Easy Security: Maintaining Logins

Logins are best maintained by using groups of roles. This makes it easy to get an overview of the high level permissions for a user. Instead of 50 individual roles, maybe only a few Role Groups are needed. By making groups like "BASE", "SALES", "ACCOUNTING" and "WAREHOUSE" the groups refer to functional areas. When later adding another customization or add-on requiring more roles for a user, only the Role Group would be affected and not each individual user. Certifying users with Sarbanes-Oxley is also easier when using the Role Groups in comparison to maintaining many individual roles.

Role Groups can also be nested by including Role Groups inside a Role Group. This can be used for building a setup with a user only having 1 Role Group in each Company.

The "SUPER" or "SUPER (DATA)" roles should normally not be included in Role Groups, since these are really important and need to be visible directly under the Login.

A Role Group "BASE" is very useful to add permissions that all users need. The Role "ALL" and "BASIC" can be included in the Role Group. Roles required by add-ons to be added to every user can also be added to the Role Group.

If many users work in a similar role in a company and need the same permissions, the "Permissions as User ID" should be used. This allows for only maintaining permissions for one user and is convenient for cases when all employees in a department should be the same, for example.

If a user is assigned the "SUPER" role, no other roles are published to the Live data. This is true for either a single company or for all companies if the Company Group Code is blank.

Company Groups can save a lot of complexity by having multiple test companies in a single Company Group. New test companies are typically created on a regular basis, and adding the permissions to users would require only adding the Company in the Company Group and then publishing permissions. By using Company Groups, it is also easy to handle renaming of companies between a test and live database.

Like   Don't Like

© 2024 All rights reserved.

Related resources

Download software from