Rol (Venster ID-111)
Venster: Rol
Beschrijving: Beheer Gebruikersverantwoordelijkheden
Help: Het Rol Scherm stelt je in staat om de verschillende rollen die gebruikers van dit systeem zullen hebben te definiëren. Rollen beheren toegang tot schermen, taken, rapporten, etc. Voor een Cliënt zijn een Administrator- en Gebruikersrol voorgedefinieerd. Je kan meer rollen toevoegen om toegang tot specifieke functionaliteit of data te beheren. Je kan users aan de rol toevoegen. Merk op dat toegansinformatie gecached wordt en opnieuw inloggen of het resetten van cache vereist.
TAB: Role
Beschrijving: Define responsibility roles
Help Define the role and add the client and organizations the role has access to. You can give users access to this role and modify the access of this role to windows, forms, processes and reports as well as tasks.
If the Role User Level is Manual, the assigned acces rights are not automatically updated (e.g. if a role has a restricted number of Windows/Processes it can access). You need to add organizational access unless the role has access to all organizations. The SuperUser and the user creating a new role are assigned to the role automatically.
If you select an Organization Tree, the user has access to the leaves of summary organizations.
Note: You cannot change the System Administrator role.
Bestand:Rol - Role - Venster (iDempiere 1.0.0).png
| Naam | Naam | Beschrijving | Help | Specificaties |
|---|---|---|---|---|
| Client | Client | Client/Tenant for this installation. | A Client is a company or a legal entity. You cannot share data between Clients. Tenant is a synonym for Client. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organization | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Name | Name | Alphanumeric identifier of the entity | The name of an entity (record) is used as an default search option in addition to the search key. The name is up to 60 characters in length. | Name character varying(60) NOT NULL String |
| Description | Beschrijving | Optional short description of the record | A description is limited to 255 characters. | Description character varying(255) String |
| Active | Actief | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| User Level | User Level | System Client Organization | The User Level field determines if users of this Role will have access to System level data, Organization level data, Client level data or Client and Organization level data. | UserLevel character(3) NOT NULL List |
| Manual | Handmatig | This is a manual process | The Manual check box indicates if the process will done manually. | IsManual character(1) NOT NULL Yes-No |
| Master Role | Master Role | A master role cannot be assigned to users, it is intended to define access to menu option and documents and inherit to other roles | null | IsMasterRole character(1) NOT NULL Yes-No |
| Currency | Munteenheid | The Currency for this record | Indicates the Currency to be used when processing or reporting on this record | C_Currency_ID numeric(10) Table Direct |
| Approval Amount | Approval Amount | The approval amount limit for this role | The Approval Amount field indicates the amount limit this Role has for approval of documents. | AmtApproval numeric Amount |
| Days Approval Accumulated | Days Approval Accumulated | The days approval indicates the days to take into account to verify the accumulated approval amount. | The Days Approval Accumulated field indicates the days to take into account to verify the accumulated approval amount. | DaysApprovalAccum numeric(10) Integer |
| Approval Amount Accumulated | Approval Amount Accumulated | The approval amount limit for this role accumulated on a period | The Approval Amount field indicates the amount limit this Role has for approval of documents within a period limit. | AmtApprovalAccum numeric Amount |
| Approve own Documents | Approve own Documents | Users with this role can approve their own documents | If a user cannot approve their own documents (orders, etc.), it needs to be approved by someone else. | IsCanApproveOwnDoc character(1) NOT NULL Yes-No |
| UserDiscount | UserDiscount | null | null | UserDiscount numeric(22,2) Number |
| Supervisor | Supervisor | Supervisor for this user/organization - used for escalation and approval | The Supervisor indicates who will be used for forwarding and escalating issues for this user - or for approvals. | Supervisor_ID numeric(10) Search |
| Menu Tree | Menu Tree | Tree of the menu | Menu access tree | AD_Tree_Menu_ID numeric(10) Table |
| Overwrite Price Limit | Overwrite Price Limit | Overwrite Price Limit if the Price List enforces the Price Limit | The Price List allows to enforce the Price Limit. If set, a user with this role can overwrite the price limit (i.e. enter any price). | OverwritePriceLimit character(1) NOT NULL Yes-No |
| Preference Level | Preference Level | Determines what preferences the user can set | Preferences allow you to define default values. If set to None, you cannot set any preference nor value preference. Only if set to Client, you can see the Record Info Change Log. | PreferenceType character(1) NOT NULL List |
| Maintain Change Log | Maintain Change Log | Maintain a log of changes | If selected, a log of all changes is maintained. | IsChangeLog character(1) NOT NULL Yes-No |
| Show Accounting | Show Accounting | Users with this role can see accounting information | This allows to prevent access to any accounting information. | IsShowAcct character(1) NOT NULL Yes-No |
| Access all Orgs | Access all Orgs | Access all Organizations (no org access control) of the client | When selected, the role has access to all organizations of the client automatically. This also increases performance where you have many organizations. | IsAccessAllOrgs character(1) NOT NULL Yes-No |
| Organization Tree | Organization Tree | Trees are used for (financial) reporting and security access (via role) | Trees are used for (finanial) reporting and security access (via role) | AD_Tree_Org_ID numeric(10) Table |
| Use User Org Access | Use User Org Access | Use Org Access defined by user instead of Role Org Access | You can define the access to Organization either by Role or by User. You would select this, if you have many organizations. | IsUseUserOrgAccess character(1) NOT NULL Yes-No |
| Can Report | Kan Rapporteren | Users with this role can create reports | You can restrict the ability to report on data. | IsCanReport character(1) NOT NULL Yes-No |
| Can Export | Kan Exporteren | Users with this role can export data | You can restrict the ability to export data from Adempiere. | IsCanExport character(1) NOT NULL Yes-No |
| Personal Lock | Personal Lock | Allow users with role to lock access to personal records | If enabled, the user with the role can prevent access of others to personal records. If a record is locked, only the user or people who can read personal locked records can see the record. | IsPersonalLock character(1) NOT NULL Yes-No |
| Personal Access | Personal Access | Allow access to all personal records | Users of this role have access to all records locked as personal. | IsPersonalAccess character(1) NOT NULL Yes-No |
| Confirm Query Records | Confirm Query Records | Require Confirmation if more records will be returned by the query (If not defined 500) | Enter the number of records the query will return without confirmation to avoid unnecessary system load. If 0, the system default of 500 is used. | ConfirmQueryRecords numeric(10) NOT NULL Integer |
| Max Query Records | Max Query Records | If defined, you cannot query more records as defined - the query criteria needs to be changed to query less records | Enter the number of records a user will be able to query to avoid unnecessary system load. If 0, no restrictions are imposed. | MaxQueryRecords numeric(10) NOT NULL Integer |
| Connection Profile | Connection Profile | How a Java Client connects to the server(s) | Depending on the connection profile, different protocols are used and tasks are performed on the server rather then the client. Usually the user can select different profiles, unless it is enforced by the User or Role definition. The User level profile overwrites the Role based profile. | ConnectionProfile character(1) List |
| Auto expand menu | Auto expand menu | If ticked, the menu is automatically expanded | null | IsMenuAutoExpand character(1) NOT NULL Yes-No |
| Allow Info Account | Allow Info Account | null | null | Allow_Info_Account character(1) NOT NULL Yes-No |
| Allow Info Asset | Allow Info Asset | null | null | Allow_Info_Asset character(1) NOT NULL Yes-No |
| Allow Info BPartner | Allow Info BPartner | null | null | Allow_Info_BPartner character(1) NOT NULL Yes-No |
| Allow Info CashJournal | Allow Info CashJournal | null | null | Allow_Info_CashJournal character(1) NOT NULL Yes-No |
| Allow Info InOut | Allow Info InOut | null | null | Allow_Info_InOut character(1) NOT NULL Yes-No |
| Allow Info Invoice | Allow Info Invoice | null | null | Allow_Info_Invoice character(1) NOT NULL Yes-No |
| Allow Info Order | Allow Info Order | null | null | Allow_Info_Order character(1) NOT NULL Yes-No |
| Allow Info Payment | Allow Info Payment | null | null | Allow_Info_Payment character(1) NOT NULL Yes-No |
| Allow Info Product | Allow Info Product | null | null | Allow_Info_Product character(1) NOT NULL Yes-No |
| Allow Info Resource | Allow Info Resource | null | null | Allow_Info_Resource character(1) NOT NULL Yes-No |
| Allow Info Schedule | Allow Info Schedule | null | null | Allow_Info_Schedule character(1) NOT NULL Yes-No |
| Allow Info CRP | Allow Info CRP | null | null | Allow_Info_CRP character(1) NOT NULL Yes-No |
| Allow Info MRP | Allow Info MRP | null | null | Allow_Info_MRP character(1) NOT NULL Yes-No |
TAB: Org Access
Beschrijving: Maintain Role Org Access
Help Add the client and organizations the user has access to. Entries here are ignored, if User Org Access is selected or the role has access to all roles.
Note that access information is cached and requires re-login or reset of cache.
Bestand:Rol - Org Access - Venster (iDempiere 1.0.0).png
| Naam | Naam | Beschrijving | Help | Specificaties |
|---|---|---|---|---|
| Client | Client | Client/Tenant for this installation. | A Client is a company or a legal entity. You cannot share data between Clients. Tenant is a synonym for Client. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organization | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Role | Responsibility Role | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Active | Actief | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Only | Read Only | Field is read only | The Read Only indicates that this field may only be Read. It may not be updated. | IsReadOnly character(1) NOT NULL Yes-No |
TAB: User Assignment
Beschrijving: Users with this Role
Help The User Assignment Tab displays Users who have been defined for this Role.
Bestand:Rol - User Assignment - Venster (iDempiere 1.0.0).png
| Naam | Naam | Beschrijving | Help | Specificaties |
|---|---|---|---|---|
| Client | Client | Client/Tenant for this installation. | A Client is a company or a legal entity. You cannot share data between Clients. Tenant is a synonym for Client. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organization | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Role | Responsibility Role | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Search |
| User/Contact | User/Contact | User within the system - Internal or Business Partner Contact | The User identifies a unique user in the system. This could be an internal user or a business partner contact | AD_User_ID numeric(10) NOT NULL Search |
| Active | Actief | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
TAB: Window Access
Beschrijving: Window Access
Help The Window Access Tab defines the Windows and type of access that this Role is granted.
Bestand:Rol - Window Access - Venster (iDempiere 1.0.0).png
| Naam | Naam | Beschrijving | Help | Specificaties |
|---|---|---|---|---|
| Client | Client | Client/Tenant for this installation. | A Client is a company or a legal entity. You cannot share data between Clients. Tenant is a synonym for Client. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organization | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Role | Responsibility Role | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Window | Scherm | Data entry or display window | The Window field identifies a unique Window in the system. | AD_Window_ID numeric(10) NOT NULL Table Direct |
| Active | Actief | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | Save In Historic | Field is read / write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: Process Access
Beschrijving: Process Access
Help The Process Access Tab defines the Processes and type of access that this Role is granted.
Bestand:Rol - Process Access - Venster (iDempiere 1.0.0).png
| Naam | Naam | Beschrijving | Help | Specificaties |
|---|---|---|---|---|
| Client | Client | Client/Tenant for this installation. | A Client is a company or a legal entity. You cannot share data between Clients. Tenant is a synonym for Client. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organization | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Role | Responsibility Role | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Process | Proces | Process or Report | The Process field identifies a unique Process or Report in the system. | AD_Process_ID numeric(10) NOT NULL Table Direct |
| Active | Actief | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | Save In Historic | Field is read / write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: Form Access
Beschrijving: Form Access
Help The Form Access Tab defines the Forms and type of access that this Role is granted.
Bestand:Rol - Form Access - Venster (iDempiere 1.0.0).png
| Naam | Naam | Beschrijving | Help | Specificaties |
|---|---|---|---|---|
| Client | Client | Client/Tenant for this installation. | A Client is a company or a legal entity. You cannot share data between Clients. Tenant is a synonym for Client. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organization | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Role | Responsibility Role | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Special Form | Special Form | Special Form | The Special Form field identifies a unique Special Form in the system. | AD_Form_ID numeric(10) NOT NULL Table Direct |
| Active | Actief | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | Save In Historic | Field is read / write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: Workflow Access
Beschrijving: Workflow Access
Help The Workflow Access Tab defines the Workflows and type of access that this Role is granted.
Bestand:Rol - Workflow Access - Venster (iDempiere 1.0.0).png
| Naam | Naam | Beschrijving | Help | Specificaties |
|---|---|---|---|---|
| Client | Client | Client/Tenant for this installation. | A Client is a company or a legal entity. You cannot share data between Clients. Tenant is a synonym for Client. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organization | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Role | Responsibility Role | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Workflow | Workflow | Workflow or combination of tasks | The Workflow field identifies a unique Workflow in the system. | AD_Workflow_ID numeric(10) NOT NULL Table Direct |
| Active | Actief | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | Save In Historic | Field is read / write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: Task Access
Beschrijving: Task Access
Help The Task Access Tab defines the Task and type of access that this Role is granted.
Bestand:Rol - Task Access - Venster (iDempiere 1.0.0).png
| Naam | Naam | Beschrijving | Help | Specificaties |
|---|---|---|---|---|
| Client | Client | Client/Tenant for this installation. | A Client is a company or a legal entity. You cannot share data between Clients. Tenant is a synonym for Client. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organization | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Role | Responsibility Role | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| OS Task | OS Task | Operation System Task | The Task field identifies a Operation System Task in the system. | AD_Task_ID numeric(10) NOT NULL Table Direct |
| Active | Actief | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | Save In Historic | Field is read / write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: Document Action Access
Beschrijving: Define access to document type / document action / role combinations.
Help Define access to document type / document action / role combinations.
Bestand:Rol - Document Action Access - Venster (iDempiere 1.0.0).png
| Naam | Naam | Beschrijving | Help | Specificaties |
|---|---|---|---|---|
| Client | Client | Client/Tenant for this installation. | A Client is a company or a legal entity. You cannot share data between Clients. Tenant is a synonym for Client. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organization | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Role | Responsibility Role | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Document Type | Document Type | Document type or rules | The Document Type determines document sequence and processing rules | C_DocType_ID numeric(10) NOT NULL Table Direct |
| Reference List | Reference List | Reference List based on Table | The Reference List field indicates a list of reference values from a database tables. Reference lists populate drop down list boxes in data entry screens | AD_Ref_List_ID numeric(10) NOT NULL Table Direct |
| Active | Actief | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
TAB: Included roles
Beschrijving: null
Help null
Bestand:Rol - Included roles - Venster (iDempiere 1.0.0).png
| Naam | Naam | Beschrijving | Help | Specificaties |
|---|---|---|---|---|
| Sequence | Sequence | Method of ordering records; lowest number comes first | The Sequence indicates the order of records | SeqNo numeric(10) NOT NULL Integer |
| Active | Actief | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Role | Role | Responsibility Role | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Search |
| Included Role | Included Role | null | null | Included_Role_ID numeric(10) NOT NULL Table |
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}