Setup > Users > Functional authorization 

Use this function to attach to a predefined function profile code, a group of functions authorized with additional privileges, if required.

    Prerequisites

    SEEREFERTTO Refer to documentation Implementation

    Screen management

    Entry screen

    Presentation

    To define functional authorizations, enter the profile codes-function codes combinations in this screen.

    Use the table in this screen in the event special authorizations have to be defined for the function. It can either be:

    • either restrictions by site (in this case each line defines authorizations for one or several sites).
    • or additional options (one or several lines can thus be entered depending on whether the authorizations are defined by site).

    A consistency check is applied to the sites and site groups listed in the authorization table. Thus, if two sites belong to different groups to which you have granted distinct authorizations, an error message is displayed and you cannot resume the entry.

    For a quick entry in complex situations, use the actions of the Action panel to:

    • add a global set of functions,
    • merge profiles.

    When saving, the table storing the definition of authorizations is updated but the table of cross-referenced authorizations is not. This update is performed when exiting the function if you answer Yesto the question Update of the AFCTFCYtable.

    Close

     

    Fields

    The following fields are present on this tab :

    Profile

    This code identifies the current record in a unique way.

    Function

    This code identifies a function of the software.

    • Module (field MODULE)

    Module to which the current function is attached.

    Grid List of values

    • Type (field FCYGRUCOD)

    Define if the authorizations are entered for the data linked to a site or a group of sites.

    • Grouping by site (field FCYGRU)

    Access rights may be defined either for just one site or for a grouping of sites. You will enter either a group code or a site code, depending upon the type selected.

    • Access (field ACS)

    Access will be allowed or prohibited for the site(s) of this function, given the profile code.

    • Options (field OPT)

    If this box is checked, all options will be available for this Profile code. If it is not checked, specific options will be available according to the selection criteria.

    Close

     

    Note

    The Function profiles table only manages the profile code. The detail of authorizations by group or site is managed in the Function authorizationstable. For the management of authorizations, the most important table is the Site function profiletable, which is updated automatically in this function. If necessary, you can also use the grouping, company or site management.

    In fact, this table manages in detail the authorizations for each site/profile/function cross reference. Taking into account the number of important functions in the software (several hundred), a folder with many sites may have a AFCTFCY table including a very great number of lines (it has however records of small size).
    This table is used to obtain good performances during the authorizations management, in particular in the reports. Its update is made on exiting the authorization update functions. Taking into account the large amount of information to be updated, this function can have a long execution time. It is also possible to launch this operation directly on using the associated utility (Validation of the functions).

    Specific Buttons

    The following fields are included on the window opened through this button :

    • Type of deletion (field DELTYP)

     

    • field MODULE

    Checked function: Deletion of the rights of access only for this function with this code profile.

    Profile function checked: Deletion of all the rights of access for this code profile.

    Close

    Click this action to delete the authorization data linked to the profile.

    The following fields are included on the window opened through this button :

    Profile

    This code identifies the current record in a unique way.

    • field ZPRFCOD

     

    Block number 2

    • Type (field FCYGRUCOD1)

    Access rights may be defined either for just one site or for a grouping of sites. You will enter either a group code or a site code, depending upon the type selected.

    • Grouping by site (field FCYGRU1)

     

    Block number 3

    • Access (field ACS1)

    Access will be allowed or prohibited for the site(s) of this function, given the profile code.

    • Options (field OPT1)

    If this box is checked, the different options associated with each of the functions present in the grid are authorized for the user whose access rights are being parameterized.

    • Forced cancel and replace (field ANN1)

     

    Grid

    • Module (field MODULE1)

    Module to which the current function is attached.

    • Menu (field MENU1)

    When a function is created, it is indispensable to reference it in a menu, in order that this function can be called. The menus are parameterized by user, but a reference user exists, called ADMIN, but whose name is modifiable using the parameter ADMUSR.. These menus contain all the functions and can serve as a template during the creation of the menus. Therefore a reference menu for where the function is found is defined here.

    The top menu in the standard menu tree structure is called GENE ; all functions must be referenced, whether in this menu GENE, or in another menu itself accessible via the menu GENE. The following constrains exist :

      it is not possible to have more than 30 choices in a menu.

      it is not possible to exceed 4 levels of sub-menus.

    The menu title is the text (translatable) that will actually appear in the user menu to describe the function.

    This code identifies a function of the software.

    • Description (field LIBFNC1)

    Title associated with the previous code.

    Close

    Click this action to open the screen for mass loading functions and to define the rights of use for a site or site group (including all options of the listed functions globally, or none of the options).

    To load the relevant functions in the table, you have two options:

    • select them by picking in the tree view of the selection panel. This list displays the functions as they are classified in the standard menus of the ADMIN user,
    • or click Modulein the Action panel to mass select all functions related to a particular module.
    Then click Saveto generate the related authorizations.
    Recall and function-profile modification

    Click Recallto load the relevant functions in the table. The picking list in the selection panel also displays all authorizations and access rights as selected for the given function-profile.

    Function addition :
    You can add functions by selecting them as described above.

    Function deletion :

    When you recall and display the functions related to the profile code, you cannot cancel their selection from this screen. Cancelling the selection of elements in the list or deleting elements from the table also removes them from the list of functions to be added to the profile. However, if these functions were already assigned to the profile, they will not be deleted from this profile.

    To delete the association function/profile code:

    • Go back to the main entry screen,
    • Select each relevant function one by one,
    • Click Delete.

    The following fields are included on the window opened through this button :

    Block number 1

    • field OBJET

     

    • field CLES

     

    Block number 2

    • From folder (field DOSORG)

    Use this field to define the folder from which the record will be copied. The possible syntaxes are described in the Dedicated appendix.

    • All folders (field TOUDOS)

    Use this option to copy the record to all the folders defined in the dictionary (ADOSSIER table of the current solution).

    • To folder (field DOSDES)

    Use this field to define the folder to which the record will be copied. The possible syntaxes are described in the Dedicated appendix.

    Close

    Click this action to copy the functional authorization as a whole, which is linked to a function profile code from or to another folder.

    The following fields are included on the window opened through this button :

    Indicate the name of a profile code under which the merge will be carried out.

    If access rights for this profile code do not exist, a copy will be carried out if not the merge will be more advantageous.

    Close

    Click this action to add the access rights of a profile to the current user.

    Error messages

    In addition to the generic error messages, the following messages can appear during the entry :

    XXX and YYY: incompatible sites

    You have attempted to create different authorizations for the two groups of sites having sites in common.

    Tables used

    SEEREFERTTO Refer to documentation Implementation