Managing Security Profiles

Back to Security Management Main Page 

Table of Contents

Navigating to Security Profiles

FOUNDATION > SECURITY MANAGEMENT > MANAGE SECURITY PROFILES

Using Security Profiles

Security Profiles provide information related to the access of Modules and features by users. For example, they determine whether a Menu Option is available on the Left Menu and if the 'New' button is available for Subscriptions in the Data Entry page.
Security Profiles are then assigned to Users and determine the respective Modules and features each User will have access to when logging into the System. 

  • Navigate to Security Profiles and explore existing entries via the Summary page
  • Click on the link (Name or Number) of the entry of your interest to enter the Data Entry page and see more detail. 
  • Use the Actions Menu to create a NEW Security Profilemodify (EDIT) or DELETE an existing one. 
  • Use BACK to return to the Summary page and CANCEL to revert any unwanted changes made to the Security Profile. 
  • Click on View Active Users to view the Users that are using the specific Security Profiles. 

View the Attributes Table below for a comprehensive description of the Security Profiles fields. Check the Validations Table for a list of available Actions and their related validations when working with Security Profiles.

SECURITY PROFILE

Validations

ActionValidations
Create
  • Mandatory Fields must be defined.
  • Name and Alternative Code must be unique.
Edit
  • Mandatory Fields must be defined.
  • Name and Alternative Code must be unique.
Delete
  • A Security Profile cannot be deleted if there is one or more 'Active' User assigned to that Profile.

 

Attributes

An * indicates a field is mandatory.

Name

Description

Main Information
Name*The Security Profile name.
Number of Active UsersA Read-only value that provides the number of 'Active' users that use the specific Security Profile.
Alternative Code*The alternative code of the Security Profile.
DescriptionA description of the Security Profile.
Inherited Security Profiles
Inherited Security Profiles

Lists all Security Profiles which are inherited by the specific Security Profile.

The configuration of Inherited Security Profiles overrides that of newly created Security Profiles. For example, if a Security Profile for Team Leaders does not allow access to module configuration, then the Security Profile for Team Members (inherited from the Team Leaders' Security Profile) will also not allow access to module configuration, even if access was allowed in the definition of the Team Members' Profile.

Inherited Security Profiles are useful when creating new Security Profiles with additional Restrictions to those of an existing Profile.

Menu Access
Main Menu
Available Menu Options

'Deny' or 'Allow' access to Main Menu options.

If access to a 'Parent' menu option is denied, then the 'Children' menu options will not be available. For example, if Access to Billing > Additive Discounts is denied, denying Access to Billing > Additive Discounts > Manage Ad Hoc Discounts and Billing > Additive Discounts > Set up Business Definitions will not be necessary, as the restriction will be applied through the 'Parent' menu option.

Shortcuts Menu
Shortcuts Menu'Deny' or 'Allow' access to Shortcut Menu options.
Module Access
Module Information*

Selecting a specific module loads its security settings.

Modules can be filtered by Application Area by using the List Filter.
 Application Area List filter

Common Processes

'Deny' or 'Allow' access to each module's Common Processes, which include:

  • Viewing (i.e. accessing the Data Entry page)
  • Creating New
  • Editing
  • Deleting

If a process is defined as 'Denied' then the respective Actions Menu button is greyed out.

Additional Processes

'Deny' or 'Allow' access to each module's Additional Processes, which include Actions available in the Actions Menu of the 'Manage Module' page and Common Processes and Actions of all Configuration Modules of the specific Entity.

If a process is defined as 'Denied' then the respective Actions Menu button is greyed out.

Custom Processes'Deny' or 'Allow' access to each module's Custom Processes, which include any processes that are not inluded as standard with the software Release but have been explicitly implemented for an Organisation.
Web API Methods'Deny' or 'Allow' access to WEB APIs available for each module.  
Reports'Deny' or 'Allow' access to Reports available for each module.
Printouts

'Deny' or 'Allow' access to Printouts available for each module.

Printouts are available.

Interfaces'Deny' or 'Allow' access to Interfaces available for each module, such as Kettle, which are not inluded as standard with the software Release (like Custom Processes). Such Interfaces are available only if requested by an Organisation and can be found under Using Pentaho Exports or Using Pentaho Imports.
Dashboards'Deny' or 'Allow' access to the Dashboards available for each module.
Log Information
Log DetailsThe standard set of Log Details information available in all entities.