Role Data Access (pencere ID-268)

iDempiere tr sitesinden
Şuraya atla:kullan, ara



pencere: Role Data Access

tanım: Maintain Data Access Rules

Yardım: Maintain Data Access Roles of Roles/Responsibilties. Note that access information is cached and requires re-login or reset of cache.



TAB: Role

tanım: Role with Data Access Restriction


Yardım Select Role for with Data Access Restrictions. Note that access information is cached and requires re-login or reset of cache.


Dosya:Role Data Access - Role - pencere (iDempiere 1.0.0).png




isim isim tanım Yardım Özellikler
Client İstemci Client/Tenant for this installation. İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. AD_Client_ID
numeric(10) NOT NULL
Table Direct
Organization Organizasyon Organizational entity within client An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. AD_Org_ID
numeric(10) NOT NULL
Table Direct
Name İsim Alphanumeric identifier of the entity The name of an entity (record) is used as an default search option in addition to the search key. The name is up to 60 characters in length. Name
character varying(60) NOT NULL
String
Description Description Optional short description of the record A description is limited to 255 characters. Description
character varying(255)
String
Preference Level Preference Level Determines what preferences the user can set Preferences allow you to define default values. If set to None, you cannot set any preference nor value preference. Only if set to Client, you can see the Record Info Change Log. PreferenceType
character(1) NOT NULL
List
Maintain Change Log Maintain Change Log Maintain a log of changes If selected, a log of all changes is maintained. IsChangeLog
character(1) NOT NULL
Yes-No
Show Accounting Show Accounting Users with this role can see accounting information This allows to prevent access to any accounting information. IsShowAcct
character(1) NOT NULL
Yes-No
Access all Orgs Access all Orgs Access all Organizations (no org access control) of the client When selected, the role has access to all organizations of the client automatically. This also increases performance where you have many organizations. IsAccessAllOrgs
character(1) NOT NULL
Yes-No
Can Report Can Report Users with this role can create reports You can restrict the ability to report on data. IsCanReport
character(1) NOT NULL
Yes-No
Can Export Can Export Users with this role can export data You can restrict the ability to export data from Adempiere. IsCanExport
character(1) NOT NULL
Yes-No
Personal Lock Personal Lock Allow users with role to lock access to personal records If enabled, the user with the role can prevent access of others to personal records. If a record is locked, only the user or people who can read personal locked records can see the record. IsPersonalLock
character(1) NOT NULL
Yes-No
Personal Access Personal Access Allow access to all personal records Users of this role have access to all records locked as personal. IsPersonalAccess
character(1) NOT NULL
Yes-No




TAB: Table Access

tanım: Maintain Table Access


Yardım If listed here, the Role can(not) access all data of this table, even if the role has access to the functionality.
If you Include Access to a table and select Read Only, you can only read data (otherwise full access).
If you Exclude Access to a table and select Read Only, you can only read data (otherwise no access).
Please note that table access rules here are in addition to the Data Access Levels defined for a Table and the User Level defined for a Role. These rules are evaulated first and you only need to define the exceptions to these rules here.

Note that access information is cached and requires re-login or reset of cache. Be aware that if you use Include rules, that you need to include also several supporting entiries. As an alternative, grant access only to functionality required. Dosya:Role Data Access - Table Access - pencere (iDempiere 1.0.0).png

isim isim tanım Yardım Özellikler
Client İstemci Client/Tenant for this installation. İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. AD_Client_ID
numeric(10) NOT NULL
Table Direct
Organization Organizasyon Organizational entity within client An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. AD_Org_ID
numeric(10) NOT NULL
Table Direct
Role Rol Sorumlu Rolü The Role determines security and access a user who has this Role will have in the System. AD_Role_ID
numeric(10) NOT NULL
Table Direct
Table Tablo Veritabani Tablosu Bilgisi Veritabani Tablosu, tablo tanımı için bilgi saglar AD_Table_ID
numeric(10) NOT NULL
Table Direct
Active Active The record is active in the system There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.

There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries.

IsActive
character(1) NOT NULL
Yes-No
Exclude Exclude Exclude access to the data - if not selected Include access to the data If selected (excluded), the role cannot access the data specified. If not selected (included), the role can ONLY access the data specified. Exclude items represent a negative list (i.e. you don't have access to the listed items). Include items represent a positive list (i.e. you only have access to the listed items).


You would usually not mix Exclude and Include. If you have one include rule in your list, you would only have access to that item anyway.

IsExclude
character(1) NOT NULL
Yes-No
Access Type Access Type The type of access for this rule If you restrict Access to the entity, you also cannot Report or Export it (i.e. to have access is a requirement that you can report or export the data). The Report and Export rules are further restrictions if you have access. AccessTypeRule
character(1) NOT NULL
List
Read Only Salt Okunur Field is read only The Read Only indicates that this field may only be Read. It may not be updated. IsReadOnly
character(1) NOT NULL
Yes-No
Can Report Can Report Users with this role can create reports You can restrict the ability to report on data. IsCanReport
character(1) NOT NULL
Yes-No
Can Export Can Export Users with this role can export data You can restrict the ability to export data from Adempiere. IsCanExport
character(1) NOT NULL
Yes-No




TAB: Column Access

tanım: Maintain Column Access


Yardım If listed here, the Role can(not) access the column of this table, even if the role has access to the functionality.
If you Include Access to a column and select Read Only, you can only read data (otherwise full access).
If you Exclude Access to a column and select Read Only, you can only read data (otherwise no access). Note that access information is cached and requires re-login or reset of cache.


Dosya:Role Data Access - Column Access - pencere (iDempiere 1.0.0).png




isim isim tanım Yardım Özellikler
Client İstemci Client/Tenant for this installation. İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. AD_Client_ID
numeric(10) NOT NULL
Table Direct
Organization Organizasyon Organizational entity within client An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. AD_Org_ID
numeric(10) NOT NULL
Table Direct
Role Rol Sorumlu Rolü The Role determines security and access a user who has this Role will have in the System. AD_Role_ID
numeric(10) NOT NULL
Table Direct
Table Tablo Veritabani Tablosu Bilgisi Veritabani Tablosu, tablo tanımı için bilgi saglar AD_Table_ID
numeric(10)
Table Direct
Column Kolon Tablodaki Kolonlar Veritabanında bulunan bir tablodaki kolona bagla AD_Column_ID
numeric(10) NOT NULL
Table Direct
Active Active The record is active in the system There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.

There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries.

IsActive
character(1) NOT NULL
Yes-No
Exclude Exclude Exclude access to the data - if not selected Include access to the data If selected (excluded), the role cannot access the data specified. If not selected (included), the role can ONLY access the data specified. Exclude items represent a negative list (i.e. you don't have access to the listed items). Include items represent a positive list (i.e. you only have access to the listed items).


You would usually not mix Exclude and Include. If you have one include rule in your list, you would only have access to that item anyway.

IsExclude
character(1) NOT NULL
Yes-No
Read Only Salt Okunur Field is read only The Read Only indicates that this field may only be Read. It may not be updated. IsReadOnly
character(1) NOT NULL
Yes-No




TAB: Record Access

tanım: Maintain Record Access


Yardım You create Record Access records by enabling "Personal Lock" for the administrative role and Ctl-Lock (holding the Ctrl key while clicking on the Lock button).

If listed here, the Role can(not) access the data records of this table, even if the role has access to the functionality.
If you Include Access to a record and select Read Only, you can only read data (otherwise full access).
If you Exclude Access to a recorf and select Read Only, you can only read data (otherwise no access). Note that access information is cached and requires re-login or reset of cache. Dosya:Role Data Access - Record Access - pencere (iDempiere 1.0.0).png

isim isim tanım Yardım Özellikler
Client İstemci Client/Tenant for this installation. İstemci bir firma veya legal bir kurulustur. Verileri İstemciler arasında paylasilmaz. Mutasarruf ise İstemci ile aynı anlama gelmektedir. AD_Client_ID
numeric(10) NOT NULL
Table Direct
Organization Organizasyon Organizational entity within client An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. AD_Org_ID
numeric(10) NOT NULL
Table Direct
Role Rol Sorumlu Rolü The Role determines security and access a user who has this Role will have in the System. AD_Role_ID
numeric(10) NOT NULL
Table Direct
Table Tablo Veritabani Tablosu Bilgisi Veritabani Tablosu, tablo tanımı için bilgi saglar AD_Table_ID
numeric(10) NOT NULL
Table Direct
Record ID Record ID Direct internal record ID The Record ID is the internal unique identifier of a record. Please note that zooming to the record may not be successful for Orders, Invoices and Shipment/Receipts as sometimes the Sales Order type is not known. Record_ID
numeric(10) NOT NULL
Button
Active Active The record is active in the system There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.

There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries.

IsActive
character(1) NOT NULL
Yes-No
Exclude Exclude Exclude access to the data - if not selected Include access to the data If selected (excluded), the role cannot access the data specified. If not selected (included), the role can ONLY access the data specified. Exclude items represent a negative list (i.e. you don't have access to the listed items). Include items represent a positive list (i.e. you only have access to the listed items).


You would usually not mix Exclude and Include. If you have one include rule in your list, you would only have access to that item anyway.

IsExclude
character(1) NOT NULL
Yes-No
Read Only Salt Okunur Field is read only The Read Only indicates that this field may only be Read. It may not be updated. IsReadOnly
character(1) NOT NULL
Yes-No
Dependent Entities Dependent Entities Also check access in dependent entities Also dependent entities are included. Please be aware, that enabling this rule has severe consequences and that this is only wanted in some circumstances.

Example Rule: "Include Payment Term Immediate with Dependent Entities"
Primary effect: users with this role can only select the payment term Immediate
Secondary effect (dependent entities): users with this role can see only invoices/orders with the payment term immediate.

IsDependentEntities
character(1) NOT NULL
Yes-No


Contributions / Posts

Çerezler hizmetlerimizi sunmamıza yardımcı olur. Hizmetlerimizi kullanarak çerezleri kullanmamızı kabul etmektesiniz.