This page (revision-26) was last changed on 26-Nov-2021 10:22 by RForbes

This page was created on 26-Nov-2021 10:22 by Administrator

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note
26 26-Nov-2021 10:22 8 KB RForbes to previous
25 26-Nov-2021 10:22 7 KB RForbes to previous | to last
24 26-Nov-2021 10:22 7 KB JEscott to previous | to last
23 26-Nov-2021 10:22 7 KB JEscott to previous | to last
22 26-Nov-2021 10:22 8 KB JMyers to previous | to last
21 26-Nov-2021 10:22 8 KB JEscott to previous | to last

Page References

Incoming links Outgoing links
IMRO
IMRO

Version management

Difference between version and

At line 4 added 3 lines
Roles are identities created and assigned to a user profile to allow employees to access the system in different
capacities, such as employees, managers or system administrators.
At line 21 changed one line
!Execution Role
!Execution Rights Role
At line 27 added 6 lines
A starter execution rights role called P2K_MASTER is provided, and must be assigned to the P2K user. With every load of the full seed data the rights assigned to this role are re-built so as to include the latest functions and the correct rights as per the function. This role must ALWAYS be assigned to the P2K user but should only be given to other users while the system is first being setup. You should be creating your own Execution Rights roles and grant them to your users with the specific functions they need.
Each function supplied comes with the maximum Execution Rights it is designed to use defined on it. The Execution Rights to be granted to a User/Role are limited to this.
Each form definition on [IMFD] has a section called Form Table Usages which has the maximum Execution Rights defined for each table used in the Form these should not be changed.
At line 25 changed 3 lines
Basically, there are two database roles that are supplied by HLC:
;P2k_user:everyone has this
;P2k_database:for only those who have database administrator capability
Basically, there are two database roles that are supplied:
;[P2K_USER]:everyone has this
;[P2K_DBA]:for only those who have administrator capability
At line 47 added one line
The definition data for the Define Roles screen is stored in the [P2K_AM_ROLES], [P2K_AM_PREFERENCE_VALUES],[P2K_AM_USER_ROLES],[P2K_AM_EXECUTION_RIGHTS], and [P2K_AM_SECURITY_VALUES] tables.
At line 39 removed 2 lines
The definition data for the Define Roles screen is stored in the [P2K_AM_ROLES], [P2K_AM_PREFERENCE_VALUES],[P2K_AM_USER_ROLES],[P2K_AM_EXECUTION_RIGHTS], and [P2K_AM_SECURITY_VALUES] table.
At line 44 changed 3 lines
;[Password|ROLE_PASSWORD]: This is the password the system will use to access external applications, such as, SQL*Plus or Discoverer. Although this is an optional field, it is required if this role has been marked as a Default Role.
This password has nothing to do with the Personal Identification Number (PIN) that employees will use to access the application.
;[Changed On|PASSWORD_CHANGED_ON]:This field will display the date the password was last changed.
;[Password|ROLE_PASSWORD]: This is the password the system will use to access external applications, such as, SQL*Plus or Discoverer. Although this is an optional field, it is required if this role has been marked as a Default Role.\\ \\This password has nothing to do with the Personal Identification Number (PIN) that employees will use to access the application.
;[Changed On|PASSWORD_CHANGED_DATE]:This field will display the date the password was last changed.
At line 48 changed one line
;[Default Role|DEFAULT_ROLE]: If you select Yes in this field, the current role will become your default role. Default roles are used in programs OUTSIDE of the eP world, for example, Oracle, Discoverer and SQLPlus.
;[Default Role|DEFAULT_ROLE]: If you select Yes in this field, the current role will become your default role. Default roles are used in programs OUTSIDE of the Personality world, for example, Oracle, Discoverer and SQLPlus.
At line 55 changed one line
Preferences for roles depend on the type of role. Most are set only for a business roles, not database roles, etc. For example on the Employee role, www_employee, you can set the preferences for the web splash, change the colour for the web theme, or allow query.
Preferences for roles depend on the type of role. Most are set only for a business roles, not database roles, etc. For example on the Employee role, www_employee, you can set the preferences for the web splash, change the color for the web theme, or allow query.
At line 57 changed 3 lines
;[Preference|PREFERENCE_VALUE]:If the role has any preferences associated with it, you may define those preferences in this field. A list of preferences is maintained in the pop-up menu for you to select from at this time, however, there are only two preferences that are applicable to the roles in Self Service:
|Open in Safe Mode |This preference will require any users operating in this role to click the `EDIT' button before making any modifications to data within the Self Service. \\The Open In Safe Mode preference is exclusive to roles (and specifically Web Module Roles) and may not be attached to other items such as functions or users.
|Web Menu |This preference allows you to attach a specific web menu (created in [(IMMU)]) to the role. This means that when a user logs into Self Service in this role capacity, they will be presented with the menu defined here. \\You may select only one web menu for each role. The Web Menu preference is exclusive to roles and may not be attached to other items such as functions or users.
;[Preference|PREFERENCE_VALUE]:If the role has any preferences associated with it, you may define those preferences in this field. A list of preferences is maintained in the pop-up menu for you to select from at this time, however, there are only a few that are applicable to the roles in Self Service.
At line 72 changed 2 lines
;[Seq|ROLE_SEQUENCE]:
;[User|USER_NAME]:This field is used to identify the users to whom the current role is assigned. (Mandatory)
;[Seq|ROLE_SEQUENCE]: If the user profile has been assigned more than one role, this field identifies the order in which the roles will be presented when the user logs in.
;[User|USER_NAME]:This field is used to identify the users to whom the current role is assigned.
At line 80 changed 4 lines
This tab is used only for the execution rights role. For Execution rights roles, the Execution Rights tab defines the functions that this role will be able to access and whether they will be able to Create, Retrieve, Update or Delete within that function.
Function Name
Description
Create
This tab is used only for the execution rights role. For Execution Rights roles, the Execution Rights tab defines the functions that this role will be able to access and whether they will be able to Create, Retrieve, Update or Delete within that function.
At line 87 added one line
;[Function|FUNCTION_NAME]: This field displays the function the role has execution rights to.
At line 86 changed 3 lines
----
[{Image src='IMRO_DataSecurity.JPG' width='360' align='right' link='attach/IMRO/IMRO_DataSecurity.JPG'}]
!!Data Security
;[Description|DESCRIPTION]: This field displays a description of the function the execution right is for.
At line 90 changed 3 lines
Data Security refers to the information within the field and is set up on the IMSV screen to say what data someone can or cannot see.
For example if only US lexicon values should be displayed for the Ethnic field on IEPI we can use Data Security to secure off this information so it's not visible to the user
[CLEANUP]
;[Create|CREATE_ALLOWED]/[Retrieve|RETRIEVE_ALLOWED]/[Update|UPDATE_ALLOWED]/[Delete Allowed|DELETE_ALLOWED]:These toggles identify the exact execution rights the role has to the function.
At line 93 added 2 lines
----
!!Data Security tab
At line 96 added one line
Data Security refers to the information within the field and is set up on the ([IMSV]) screen to say what data someone can or cannot see.
At line 98 added one line
For example if only US lexicon values should be displayed for the Ethnic field on ([IEPI]) we can use Data Security to secure off this information so it's not visible to the user.
At line 100 added 4 lines
;[Security Right|SECURITY_RIGHT_CODE]:This field will store the security right code associated to the role.
;[Rule|SECURITY_VALUE_RULE]:The security rule which is to apply to the role is defined here, for example, 'Restricted To'.
;[Look Up Value|DRV_SECURITY_VALUE_LK]:The LOV value that the role is secured to/from (depending on the rule chosen) will display here.
;[Stored Value|SECURITY_VALUE]:The stored value of the LOV value that the role is is secured to/from (depending on the rule chosen) will default in here.
At line 98 removed 2 lines
‘Define Roles’ Usage and Examples
At line 102 changed 8 lines
Define Roles (IMRO) - Users
Define Roles (IMRO) - Users
This section allows you to grant execution rights to all users assigned this role.
Function
This field indicates the function you wish to provide execution rights for.
Create / Retrieve / Update / Delete Allowed These toggles allow you to indicate the specific execution rights you wish grant to the user or role.
----
![Notes|Edit:Internal.IMRO]
[{InsertPage page='Internal.IMRO' default='Click to create a new notes page'}]
This page (revision-26) was last changed on 26-Nov-2021 10:22 by RForbesTop