Security - Defining Logins and Permissions for all users
Click your browser's 'Back' button to return to the previous page.

The Security page defines who can read and edit data, and who has permission to make these decisions.

 

Overview
The Security page allows the System Administrator or Manager of each database to control user logins and access to each department in the application. Security can also be refined to the Department/Page level, meaning certain pages within a department can be locked down on a user-by-user basis.

 

Please click here for general information about using the Toolbar, Form and Fields.

Security Is Required With Replication
In applications that support replication, Security logins are required. Each user must have a unique login and password, along with a replication email address. When a new database is created, Security is enabled by default and a standard login with full Admin rights is created (User Name = 'Manager'; password = 'password). The first thing the database creator should do is create a new System Administrator login for himself/herself and remove the default "Manager" login to prevent unrestricted access to the database.

No Replication? Security Is Optional
If you application does NOT have replication functionality, Security is optional and can be turned on or off for each database as Security settings are stored in each database. When a new database is created, Security is disabled by default and the creator of the database is given System Administrator (full) rights to it. If you don’t enable Security, all users will have full rights to every department in the database. In these applications, Security can be turned on or off on the System Adminstrator's page; the change is enforced on the next login.

Changing Security Settings
Each Security record stores these values:

User Name - Each user must have a unique login name. Usually the first and last name of the user is unique within a company, but in larger companies you may find it necessary to use middle initials or names to make the User Name a unique value.

The User Name is the name stamp in the 'Last Editor' field when a record is edited and is displayed on the bottom of each page, so it's best to use legal names as opposed to nicknames or fake names as these User Names will become a part of your data. The first time a user logs in they will need to enter the full User Name; each subsequent login the application will provide the last login name so the user only needs to enter the password to login. User Names are NOT case-sensitive on login.

Password - Enter a password for the user, which is case-sensitive on login. Since each user can change his/her password on the Utilities tab on the Home page, it's best to enter new users with a simple password, such as 'password', then instruct the user to change the password to something personal the first time they login.

User Initials - Enter all three (first, middle, last name) initials for the user. These initials are appended to Reference Numbers throughout the system to identify the creator of each record and are vital for replication to ensure unique Reference No. values among remote users. While the system does NOT enforce uniqueness across all user initials, it's best if you can make these unique so the Reference No. values ARE actually unique.

User Email Address - Enter the user's email address, which is used for sending & receiving replication packages and other email utilities throughout the system, including sending the user's login password from the 'I forgot my password' link on the Main Menu.

Allow User To Add User Values - Many drop-down lists throughout the system have a button on the right side with a green plus (+) on it that allows the user to dynamically add a new value to the list. These values can also be added or edited on the Administration\User Values page, but most users may not have Security access to that page which manages those values application-wide. This checkbox gives users the ability to add new values to only the pages they have security access to. Unchecking the box will prevent the user from using this feature on every page.

Manager - Check this option to give the user Manager access, which will override any other settings on all pages. Managers have full access to everything in the system EXCEPT the System Administrator's tab in Administration and all of the unique features listed in the System Administrators role unless otherwise noted (see below).

System Administrator - Check this option to give the user complete access to everything in the system. In addition to the standard user functionality, System Administrators can:

1) Double-click in the 'Last Editor' field (in Read mode) to give access back to another user. NOTE: Managers can also do this.
2) Archive/Unarchive data from the Utilities menu on any page.
3) Import data using the option on the Utilities menu on any page.
4) Setup and change Custom Field parameters, including field names, formats and formulas.
5) Can edit ANY record regardless of custom status values.
6) Use all of the utilities on the System Administrator's tab in Administration.

Departments
Security starts here... you can take all access away from a user by unchecking that Department name in this checked list box. This removes the name from the Department Navigator for that user, effectively eliminating their ability to view or edit data.

User Roles
Please Note: Users roles are only used if the Department is enabled (checked) for the user. If you uncheck a Department, you do not need to set User Roles for any tables in that Department as the user will not even be able to open the Department page.

For all enabled Departments you can limit the user's access for each tabbed page in that Department by changing the Access Level from its default value of '[Editor]' by double-clicking on the row in the User Roles list. Select the Access Level from the drop-down list and click 'OK'. The User Access Levels work as follows:

Editor - Read and edit access to all records in the selected page (table).
Editor-Owner - Read access to all records, but can only create new records and edit their own.
Reader - Read access ONLY to all records. Cannot create new records.
Reader-Owner - Read access ONLY to their own records; the user cannot create new records or see other users’ records.
Owner - Read and Edit access ONLY to their own records.
None - The page Tab will still appear in the Department, but it will be blank..

 

Using the "Apply Roles" Button

 

The Apply Roles button copies the security settings from the current User record to one or more other Users.  You can use this to setup the default "role" you want for a particular department, for example, Sales Manager, then click the button and choose the other User records to apply the same settings to.  The Manager Role, System Admin Role, Allow User to add User Values (all checkboxes), Departments and User Roles settings are the fields copied to the selected User records.
 

Click your browser's 'Back' button to return to the previous page.

 

Crow River Tech, LLC. Copyright© 2010. All Rights Reserved

Microsoft Windows XP/Vista/7, SQL Server 2005, Access, Outlook and Excel are trademarks of Microsoft Corporation. 

Any other product names are trademarks of their respective companies.