Using access codes 

Introduction

You use access codes to restrict access to 'data' in your system. 

Access codes can be entered in specific functions, at either the development level or in the management of basic elements of the software.

 Access codesUse of access codes for generic functionality or functionality attributed to the Supervisor functions.

Access to a function is controlled through the user’s profile. Their profile is defined on the General tab of their user record and controlled through the menu defined for their profile code (Menu profile (GESAPN)) and the permissions (read, write, execute) defined for their profile code (Function profile (GESAFT)). You can therefore specify the functions that each person can use, and the functions from which the person is excluded. By default, all users with administrator rights have access to the whole of your system. Users without administrator rights have access to standard modules and functions, and can have access to specific modules and functions. Access to selected functions, screens and fields is controlled through the user’s access codes. These are specified on the Access tab of their user record.

Standard object management of an access code is as follows:

  • When a file contains an access code, object management filters the rights to display and to modify each record using the read and write permissions assigned to the access code for the user.

For records to which an access code is defined, simple access rights are therefore provided automatically by the object management.

Object management also facilitates the addition of specific filters. Simply adding an access code field to a screen for an object in the table associated with that object, then declaring the field in the Access code field of the Objects function is sufficient to apply the filter.

Selected object codes with read and write filters by access code are provided as standard.

 Access codes

Selected access codes are also tested for execution rights when an access code for an object is present.

 Execution rights

Access codes

The object codes in the following table are provided with read and write filters by access code as standard:

Object code

Function

BAN

Bank accounts

BOD, BOS

Nomenclature (BOM)

BUP

Budget setup

CAI

Cash accounts

CCE

Analytical dimensions

CDA

Payment attributes

COA

Chart of accounts

CYM

Analytical dimension pyramids

DAD

Dimension allocations

DIE

Dimension types

DSP

Analytical allocations

GAC

General ledger accounting codes

GDA

Account structure

GDE

Journal entry transactions

GTE

Document types

GYM

Account pyramids

JOU

Financial journals

MCL, MDL, MFL, MGL, MIL, MML, MOL, MPL, MRE, MRL, MTL, MWL

Production transactions

PBY

Assembly/Disassembly

PRE, PRT

Shipment preparation

PTA, PTC, PTD, PTE, PTF, PTN, PTR, PTT

Purchasing transactions

SLA, SLC, SLD, SLI, SLL, SLO, SLQ, SLR, SLS, SLT

Sales transactions

SCT, SNP, SOT, SPK, SQT, SRG, SRO, SRT

Stock transactions

SNE

Price list modification definitions

TBO

BOM alternatives

TES

Expense codes

TPY

Payment types

TXS, TXW

Financial data extraction

Execution rights

Execution rights are managed for specific objects, as follows:

  • An access code present in the transactions that can be parameterized (purchasing, accounting, production management, BPs, sales) prohibit the use of these transactions, if execution rights are not defined for the user's access codes.
  • Access codes on system transactions prohibit their execution, if execution rights are not given to the user.
  • Access codes on inquiry screens prohibit the use of the screens, if execution rights are not given to the user.
  • If an access code is present for the accounts, dimensions, dimension types, distribution key, journals or document types, execution rights must be given in this access code to be able to go to the account movement postings, the dimensions, the dimension types, the journals or the document types respectively, or to use the corresponding distribution key.
  • If an access code is present on budgets or analytical pyramids, execution rights must be given in this access code to be able to enter or modify the budgets with this code or a code based on the corresponding analytical pyramid.
  • If an access code is present in the analytical dimensions, execution rights must be given to this access code to be able to use the analytical dimensions.
  • If an access code is present in the bank accounts, cash accounts or payment attributes, execution rights must be given to this access code to be able to enter the payment movements for the bank accounts, cash accounts or to use the payment types.
  • If an access code is present in the route or BOM alternative, execution rights must be given for this access code to be able to use the routes and BOMs with the corresponding alternative.
  • If an access code is present in the financial data extraction setup, execution rights must be given for this access code to be able to calculate the specific financial data extraction.
  • If an access code is present in the price list modification definitions, execution rights must be given for this access code to be able to calculate the specific price list modifications.

 Account postings (GAS) are slightly different. An access code is not entered in the posting entry screens. An access code is assigned automatically from the access code present in the associated journal. This ensures a filter is applied automatically to the journal posting.