are defied i the Developers Data busiess object. For example: The curret package VRC The developer s authorizatio password The developmet parameters templates The developer authorizatios template Chage Curret Package VRC of User (ttadv0140m000) The curret package VRC is the package VRC for which the user is allowed to develop software compoets. You ca use this sessio to specify or chage the curret package VRC for a user. If you select the Show Curret VRC oly (Multilevel) check box, oly the valid software compoets are show i sessios that are used to develop software compoets. For example, the compoets with the latest VRC i the derivatio structure of the curret package VRC. Oly the compoets of the curret package VRC ca be chaged. Chage Password for Developer Authorizatios (ttadv0143m000) The Authorizatio tab i the User Data Details (ttams1100s000) sessio ad the Developer Authorizatio Template (ttams1151m000) sessio are password protected. The system admiistrator uses this sessio to chage the user s password. The password is also eeded for the Geeral Table Maiteace (ttaad4100) sessio. Some developmet parameters ad authorizatios are defied i templates. Refer to chapter 4 for a detailed descriptio of these templates. Default Settigs You ca use the Default Settigs busiess object to customize the user eviromet i which users have their ow startup sessios. You ca specify the startup sessios i the sessio groups, ad the ru-time resources. The default settigs are defied i the followig sessios: Maitai Sessios Groups (ttaad2107m000) Maitai Startup Sessios (ttaad2106m000) Maitai User Settigs (ttaad2105m000) Rutime Resources (ttdsk3160m000) User Maagemet 2-4

Creatig BaaERP users Maitai Sessio Groups (ttaad2107m000) You ca use this sessio to defie a sessio group that will cotai the user s startup sessios. Startup sessios are sessios that are activated automatically whe BaaERP is started. Maitai Startup Sessios (ttaad2106m000) You ca use this sessio to add the startup sessios to the sessio group. Maitai User Settigs (ttaad2105m000) You ca use this sessio to lik a sessio group to a user. Rutime Resources (ttdsk3160m000) You ca use this sessio to defie BaaERP s ru-time resources. The ru-time resources iclude the colors ad fots used i the widows, ad sizes ad fots for messages ad questios. 2.2 The sessios that are related to the mai procedure The Geeral User Data busiess object ca also be used to chage the package combiatio for a user or a rage of users. This sessio is ot dirctly used i the procedure to create a BaaERP user but it is a helpful user maagemet tool. Chage Package Combiatios for Users (ttaad2200m000) You ca ru this sessio, for example, whe you have chaged the package combiatio of a compay i the Chage Package Combiatio by Compay (ttaad1101m000) sessio. This sessio ca oly chage the user's package combiatio ito oe that matches the package combiatio of the user's default compay. The compay's package combiatio ca oly differ from the ew user's package combiatio uder the followig coditios: Both package combiatios iclude the same packages Differet package VRCs are used i the package combiatios The package VRCs ca oly differ if: Both VRCs are derived from each other Both package VRCs are derived from the same VRC ad o chages i data defiitios or domais have bee made i the derived VRCs The Miscellaeous busiess object gives you the tools to: Prit the user history Delete the user history Remove the users default settigs User Maagemet 2-5

Creatig BaaERP users Note Prit User History (ttaad2402m000). You ca use this sessio to prit the history for a rage of users. The user s history report ca be sorted by user or date/time ad cotais the ames of the users ad the sessios they have used, with the start times ad ed times. The data is prited from a sequetial file ($BSE/lib/TIME.HIS) ad ca therefore take a log time to prit. The user s history is oly logged if the History check box i the user s data template is selected. Delete User History (ttaad2202m000) You ca use this sessio to delete the cotets of the history file. Remove the Users Default Settigs (ttstpdeldeflt) You ca use this sessio to remove the user s defaults settigs. A user ca defie default settigs by sessio, to avoid havig to re-eter regularly used parameters. User Maagemet 2-6

3. Defiig the ormal user s authorizatios with the AMS busiess object Note The AMS procedure s result This chapter describes how you ca use AMS: To defie roles ad subroles To defie the authorizatio per role ad subrole To covert the roles ad authorizatios to the ru-time data dictioary The authorizatios for ormal users ca be restricted, while the super users will retai urestricted authorizatios. A user eviromet with clearly defied tasks ad duties for all ormal users, by authorizig the ormal users accordig to their role i a orgaizatio. For a BaaERP user to work with BaaERP, you must defie their fuctio ad the related authorizatios for their fuctio i the AMS busiess object. The AMS procedure cosists of the followig steps: 1 Defie the roles ad subroles for a orgaizatio 2 Defie the approperiate authorizatios per role 3 Lik the BaaERP user to a role 4 Covert the user data file to the ru-time data dictioary 3.1 Defiig user roles ad subroles AMS gives you the fuctioality to defie the restricted authorizatios for ormal users based o their role i a compay. The user s user data ad the user s authorizatios for BaaERP are defied i their role. You ca defie more tha oe role per user ad more tha oe sub role per role. For example, a departmet maager has more resposibilities tha the employees i a departmet. The maager has two roles: The role of the employee with the appropriate authorizatios The maager s role with additioal authorizatios relevat oly to the maager Figure 3 shows the combied authorizatios of two roles i oe role. For example, if a user has permissio for a database ad aother role states that the user has o permissio for that database, the user will ultimately have permissio. User Maagemet 3-1

Defiig the ormal user s authorizatios with the AMS busiess object Role 1 Compay Package Module Compoet Sessio Role 2 Compay Package Module Compoet Compay Package Module Compoet Authorized Not authorized Resultig permissios Figure 3. Determiig the resultig permissios for a combiatio of roles Role Data (ttams2100m000) This sessio is the startig poit for the AMS procedure. You ca use this sessio to defie the roles ad subroles. From the Specific meu, you ca start all sessios that you eed to: Defie subroles i a role Defie the authorizatios per role Covert the role data to the ru-time data dictioary From the Specific meu, you ca also start the Rolebrowser that presets the roles ad subroles i a graphical user iterface. Refer to chapter 5 for a detailed descriptio of the Rolebrowser. 3.2 Defiig authorizatios per role ad subrole Note If you defie the authorizatios by role istead of by user, you ca reduce the redudat data sigificatly. It also provides a user-friedly method to add ew users, or to update user authorizatios. This procedure describes how you ca defie the user s role depedet authorizatios. Refer to chapter 4 for a descriptio of the authorizatio templates. The role authorizatios are defied for the followig software compoets i BaaERP: Sessios Databases, divided ito: Tables Table Fields Libraries User Maagemet 3-2

Defiig the ormal user s authorizatios with the AMS busiess object Note You ca restrict the user s authorizatios to a specific compay, or defie the authorizatios for all compaies. The authorizatios defied for a specific compay will have the highest priority. You must defie a time-iterval, i which the user is authorized to start sessios. This is a helpful optio that you ca use, for example, to restrict users to start time cosumig processes durig the day. These processes ca lead to a decrease i performace ad to loger respose times. The authorizatios ca be defied at several levels. For example: At compay level (ot applicable for libraries) At package level At module level At compoet level. For example, sessios, database tables, ad so o. At subcompoet level. This level is oly applicable for database tables ad refers to the database table fields A coversio idicator is set as soo as there is a chage i the authorizatio data. The coversio to ru-time is oly carried out whe it is really ecessary. You ca also coduct a full coversio to the ru-time data dictioary, idepedet of the coversio idicators. If the coversio is completed successfully, the coversio idicator for the role is cleared. The sessio authorizatios ad the library authorizatios are hadled i the same way. The sessio authorizatios ad library authorizatios are stored i oe file. I the Role Data (ttams2100m000) sessio, you ca click Start the Sessios Needed from the specific list to defie the sessio authorizatios, database authorizatios, ad the library authorizatios at the appropriate levels. Sessio authorizatios AMS gives you the tools to prit, display, maitai, ad covert the sessio authorizatios for a group of users who are idetified by a role i a orgaizatio. Table 1 shows a overview of the sessio authorizatios priority. Specific compay All compaies Sessio authorizatio per sessio 1 2 Sessio by authorizatio per module 3 4 Sessio authorizatio per package 5 6 Sessio authorizatio per compay 7 8 Table 1. Priority of sessio authorizatio checks The table shows that the sessio authorizatio with the highest priority (1) is stated at the most specific level ad the lowest priority (8) is stated at the most global level. User Maagemet 3-3

Defiig the ormal user s authorizatios with the AMS busiess object You ca defie the sessio authorizatios with the followig sessios: Sessio Authorizatios by Compay (ttams3133m000) Sessio Authorizatios by Package (ttams3130m000) Sessio Authorizatios by Module (ttams3131m000) Sessio Authorizatios by Sessio (ttams3132m000) I all these sessios, you must do the followig: Select the All Compaies check box to defie the sessio authorizatios for all compaies, or specify a specific compay i the Compay field. The sessio authorizatios that you defie for a specific compay will have a higher priority tha those defied for all compaies. Defie the actios that are permitted for the sessios i the Authorizatios Groups field. For example, full authorizatio, o authorizatio, display, isert, delete, modify, ad so o. BaaERP uses this iformatio to determie what a ormal user ca do i the sessio. Defie i the Start Time ad Ed Time fields the time iterval i which the ormal users are authorized to activate a sessio. I the sessios ormal users are autorized to activate, you ca use the Specific meu to start the sessios eeded to: Chage the defied time iterval Copy a rage of compaies, packages, modules, or sessios i the curret role Covert the chages of the sessio authorizatios to the ru-time data dictioary Sessio Authorizatios by Compay (ttams3133m000) You ca use this sessio to defie the sessio authorizatios at compay level, per role. This meas that you ca give the ormal users who are liked to the role, restricted access to data for a specified rage of compaies. You ca create exceptios to the sessio authorizatios at compay level per role at the followig levels: At package level with the Sessio Authorizatios by Package (ttams3130m000) sessio At module level with the Sessio Authorizatios by Module (ttams3131m000) sessio At sessio level with the Sessio Authorizatios by Sessio (ttams3132m000) sessio Sessio Authorizatios by Package (ttams3130m000) You ca use this sessio to defie the sessio authorizatios, at package level, per role. This meas that the ormal user that is liked to the role ca be restricted to a specified rage of packages i a compay. User Maagemet 3-4

Defiig the ormal user s authorizatios with the AMS busiess object The sessio authorizatios at package level are a exceptio to the sessio authorizatios at compay level. You ca defie exceptios to the sessio authorizatios at package level per role at the followig levels: At module level with the Sessio Authorizatios by Module (ttams3131m000) sessio At sessio level with the Sessio Authorizatios by Sessio (ttams3132m000) sessio Sessio Authorizatios by Module (ttams3131m000) You ca use this sessio to defie the sessio authorizatios at module level, per role. This meas that the ormal user ca be restricted to a specified rage of modules i a package. The sessio authorizatios at module level are a exceptio to the sessio authorizatios at compay level, ad a exceptio to the sessio authorizatios at package level. You ca defie exceptios to the sessio authorizatios at module level per role ad at sessio level with the Sessio Authorizatios by Sessio (ttams3132m000) sessio. Sessio Authorizatios by Sessio (ttams3132m000) You ca use this sessio to defie the sessio authorizatios at sessio level per role. This meas that the ormal user ca be restricted to a specified rage of sessios i the module. The sessio authorizatios at sessio level are a exceptio to the sessio authorizatios at the followig levels: At compay level At package level At module level User Maagemet 3-5

Defiig the ormal user s authorizatios with the AMS busiess object Database authorizatios AMS gives you the tools to prit, display, maitai ad covert the database authorizatios for a group of ormal users who are idetified by a role. The database authorizatios are divided ito: Database table authorizatios Database table field authorizatios You ca defie the database authorizatios o several levels. Table 2 shows a overview of the database authorizatios priority. Specific compay All compaies Database table per table data 1 2 Database table per table 3 4 Database table per module 5 6 Database table per package 7 8 Database table per compay 9 10 Table 2: Priority of table authorizatio checks The table shows that the database authorizatio with the highest priority (1) is stated at the most specific level ad the lowest priority (10) is stated at the most global level. You ca defie the database table authorizatios ad the database table field authorizatios with the followig sessios: Table Authorizatios by Compay (ttam3144m000) Table Authorizatios by Package (ttam3140m000) Table Authorizatios by Module (ttam3141m000) Table Authorizatios by Table (ttam3142m000) Table Data Authorizatios (ttam3145m000) Table Field Authorizatios (ttam3143m000) Table Field Data Authorizatios (ttam3146m000) I all of these sessios you must do the followig: Select the All Compaies check box to defie the database authorizatios for all compaies, or specify a specific compay i the Compay field. The database authorizatios that you defie for a specific compay will have a higher priority tha those defied for all compaies. Defie i the Authorizatio Idicator field the database actios that are allowed for the ormal users who are liked to the role. For example, Delete/Isert/Modify/Read, Isert/Modify/Read, Modify/Read, Read or Not Authorized. The database server uses this iformatio to determie what a user is allowed to do i the database. User Maagemet 3-6

Defiig the ormal user s authorizatios with the AMS busiess object I these sessios, you ca use the Specific meu to start the sessios eeded to: Modify database authorizatios Delete database authorizatios Copy a rage of compaies, packages, modules, or tables from the data dictioary i the curret role Covert the chages of the database table authorizatios to the ru-time data dictioary Table Authorizatios by Compay (ttam3144m000) You ca use this sessio to defie the database table authorizatios at compay level, per role. This meas that the ormal users who are liked to the role ca be restricted to specific actios o records i database tables for a specified rage of compaies. You ca defie exceptios to the table authorizatios at compay level at the followig levels: At package level with the Table Authorizatios by Package (ttam3140m000) sessio At module level with the Table Authorizatios by Module (ttam3141m000) sessio At table level with the Table Authorizatios by Table (ttam3142m000) sessio At table data level with the Table Data Authorizatios (ttam3145m000) sessio Table Authorizatios by Package (ttam3140m000) You ca use this sessio to defie the database table authorizatios at package level, per role. This meas that the ormal users who are liked to the role ca be restricted to specific actios o records i database tables, for a specified rage of packages i a compay. The database table authorizatios at package level are a exceptio i the database table authorizatios sessio at compay level. You ca defie exceptios to the database table authorizatios at package level at the followig levels: At module level with the Table Authorizatios by Module (ttam3141m000) sessio At table level with the Table Authorizatios by Table (ttam3142m000) sessio At table-data level with the Table Data Authorizatios (ttam3145m000) sessio For example, a ormal user who is liked to the role has authorizatio to isert, to modify, or to read data i Baa Distributio. The user has o authorizatio over the Sales Order Data module. User Maagemet 3-7

Defiig the ormal user s authorizatios with the AMS busiess object Table Authorizatios by Module (ttam3141m000) You ca use sessio to defie the database table authorizatios at module level, per role. This meas that the users who are liked to the role ca be restricted to specific actios o records i database tables for a specified rage of modules i a package. The database table authorizatios at module level are a exceptio to the database table authorizatios at compay level ad at package level. You ca defie exceptios to the database table authorizatios at module level at the followig levels: At table level with the Table Authorizatios by Table (ttam3142m000) sessio At table-data level with the Table Data Authorizatios (ttam3145m000) sessio Table Authorizatios by Table (ttam3142m000) You ca use this sessio to defie the database table authorizatios at table level, per role. This meas that the users who are liked to the role ca be restricted to specific actios o records i database tables for a specified rage of tables i a module. The database table authorizatios at table level are a exceptio to the database table authorizatios at compay level, at package level, ad at module level. You ca defie exceptios to the database table authorizatios at table-data level with the Table Data Authorizatios (ttam3145m000) sessio. Table Data Authorizatios (ttam3145m000) You ca use this sessio to defie table data authorizatios, per role. This is the most specific database table authorizatio that you ca defie. This meas that you ca defie restrictios for ormal users who are liked to the role. You ca defie table data authorizatios for data i a table with a coditio. The authorizatio that is defied i this sessio ca be a exceptio or additio to the table authorizatios at all levels. You ca use table data authorizatios to block specific data i the database for ormal users who are liked to the role. You ca defie authorizatios depedig o the data of a table. For example, a user ca oly be allowed to isert sales orders whe the order umber is betwee 100.000 ad 200.000. You ca specify a authorizatio level for each coditio. For example, the data authorizatio. This ca be aother authorizatio level as the table authorizatio level, which is defied i the database table authorizatio sessios. If you have ot specified table authorizatios, the table authorizatio status is delete, isert, modify, or read. User Maagemet 3-8

Defiig the ormal user s authorizatios with the AMS busiess object A overlap ca occur betwee two coditios for the same table with differet authorizatio levels. I that case, the most restrictive authorizatio level is overrulig. The table data authorizatios are a exceptio to the database table authorizatios at the followig levels: At compay level At package level At module level At table level Note Table Field Authorizatios (ttam3143m000) You ca use this sessio to defie database table authorizatios at table field level. This meas that you ca restrict the ormal users who are liked to the role to fields of a specific table i a module. Database table-field authorizatios are oly meaigful if the user has at least Read authorizatio for the database table. The database table-field authorizatios are oly fuctioal for sessios with a mai table. For example, maitai sessios ad display sessios. If a user has o authorizatio to modify a field, the field is disabled. If a user has o authorizatios at all, the No Authorizatio Character, which is defied i the Character Parameters (ttaad0100m000) sessio, is displayed. Database table field authorizatios have o effect o reports. Update sessios, whe fields are automatically filled by the sessio, will also igore database table-field authorizatios. If you do ot specify database table-field authorizatios, the user will have the database table authorizatios. You ca defie exceptios to the database table-field authorizatios at tablefield data level i the Table Field Data Authorizatios (ttam3146m000) sessios. Table Field Data Authorizatios (ttam3146m000) You ca use this sessio to defie table field data authorizatios. This is the most specific database table field authorizatio that you ca defie. It meas that you ca defie restrictios for ormal users who are liked to the role, to database actios o fields of a table for a give coditio. Table field data authorizatios are specified i a table, for a rage of data by defiig a coditio. The authorizatio, which is defied i this sessio ca be a exceptio or a additio to the authorizatios that are defied i the Table Field Authorizatios (ttam3143m000) sessio. You ca defie authorizatios depedig o the data of a table field. For example, a user ca be allowed to view the order price whe the order umber is betwee 100.000 ad 200.000. User Maagemet 3-9

Defiig the ormal user s authorizatios with the AMS busiess object You ca specify a authorizatio level for each coditio. For example, the read/write authorizatio. This ca be authorizatio level other tha the table authorizatio level, which is defied i the database table field authorizatio sessios. If you have ot specified table field data authorizatios, the table authorizatio is the same as the database table authorizatio of the table. A overlap ca occur betwee two coditios for the same table with differet authorizatio levels. I such a case, the most restrictive authorizatio level is take i. Library authorizatios BaaERP uses OLE, DDE, OCX ad ORB iterfaces to itegrate programs with the BaaERP eviromet. These programs commuicate with BaaERP through the Dyamic Lik Libraries (DLLs). AMS gives you the tools to prit, display, maitai ad covert the Dyamic Lik Library authorizatios for a group of users who are idetified by a role. You ca defie library authorizatio types for the library authorizatios. BaaERP uses this iformatio to determie whether a user is authorized to use the fuctios i a library. The library authorizatios ca be specified o several levels. Table 3 shows a overview of the library authorizatios priority. Library per library 1 Library per module 2 Library per package 3 Table 3. Priority of library authorizatio checks The table shows that the library authorizatio with the highest priority (1) is stated at the most specific level ad the lowest priority (3) is stated at the most global level. You ca defie the library authorizatios with the followig sessios: Library Authorizatios by Package (ttams3150m000) Library Authorizatios by Module (ttams3151m000) Library Authorizatios by Library (ttams3152m000) You ca use the Specific meu i these sessios to start the sessios eeded to: Copy a rage of packages, modules, or libraries i the curret role Covert the chages of the library authorizatios to the ru-time data dictioary Library Authorizatios by Package (ttams3150m000) You ca use this sessio to defie the library authorizatios at package level, per role. This meas that you ca authorize or dey the authorizatio of ormal users who are liked to the role, to use the library fuctios for a specified rage of packages. User Maagemet 3-10

Defiig the ormal user s authorizatios with the AMS busiess object You ca create exceptios o the library authorizatios at package level at the followig levels: At module level with the Library Authorizatios by Module (ttams3151m000) sessio At library level with the Library Authorizatios by Library (ttams3152m000) sessio Library Authorizatios by Module (ttams3151m000) You ca use this sessio to defie the library authorizatios at module level, per role. This meas that you ca authorize, or dey the authorizatio of ormal users who are liked to the role, to use the library fuctios for a specified rage of modules i a package. The library authorizatios at module level, for each role, are a exceptio to the library authorizatios at package level. You ca create exceptios to the library authorizatios at the module level, ad at library level with the Library Authorizatios by Library (ttams3152m000) sessio. Library Authorizatios by Library (ttams3152m000) You ca use this sessio to defie the library authorizatios at library level, per role. This meas that you ca authorize or dey the authorizatio of ormal users who are liked to the role, to use the library fuctios for a specified rage of libraries ia package. The library authorizatios at library level, for each role, are a exceptio to the library authorizatios at module level, ad at package level. 3.3 Coectig the BaaERP user to a role Note The ext step i the AMS procedure is to lik the BaaERP user to a role. The BaaERP user is created with the User Data (ttaad2500m000) sessio. Retur to this sessio. Select ad double-click the user s logo to start the User Data (ttams1100s000) details sessio. O the Authorizatios tab, you ca eter the user s roles. The data o the Authorizatio tab is password protected, ad ca oly be edited by system admiistrators or users with system admiistrators authorizatios. User Maagemet 3-11

Defiig the ormal user s authorizatios with the AMS busiess object 3.4 Covert the user file to the rutime datadictioary To complete the AMS procedure, you must covert the user data file ad role data file to the rutime data dictioary. Go to the User Data (ttaad2500m000) sessio ad select the user s logo. O the Specific meu, choose Covert to Rutime DD to start the Covert to Rutime DD (ttams2200m000) sessio. Covert to Ru-time DD (ttams2200m000) You ca use this sessio to covert the chaged user data ad role data for a user, or a rage of users, to the ru-time data dictioary. To make the chages to the user data ad role data effective, you must restart BaaERP. The followig user related data is dumped i the ${BSE}/lib/user/<user> file: User data Data i the user data template Laguage depedet data Compay depedet data Default users settigs Data i the termial authorizatio template The role related data is divided over the followig authorizatios: The sessio authorizatios ad library authorizatios are dumped i the ${BSE}/lib/roles/sessio/<first char>/<role>/ file. Database authorizatios are dumped i the ${BSE}/lib/roles/db/<first char>/<role>/ file. User Maagemet 3-12

4. Usig templates i AMS Note This chapter describes how you ca use AMS: To defie templates that cotai data for a group of users To covert the templates to the ru-time data dictioary To coect the BaaERP user to a template The templates defie the user related data ad authorizatios o a user level, ot o a role level. If you defie the user related data i a template ad the lik a group of users to that template, you ca reduce the redudat data sigificatly. It also provides a user-friedly method to chage the data i the templates. The user s authorizatios are ultimately a combiatio of the authorizatios that are defied i the templates ad roles, coected to the user profile. The templates are liked to a user i the User Data (ttams1100s000) details sessio. Template authorizatios Role authorizatios User User Authorizatios Figure 4. Schematic overview of the user authorizatios 4.1 Defiig Templates that cotai data for a group of users You ca use AMS to create templates to defie the commo user data ad additioal parameters, which are required by users who will customize software compoets. The data is defied i templates with the followig sessios: User Data Template (ttams1110m000) Developmet Parameters Template (ttams1150m000) Developer Authorizatio Template (ttams1151m000) Text Group Authorizatio Template (ttams1122m000) Default Text Groups Template (ttams1121m000) Default Text Groups by Text Field Template (ttams1120m000) Device Preferece Template (ttams1140m000) Termial Authorizatio Template (ttams1130m000) User Maagemet 4-1

Usig templates i AMS User Data Template (ttams1100s000) You ca use this sessio to defie default settigs ad parameters, for a group of BaaERP users, i a template. The default data cotais the system data ad the authorizatio data. The system data defies, for example : The applicatio server, for example b-shell The system from which the users start the applicatio The olie Help format, for example Widows Help or HTML Help The time betwee the pritout ad deletig the temporary file The Trito Super Set characters The refresh iterval If a history log ca be created of the user s actios If the sessio code must be show i the title If the UI Page mode must be activated The authorizatio data defies, for example: The time iterval defied by a start time ad a ed time The shell commad type The shell commad If the sessio must be called by the sessio code If a sessio ca be started from the helpviewer If the users are authorized for all devices The time zoe Developmet Parameters Template (ttams1150m000) Some parameters that are used by applicatio developers are defied i a template. For example, you ca choose to ru a automatic compilatio after you have created/chaged meus or forms. You ca also specify commads ad optios which the user ca employ i the developmet eviromet. The template is liked to a user with the proper developmet authorizatios i the User Data details (ttams1100s000) sessio o the Defaults tab. Applicatio parameters are settigs that are eeded by the applicatio developer to develop software compoets. There are parameters available for: Automatic compilatio to the Ru-time Data Dictioary after chagig forms or meus Actios after the optio <Copy to curret package VRC> The parameters that the editor ca use to develop software User Maagemet 4-2

Usig templates i AMS Developer Authorizatio Template (ttams1151m000) Some of the developer s authorizatios are defied i a template. The template is liked to a user with the proper developmet authorizatios i the User Data details (ttams1100s000) sessio o the Defaults tab. I the template you ca specify: The package VRC for which the developer is authorized to maitai ad develop software compoets. The laguages ad modules of the specified package VRC for which the developers are authorized to maitai ad develop software compoets. The status up to which the techical writer is authorized to maitai the Help texts. If you select the All Modules ad All Laguages check boxes, the users who are liked to the template are authorized to maitai ad develop software compoets i all modules i BaaERP, ad i all laguages. If the check boxes are cleared, you must specify the modules ad laguages for which the user must be authorized. If you select the Authorizatio for Compoet of other Developer check box, the user is authorized to maitai the software compoets that are created by other users durig their absece. This is a helpful optio, for example, for a seior applicatio developer. Text is used i BaaERP for several differet purposes. For example, for olie Help, to provide iformatio o the data stored i the database tables, or to use the text editor to write queries. A ormal user must have some basic authorizatios to use, update, or read text. The ecessary data ad authorizatios are defied i the text parameters. The text parameters are part of the Text Maagemet module. Some of the text parameters are defied i templates i the User Maagemet module. The user s text parameters are defied i templates with the followig sessios: Text Group Authorizatio Template (ttams1122m000) Default Text Groups Template (ttams1121m000) Default Text Groups by Text Field Template (ttams1120m000) The text parameters ca be specified for a specific compay or for all compaies. If you select the All Compaies check box i these sessios, the users who are liked to the templates are authorized to edit text i all compaies. If you wat to restrict the users to a specific compay, you must defie that compay i the Comp field. The text parameters that are defied for a specific compay take precedece over defaults that are defied for all compaies. User Maagemet 4-3

Usig templates i AMS Text Group Authorizatio Template (ttams1122m000) You ca use this sessio to defie the use, update, or read authorizatios for ormal users per text group i a template. A text group is a meas to defie how text must be preseted i a widow by defiig the text editor, default widow, ad dimesios of the widow. Refer to the Text Maagemet Module for more details. Default Text Groups Template (ttams1121m000) You ca use this sessio to defie default text groups i a template. If a text is writte i a text field for which o default text group is defied, BaaERP will use the default text group that is defied i this template. Default Text Groups by Text Field Template (ttams1120m000) You ca use this sessio to defie default text groups for text fields i BaaERP, i a template. If a text is writte i a text table field, it is liked to the default text group of that field You must defie the devices that ca be used by the users, ad the termials from which the users ca start BaaERP, i templates with the followig sessios: Device Preferece Template (ttams1140m000) Termial Authorizatio Template (ttams1130m000) Note Device Preferece Template (ttams1140m000) You ca use this sessio to defie devices ad a order of prefereces i a template. If the template is liked to a user who is ot authorized for all devices, the user is oly authorized to use the devices that are defied i the template. You ca authorize a user for all devices. To do this, select the Authorizatio for all devices check box i the user data template. Termial Authorizatio Template (ttams1130m000) You ca use this sessio to defie a umber of termials i a template. This template ca oly be used if the termials are coected to fixed tty ports. I the template eter the code of the tty ports to which the termials are coected. Or, from the Specific meu, choose Import Termials to view a rage of termials. Delete the termials from the rage, that you do ot wat to defie i the template. User Maagemet 4-4

Usig templates i AMS 4.2 Covert the templates to the ru-time data dictioary Chages to the template ca be coverted to the ru-time data dictioary, per template. From the Specific meu i these sessios, choose Covert to Rutime DD to start the Covert to Ru-time DD (ttams2200m000) sessio. Refer to 3.4 for a detailed descriptio of this sessio. 4.3 Coectig the BaaERP user to a template Note The BaaERP user is created with the User Data (ttaad2500m000) sessio. Retur to this sessio. Select ad double-click the user s logo to start the User Data (ttams1100s000) details sessio. O the Authorizatios tab, you ca eter the templates for the user. The data o the Authorizatio tab is password protected, ad ca oly be edited by system admiistrators or users with system admiistrators authorizatios. User Maagemet 4-5

Usig templates i AMS User Maagemet 4-6

5. Usig the Role Browser You ca use the Role Browser i a browser to view (part of) the role tree. The role tree represets a role with all its subroles, that ca also cotai sub roles. I the Role Browse, double-click a role folder to display the sub roles i the role. Select a role, or subrole, ad choose Start AMS o the Optios meu to start the Role Data (ttams2100m000) sessios. The role browser highlights cyclical defiitios i the tree. These cyclical role defiitios are ot allowed ad have to be removed. The role browser uses the display logic of the existig desktop browser, to esure a cosistet iterface over the various browsers i BaaERP. Figure 5. The role browser Figure 5 shows a example of roles with subroles. The maager has a umber of roles liked to the maager role. The maagers does ot oly have the maager s authorizatios, but also the authorizatios of the product architect, product cosultat, ad project leader, which are defied i their respective roles. The project leader role has additioal subroles. The role browser shows all the maager s authorizatios, from his ow role to the role of the lowest raked employee. Figure 6 shows a example of a cyclical role. The Juior Software Egieer has also the role of the Seior Software Egieer, which of course is ot the case. Figure 6. A cyclical role User Maagemet 5-1

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback