Versions Compared

Old Version 13

changes.mady.by.user Frini Pouyiouka

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Back to Security Management Main Page 

Excerpt
hiddentrue

Find out how to create a new Security Profile

What does this section cover?

Learn to work with Security Profiles

Panel
nameblue

Table of Contents

Table of Contents
minLevel2

Navigating to Security Profiles

Info

FINANCE APPLICATION FOUNDATION > SECURITY MANAGEMENT > MANAGE SECURITY PROFILES

Using Security Profiles

Explaining Security Profiles Fields

Name

Description

Name*The security profile name
Alternative code*The security profile alternative code
DescriptionA description of the security profile
Module information*

Includes the following:

  • Selection of a module
  • Description of the selected module
Related featuresLists all features which are provided by the selected module
Suggested additional configurationLists other areas of the system that are related with the selected module as a suggestion for additional configuration
Available menu optionsLists all Main Menu options and Shortcut Menu options and provides the capability to allow or deny access on each one of them
Common processesLists all common processes related with the selected module and provides the capability to allow or deny access on each one of them
Additional processesLists all additional processes related with the selected module and provides the capability to allow or deny access on each one of them
Custom processesLists all custom processes related with the selected module and provides the capability to allow or deny access on each one of them
Web API methodsLists all Web API methods related with the selected module and provides the capability to allow or deny access on each one of them
ReportsLists all reports related with the selected module and provides the capability to allow or deny access on each one of them
PrintoutsLists all printouts related with the selected module and provides the capability to allow or deny access on each one of them
InterfacesLists all interfaces related with the selected module and provides the capability to allow or deny access on each one of them
DashboardsLists all dashboards related with the selected module and provides the capability to allow or deny access on each one of them
Inherited security profilesLists all security profiles which are inherited by the specific security profile

 

Creating & Saving, Validations & Restrictions

ActionValidations
General
  • Not applicable
Create
  • Multiple security profiles can be created in the system having a unique Name and Alternative Code
Edit
  • Not applicable
Delete
  • Security profiles cannot be deleted if there are active users assigned to it
Save
  • Mandatory Fields:
    • Name
    • Alternative Code
    • Module Information

 

Creating a Security Profile

  • Search using the criteria available in the summary page
  • From the top menu click on the NEW to open the Security Profiles data entry page

  • MAIN INFORMATION

    1. Provide the required Information:
      1. Name
      2. Alternative Code
      3. DescriptionSecurity Profiles - Main InformationImage Removed

  • INHERITED SECURITY PROFILES

    1. Click on ADD to select Security Profiles Inherited by This Security Profile

      Info

      Inherited Security profiles will override configuration made on the existing Security Profile being created. For example if a security profile for team leaders does not allow access to any module configuration, then the security profile for team members, which extends the team leaders security profile will also not have access to any module configuration, even if it is defined within that profile that access is allowed.

      Inherited Security Profiles are helpful when the intention is to create a new Security Profile that will have additional Restrictions to ones from an existing Security Profile. Read below to find out how you can quickly create a new Security Profile Inheriting Restrictions from another.

      Security Profiles - Inherited Security ProfilesImage Removed

    • MENU ACCESS

    MAIN MENU

  • Use the Filter By Module to select the module to apply access restrictions on

    • Through the available main menu items select the ones to ALLOW or DENY ACCESS using the related buttons

    Info

    If inherited profiles exist then items may be shown as allowed but they may be denied by the inherited profile.

    Security Profiles - Main MenuImage Removed

    SHORTCUTS MENU

    Through the available shortcut menu items select the ones to ALLOW or DENY ACCESS using the related buttons

    Info

    If inherited profiles exist then some shortcut menus may be shown as allowed but they may be denied by the inherited profile.

    Security Profiles - Shortcut MenuImage Removed

    MODULE ACCESS

  • There is a list with all the modules available on the left hand side of the screen
    Security Profiles - Module Access - ListImage Removed

  • Filter the list of the available modules by selecting an application through the filters list which is available on top of the list of modules

    Security Profiles - Filtering ModulesImage Removed

  • Use the list of modules to select one of them and define the following processes available:

    1. Common Processes

    2. Additional Processes

    3. Custom Processes

    4. Web API

    5. Reports

    6. Dashboards

    7. Interfaces

    8. Printouts

    Select the ones to ALLOW or DENY ACCESS using the relative buttons

    Info

    If inherited profiles exist then some modules may be shown as allowed but they may be denied by the inherited profile

    Security Profiles - ProcessesImage Removed

  • Click on SAVE

    • LOG INFORMATION

    The following information is automatically set by the system on saving the Security Profiles

    Include PageLog Information - GlobalLog Information - Global

     

    NoteVisit Understanding Security Management for business examples related to Security Profiles

    Security Profiles provide information related to the access of Modules and features by users. For example, they determine whether a Menu Option is available on the Left Menu and if the 'New' button is available for Subscriptions in the Data Entry page.
    Security Profiles are then assigned to Users and determine the respective Modules and features each User will have access to when logging into the System. 

    • Navigate to Security Profiles and explore existing entries via the Summary page
    • Click on the link (Name or Number) of the entry of your interest to enter the Data Entry page and see more detail. 
    • Use the Actions Menu to create a NEW Security Profilemodify (EDIT) or DELETE an existing one. 
    • Use BACK to return to the Summary page and CANCEL to revert any unwanted changes made to the Security Profile. 
    • Click on View Active Users to view the Users that are using the specific Security Profiles. 

    View the Attributes Table below for a comprehensive description of the Security Profiles fields. Check the Validations Table for a list of available Actions and their related validations when working with Security Profiles.

    SECURITY PROFILEImage Added

    Anchor
    validations
    validations
    Validations

    ActionValidations
    Create
    • Mandatory Fields must be defined.
    • Name and Alternative Code must be unique.
    Edit
    • Mandatory Fields must be defined.
    • Name and Alternative Code must be unique.
    Delete
    • A Security Profile cannot be deleted if there is one or more 'Active' User assigned to that Profile.

     

    Anchor
    attributes
    attributes
    Attributes

    An * indicates a field is mandatory.

    Name

    Description

    Main Information
    Name*The Security Profile name.
    Number of Active UsersA Read-only value that provides the number of 'Active' users that use the specific Security Profile.
    Alternative Code*The alternative code of the Security Profile.
    DescriptionA description of the Security Profile.
    Inherited Security Profiles
    Inherited Security Profiles

    Lists all Security Profiles which are inherited by the specific Security Profile.

    Note

    The configuration of Inherited Security Profiles overrides that of newly created Security Profiles. For example, if a Security Profile for Team Leaders does not allow access to module configuration, then the Security Profile for Team Members (inherited from the Team Leaders' Security Profile) will also not allow access to module configuration, even if access was allowed in the definition of the Team Members' Profile.

    Inherited Security Profiles are useful when creating new Security Profiles with additional Restrictions to those of an existing Profile.

    Menu Access
    Main Menu
    Available Menu Options

    'Deny' or 'Allow' access to Main Menu options.

    Note

    If access to a 'Parent' menu option is denied, then the 'Children' menu options will not be available. For example, if Access to Billing > Additive Discounts is denied, denying Access to Billing > Additive Discounts > Manage Ad Hoc Discounts and Billing > Additive Discounts > Set up Business Definitions will not be necessary,as the restriction will be applied through the 'Parent' menu option.

    Shortcuts Menu
    Shortcuts Menu'Deny' or 'Allow' access to Shortcut Menu options.
    Module Access
    Module Information*

    Selecting a specific module loads its security settings.

    Note

    Modules can be filtered by Application Area by using the List Filter.
     Application Area List filterImage Added

    Common Processes

    'Deny' or 'Allow' access to each module's Common Processes, which include:

    • Viewing (i.e. accessing the Data Entry page)
    • Creating New
    • Editing
    • Deleting
    Note

    If a process is defined as 'Denied' then the respective Actions Menu button is greyed out.

    Additional Processes

    'Deny' or 'Allow' access to each module's Additional Processes, which include Actions available in the Actions Menu of the 'Manage Module' page and Common Processes and Actions of all Configuration Modules of the specific Entity.

    Note

    If a process is defined as 'Denied' then the respective Actions Menu button is greyed out.

    Custom Processes'Deny' or 'Allow' access to each module's Custom Processes, which include any processes that are not inluded as standard with the software Release but have been explicitly implemented for an Organisation.
    Web API Methods'Deny' or 'Allow' access to WEB APIs available for each module.  
    Reports'Deny' or 'Allow' access to Reports available for each module.
    Printouts

    'Deny' or 'Allow' access to Printouts available for each module.

    Note

    Printouts are available.

    Interfaces'Deny' or 'Allow' access to Interfaces available for each module, such as Kettle, which are not inluded as standard with the software Release (like Custom Processes). Such Interfaces are available only if requested by an Organisation and can be found under Using Pentaho Exports or Using Pentaho Imports.
    Dashboards'Deny' or 'Allow' access to the Dashboards available for each module.
    Log Information
    Log DetailsThe standard set of Log Details information available in all entities.
    Panel
    namegrey

    Related Areas

    Filter by label (Content by label)
    showLabelsfalse
    spacesV4Manual
    showSpacefalse
    excerpttrue
    labelssecurity-management-basics-r7,security-management-advanced-r7,security-management-admin-r7

    Popular Labels

    heatmap
    Panel
    namegrey
    Popular Labels
    spaceKeyV4Manual
    style

    Helpful Links

    Filter by label (Content by label)
    showLabelsfalse
    spacesV4Manual
    showSpacefalse
    labelsglobal