Procedures

Popular Searches:25.01, Permissions List, Release Notes

Manage Permissions

There are several kinds of Permissions in Q360 that allow you to control User access to locations and resources in the system.

User ID Permissions

These are the individual permissions that are either automatically added when assigning Group permissions for a User, or they may be individually assigned as needed

  • UserID permissions are administered in the Maintenance > User Maintenance > Permissions/Groups tab > User Permissions grid. For a complete list of User and Group permissions and descriptions, see the reference topic User Permissions
  • For detailed instruction regarding set up of individual and group User permissions, see the knowledge base article Assign User Permissions
  • In the User Permissions grid, permission types (View, Create, Edit, Delete, Exec) are colorized (colourized) based on the following:
      • Green – Permission is already granted because the User has a group permission with that access
      • Blue – Permission is automatically granted to ADMIN type users

     

  • Exceptions to the rule: Some permissions must be EXPLICITLY assigned on a User-by-User basis, i.e. cannot be granted via a ‘GROUP’ nor inherited as part of ADMIN User type.  Examples:
    • INVOICECHG
    • VOUCHERCHG
    • TIMEBILLDB
    • WORKFLOWSQL
    • LIVEDATASQL
    • HRADMIN

Group Permissions

Because there are an extensive number of User permissions in the system, Group permission combine sets of permissions based on Users roles within an organization. Group permissions are essential for assigning and updating access for groups of Users consistently and accurately.

Group Permissions are administered in the Maintenance Main Menu > User Maintenance > Permissions tab

Live Data Report Permissions

To allow Users and Groups access to the various Live Data reports in the system, permission must be assigned within the reports themselves. There are multiple ways in which access can be granted.

Live Data permissions are administered in the Live Data Main Menu > Live Data Reports > Permissions tab

  • In Permissions tab > Users grid you can assign access to a report to a User by Name, or to a Group
  • In Permissions tab > Permissions grid, you can assign access to Users that have access to a specific Permission and Type. For example, an Accounts Receivable report can be designated to Users who have the permission INVOICE create, edit, and delete permissions, but exclude Users who only have access to the INVOICE view permission

In order for Users to view the Live Data Reports > Design SQL option that displays data sources, access to those data sources must be configured in the Maintenance Main Menu > User Maintenance > Permissions tab > LDR Datasources sub tab

Dashboard Permissions

To allow Users and Groups access to the various Dashboards in the system, permission must be assigned.

Dashboard permissions are administered per individual Dashboard.  Open the Dashboard you want to edit and add the Users or Groups in the Permissions tab.  Note: Without any Dashboards assigned, Users will not see the Dashboard Main Menu display.

External User Permissions

For Users that are external to your Company such as Customers, you can grant limited access to various areas from the web client only.

External User accounts and permissions are administered in the Maintenance > External Users.

For more information about External User Permissions, see Setting Up External Users.

Workflow Permissions

To allow Users and Groups access to the various Workflows in the system, permission must be assigned within the Workflow themselves.

Workflow Permissions are administered in the Workflows Main Menu > Workflow Definitions > Permissions tab.  From here, you can assign access to a report to a User (by User ID), or to a Group.

Field Permission Level

Access to fields within a form can be administered at both the Group and individual User level. 0 is the lowest level of access and 9 is the highest, and by default most fields are set to 0. A use case example would be a scenario where all Users within the HR group can be granted access to the Employee form but some Users might not be allowed access to Salary Amount field.

The following locations are used to administer Field Permissions levels:

  • File Main Menu > Database Maintenance > Data Dictionary. Form Field Permissions levels (0-9) are defined in the View and Edit columns
  • Maintenance Main Menu > User Maintenance > Field Perm Level field. The permission level can be set for both User Type USER or GROUP

In the above example, the administrator might set the Data Dictionary, Employee form View and Edit columns for SALARYAMOUNT to 9. The User Group “HR” could be set up to provide a default Permission Level to the Salary Amount field with 0. Then for each User ID requiring view and / or edit access to the Salary Amount field, a User ID permission for HREMPLOYEE would be set with the Field Permission level 9. Users prohibited from viewing and editing the field would be automatically granted a Field Permission level of 0

Was this helpful?

 

Didn't find your answer? Contact Us

Previously
Assign User Permissions
Up Next
Create Permission Groups
Popular Searches:25.01, Permissions List, Release Notes