Role (pencere ID-111)
pencere: Role
tanım: Maintain User Responsibilities
Yardım: The Role Window allows you to define the different roles that users of this system will have. Roles control access to windows, tasks, reports, etc. For a client an Administrator and User role are predefined. You may add additional roles to control access for specific functionality or data. You can add users to the role. Note that access information is cached and requires re-login or reset of cache.
TAB: Role
tanım: Define responsibility roles
Yardım Define the role and add the client and organizations the role has access to. You can give users access to this role and modify the access of this role to windows, forms, processes and reports as well as tasks.
If the Role User Level is Manual, the assigned acces rights are not automatically updated (e.g. if a role has a restricted number of Windows/Processes it can access). You need to add organizational access unless the role has access to all organizations. The SuperUser and the user creating a new role are assigned to the role automatically.
If you select an Organization Tree, the user has access to the leaves of summary organizations.
Note: You cannot change the System Administrator role.
Dosya:Role - Role - pencere (iDempiere 1.0.0).png
| isim | isim | tanım | Yardım | Özellikler |
|---|---|---|---|---|
| Client | İstemci | Client/Tenant for this installation. | İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organizasyon | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Name | İsim | Alphanumeric identifier of the entity | The name of an entity (record) is used as an default search option in addition to the search key. The name is up to 60 characters in length. | Name character varying(60) NOT NULL String |
| Description | Description | Optional short description of the record | A description is limited to 255 characters. | Description character varying(255) String |
| Active | Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| User Level | User Level | System Client Organization | The User Level field determines if users of this Role will have access to System level data, Organization level data, Client level data or Client and Organization level data. | UserLevel character(3) NOT NULL List |
| Manual | Manual | This is a manual process | The Manual check box indicates if the process will done manually. | IsManual character(1) NOT NULL Yes-No |
| Master Role | Master Role | A master role cannot be assigned to users, it is intended to define access to menu option and documents and inherit to other roles | null | IsMasterRole character(1) NOT NULL Yes-No |
| Currency | Para birimi | The Currency for this record | Indicates the Currency to be used when processing or reporting on this record | C_Currency_ID numeric(10) Table Direct |
| Approval Amount | Approval Amount | The approval amount limit for this role | The Approval Amount field indicates the amount limit this Role has for approval of documents. | AmtApproval numeric Amount |
| Days Approval Accumulated | Days Approval Accumulated | The days approval indicates the days to take into account to verify the accumulated approval amount. | The Days Approval Accumulated field indicates the days to take into account to verify the accumulated approval amount. | DaysApprovalAccum numeric(10) Integer |
| Approval Amount Accumulated | Approval Amount Accumulated | The approval amount limit for this role accumulated on a period | The Approval Amount field indicates the amount limit this Role has for approval of documents within a period limit. | AmtApprovalAccum numeric Amount |
| Approve own Documents | Approve own Documents | Users with this role can approve their own documents | If a user cannot approve their own documents (orders, etc.), it needs to be approved by someone else. | IsCanApproveOwnDoc character(1) NOT NULL Yes-No |
| UserDiscount | UserDiscount | null | null | UserDiscount numeric(22,2) Number |
| Supervisor | Supervisor | Supervisor for this user/organization - used for escalation and approval | The Supervisor indicates who will be used for forwarding and escalating issues for this user - or for approvals. | Supervisor_ID numeric(10) Search |
| Menu Tree | Menu Tree | Tree of the menu | Menu access tree | AD_Tree_Menu_ID numeric(10) Table |
| Overwrite Price Limit | Overwrite Price Limit | Overwrite Price Limit if the Price List enforces the Price Limit | The Price List allows to enforce the Price Limit. If set, a user with this role can overwrite the price limit (i.e. enter any price). | OverwritePriceLimit character(1) NOT NULL Yes-No |
| Preference Level | Preference Level | Determines what preferences the user can set | Preferences allow you to define default values. If set to None, you cannot set any preference nor value preference. Only if set to Client, you can see the Record Info Change Log. | PreferenceType character(1) NOT NULL List |
| Maintain Change Log | Maintain Change Log | Maintain a log of changes | If selected, a log of all changes is maintained. | IsChangeLog character(1) NOT NULL Yes-No |
| Show Accounting | Show Accounting | Users with this role can see accounting information | This allows to prevent access to any accounting information. | IsShowAcct character(1) NOT NULL Yes-No |
| Access all Orgs | Access all Orgs | Access all Organizations (no org access control) of the client | When selected, the role has access to all organizations of the client automatically. This also increases performance where you have many organizations. | IsAccessAllOrgs character(1) NOT NULL Yes-No |
| Organization Tree | Organization Tree | Trees are used for (financial) reporting and security access (via role) | Trees are used for (finanial) reporting and security access (via role) | AD_Tree_Org_ID numeric(10) Table |
| Use User Org Access | Use User Org Access | Use Org Access defined by user instead of Role Org Access | You can define the access to Organization either by Role or by User. You would select this, if you have many organizations. | IsUseUserOrgAccess character(1) NOT NULL Yes-No |
| Can Report | Can Report | Users with this role can create reports | You can restrict the ability to report on data. | IsCanReport character(1) NOT NULL Yes-No |
| Can Export | Can Export | Users with this role can export data | You can restrict the ability to export data from Adempiere. | IsCanExport character(1) NOT NULL Yes-No |
| Personal Lock | Personal Lock | Allow users with role to lock access to personal records | If enabled, the user with the role can prevent access of others to personal records. If a record is locked, only the user or people who can read personal locked records can see the record. | IsPersonalLock character(1) NOT NULL Yes-No |
| Personal Access | Personal Access | Allow access to all personal records | Users of this role have access to all records locked as personal. | IsPersonalAccess character(1) NOT NULL Yes-No |
| Confirm Query Records | Confirm Query Records | Require Confirmation if more records will be returned by the query (If not defined 500) | Enter the number of records the query will return without confirmation to avoid unnecessary system load. If 0, the system default of 500 is used. | ConfirmQueryRecords numeric(10) NOT NULL Integer |
| Max Query Records | Max Query Records | If defined, you cannot query more records as defined - the query criteria needs to be changed to query less records | Enter the number of records a user will be able to query to avoid unnecessary system load. If 0, no restrictions are imposed. | MaxQueryRecords numeric(10) NOT NULL Integer |
| Connection Profile | Connection Profile | How a Java Client connects to the server(s) | Depending on the connection profile, different protocols are used and tasks are performed on the server rather then the client. Usually the user can select different profiles, unless it is enforced by the User or Role definition. The User level profile overwrites the Role based profile. | ConnectionProfile character(1) List |
| Auto expand menu | Auto expand menu | If ticked, the menu is automatically expanded | null | IsMenuAutoExpand character(1) NOT NULL Yes-No |
| Allow Info Account | Allow Info Account | null | null | Allow_Info_Account character(1) NOT NULL Yes-No |
| Allow Info Asset | Allow Info Asset | null | null | Allow_Info_Asset character(1) NOT NULL Yes-No |
| Allow Info BPartner | Allow Info BPartner | null | null | Allow_Info_BPartner character(1) NOT NULL Yes-No |
| Allow Info CashJournal | Allow Info CashJournal | null | null | Allow_Info_CashJournal character(1) NOT NULL Yes-No |
| Allow Info InOut | Allow Info InOut | null | null | Allow_Info_InOut character(1) NOT NULL Yes-No |
| Allow Info Invoice | Allow Info Invoice | null | null | Allow_Info_Invoice character(1) NOT NULL Yes-No |
| Allow Info Order | Allow Info Order | null | null | Allow_Info_Order character(1) NOT NULL Yes-No |
| Allow Info Payment | Allow Info Payment | null | null | Allow_Info_Payment character(1) NOT NULL Yes-No |
| Allow Info Product | Allow Info Product | null | null | Allow_Info_Product character(1) NOT NULL Yes-No |
| Allow Info Resource | Allow Info Resource | null | null | Allow_Info_Resource character(1) NOT NULL Yes-No |
| Allow Info Schedule | Allow Info Schedule | null | null | Allow_Info_Schedule character(1) NOT NULL Yes-No |
| Allow Info CRP | Allow Info CRP | null | null | Allow_Info_CRP character(1) NOT NULL Yes-No |
| Allow Info MRP | Allow Info MRP | null | null | Allow_Info_MRP character(1) NOT NULL Yes-No |
TAB: Org Access
tanım: Maintain Role Org Access
Yardım Add the client and organizations the user has access to. Entries here are ignored, if User Org Access is selected or the role has access to all roles.
Note that access information is cached and requires re-login or reset of cache.
Dosya:Role - Org Access - pencere (iDempiere 1.0.0).png
| isim | isim | tanım | Yardım | Özellikler |
|---|---|---|---|---|
| Client | İstemci | Client/Tenant for this installation. | İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organizasyon | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Rol | Sorumlu Rolü | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Active | Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Only | Salt Okunur | Field is read only | The Read Only indicates that this field may only be Read. It may not be updated. | IsReadOnly character(1) NOT NULL Yes-No |
TAB: User Assignment
tanım: Users with this Role
Yardım The User Assignment Tab displays Users who have been defined for this Role.
Dosya:Role - User Assignment - pencere (iDempiere 1.0.0).png
| isim | isim | tanım | Yardım | Özellikler |
|---|---|---|---|---|
| Client | İstemci | Client/Tenant for this installation. | İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organizasyon | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Rol | Sorumlu Rolü | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Search |
| User/Contact | User/Contact | User within the system - Internal or Business Partner Contact | The User identifies a unique user in the system. This could be an internal user or a business partner contact | AD_User_ID numeric(10) NOT NULL Search |
| Active | Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
TAB: Window Access
tanım: Window Access
Yardım The Window Access Tab defines the Windows and type of access that this Role is granted.
Dosya:Role - Window Access - pencere (iDempiere 1.0.0).png
| isim | isim | tanım | Yardım | Özellikler |
|---|---|---|---|---|
| Client | İstemci | Client/Tenant for this installation. | İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organizasyon | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Rol | Sorumlu Rolü | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Window | Pencere | Data entry or display window | The Window field identifies a unique Window in the system. | AD_Window_ID numeric(10) NOT NULL Table Direct |
| Active | Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | Okuma Yazma | Field is read / write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: Process Access
tanım: Process Access
Yardım The Process Access Tab defines the Processes and type of access that this Role is granted.
Dosya:Role - Process Access - pencere (iDempiere 1.0.0).png
| isim | isim | tanım | Yardım | Özellikler |
|---|---|---|---|---|
| Client | İstemci | Client/Tenant for this installation. | İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organizasyon | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Rol | Sorumlu Rolü | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Process | İşlem | Process or Report | The Process field identifies a unique Process or Report in the system. | AD_Process_ID numeric(10) NOT NULL Table Direct |
| Active | Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | Okuma Yazma | Field is read / write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: Form Access
tanım: Form Access
Yardım The Form Access Tab defines the Forms and type of access that this Role is granted.
Dosya:Role - Form Access - pencere (iDempiere 1.0.0).png
| isim | isim | tanım | Yardım | Özellikler |
|---|---|---|---|---|
| Client | İstemci | Client/Tenant for this installation. | İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organizasyon | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Rol | Sorumlu Rolü | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Special Form | Special Form | Special Form | The Special Form field identifies a unique Special Form in the system. | AD_Form_ID numeric(10) NOT NULL Table Direct |
| Active | Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | Okuma Yazma | Field is read / write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: Workflow Access
tanım: Workflow Access
Yardım The Workflow Access Tab defines the Workflows and type of access that this Role is granted.
Dosya:Role - Workflow Access - pencere (iDempiere 1.0.0).png
| isim | isim | tanım | Yardım | Özellikler |
|---|---|---|---|---|
| Client | İstemci | Client/Tenant for this installation. | İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organizasyon | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Rol | Sorumlu Rolü | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Workflow | Workflow | Workflow or combination of tasks | The Workflow field identifies a unique Workflow in the system. | AD_Workflow_ID numeric(10) NOT NULL Table Direct |
| Active | Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | Okuma Yazma | Field is read / write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: Task Access
tanım: Task Access
Yardım The Task Access Tab defines the Task and type of access that this Role is granted.
Dosya:Role - Task Access - pencere (iDempiere 1.0.0).png
| isim | isim | tanım | Yardım | Özellikler |
|---|---|---|---|---|
| Client | İstemci | Client/Tenant for this installation. | İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organizasyon | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Rol | Sorumlu Rolü | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| OS Task | İşletim Sistemi Görevi | İsletim Sistemi Görevi | The Task field identifies a Operation System Task in the system. | AD_Task_ID numeric(10) NOT NULL Table Direct |
| Active | Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | Okuma Yazma | Field is read / write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: Document Action Access
tanım: Define access to document type / document action / role combinations.
Yardım Define access to document type / document action / role combinations.
Dosya:Role - Document Action Access - pencere (iDempiere 1.0.0).png
| isim | isim | tanım | Yardım | Özellikler |
|---|---|---|---|---|
| Client | İstemci | Client/Tenant for this installation. | İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | Organizasyon | Organizational entity within client | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | Rol | Sorumlu Rolü | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Document Type | Belge Türü | Document type or rules | The Document Type determines document sequence and processing rules | C_DocType_ID numeric(10) NOT NULL Table Direct |
| Reference List | Referans Liste | Tablodan alınan referans listesi | The Reference List field indicates a list of reference values from a database tables. Reference lists populate drop down list boxes in data entry screens | AD_Ref_List_ID numeric(10) NOT NULL Table Direct |
| Active | Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
TAB: Included roles
tanım: null
Yardım null
Dosya:Role - Included roles - pencere (iDempiere 1.0.0).png
| isim | isim | tanım | Yardım | Özellikler |
|---|---|---|---|---|
| Sequence | Diziliş | Method of ordering records; lowest number comes first | The Sequence indicates the order of records | SeqNo numeric(10) NOT NULL Integer |
| Active | Active | The record is active in the system | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Role | Rol | Sorumlu Rolü | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Search |
| Included Role | Included Role | null | null | Included_Role_ID numeric(10) NOT NULL Table |
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}