角色 (窗口 ID-111)
窗口: 角色
描述: 维护用户的职责
幫助: The Role Window allows you to define the different roles that users of this system will have. Roles control access to windows, tasks, reports, etc. For a client an Administrator and User role are predefined. You may add additional roles to control access for specific functionality or data. You can add users to the role.
TAB: 角色
描述: 定义职责角色
幫助 Define the role and add the client and organizations the role has access to. You can give users access to this role and modify the access of this role to windows, forms, processes and reports as well as tasks.
If the Role User Level is Manual, the assigned acces rights are not automatically updated (e.g. if a role has a restricted number of Windows Processes it can access).
File:角色 - 角色 - 窗口 (iDempiere 1.0.0).png
| 名稱 | 名稱 | 描述 | 幫助 | 產品規格 |
|---|---|---|---|---|
| Client | 客户 | 安装此软件的客户 | 客户是一个公司或者合法的实体。你不能在客户之间共享数据。 | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | 机构 | 客户内的机构实体。 | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Name | 名称 | Alphanumeric identifier of the entity | The name of an entity (record) is used as an default search option in addition to the search key. The name is up to 60 characters in length. | Name character varying(60) NOT NULL String |
| Description | 描述 | 该记录的可选描述 | 描述最多为 255 个字符。 | Description character varying(255) String |
| Active | 有效 | 本记录有效 | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| User Level | 用户级别 | 系统 客户 机构 | The User Level field determines if users of this Role will have access to System level data, Organization level data, Client level data or Client and Organization level data. | UserLevel character(3) NOT NULL List |
| Manual | 手工 | 这是手工的程序 | The Manual check box indicates if the process will done manually. | IsManual character(1) NOT NULL Yes-No |
| Master Role | Master Role | A master role cannot be assigned to users, it is intended to define access to menu option and documents and inherit to other roles | null | IsMasterRole character(1) NOT NULL Yes-No |
| Currency | 货币 | 币种为该笔记录 | Indicates the Currency to be used when processing or reporting on this record | C_Currency_ID numeric(10) Table Direct |
| Approval Amount | 批准金额 | The approval amount limit for this role | The Approval Amount field indicates the amount limit this Role has for approval of documents. | AmtApproval numeric Amount |
| Days Approval Accumulated | Days Approval Accumulated | The days approval indicates the days to take into account to verify the accumulated approval amount. | The Days Approval Accumulated field indicates the days to take into account to verify the accumulated approval amount. | DaysApprovalAccum numeric(10) Integer |
| Approval Amount Accumulated | Approval Amount Accumulated | The approval amount limit for this role accumulated on a period | The Approval Amount field indicates the amount limit this Role has for approval of documents within a period limit. | AmtApprovalAccum numeric Amount |
| Approve own Documents | Approve own Documents | Users with this role can approve their own documents | If a user cannot approve their own documents (orders, etc.), it needs to be approved by someone else. | IsCanApproveOwnDoc character(1) NOT NULL Yes-No |
| UserDiscount | UserDiscount | null | null | UserDiscount numeric(22,2) Number |
| Supervisor | 管理者 | Supervisor for this user - used for escalation | The Supervisor indicates who will be used for forwarding and escalating issues for this user. | Supervisor_ID numeric(10) Search |
| Menu Tree | 主树-菜单 | null | null | AD_Tree_Menu_ID numeric(10) Table |
| Overwrite Price Limit | Overwrite Price Limit | Overwrite Price Limit if the Price List enforces the Price Limit | The Price List allows to enforce the Price Limit. If set, a user with this role can overwrite the price limit (i.e. enter any price). | OverwritePriceLimit character(1) NOT NULL Yes-No |
| Preference Level | Preference Level | Determines what preferences the user can set | Preferences allow you to define default values. If set to None, you cannot set any preference nor value preference. Only if set to Client, you can see the Record Info Change Log. | PreferenceType character(1) NOT NULL List |
| Maintain Change Log | 维护变化日志 | 维护变化的一个日志 | If selected, a log of all changes is maintained. | IsChangeLog character(1) NOT NULL Yes-No |
| Show Accounting | 显示财务 | Users with this role can see accounting information | This allows to prevent access to any accounting information. | IsShowAcct character(1) NOT NULL Yes-No |
| Access all Orgs | Access all Orgs | Access all Organizations (no org access control) of the client | When selected, the role has access to all organizations of the client automatically. This also increases performance where you have many organizations. | IsAccessAllOrgs character(1) NOT NULL Yes-No |
| Organization Tree | 主树-机构 | null | null | AD_Tree_Org_ID numeric(10) Table |
| Use User Org Access | Use User Org Access | Use Org Access defined by user instead of Role Org Access | You can define the access to Organization either by Role or by User. You would select this, if you have many organizations. | IsUseUserOrgAccess character(1) NOT NULL Yes-No |
| Can Report | Can Report | Users with this role can create reports | You can restrict the ability to report on data. | IsCanReport character(1) NOT NULL Yes-No |
| Can Export | Can Export | Users with this role can export data | You can restrict the ability to export data from Adempiere. | IsCanExport character(1) NOT NULL Yes-No |
| Personal Lock | 个人数据加锁 | Allow users with role to lock access to personal records | If enabled, the user with the role can prevent access of others to personal records. If a record is locked, only the user or people who can read personal locked records can see the record. | IsPersonalLock character(1) NOT NULL Yes-No |
| Personal Access | 个人数据访问权 | Allow access to all personal records | Users of this role have access to all records locked as personal. | IsPersonalAccess character(1) NOT NULL Yes-No |
| Confirm Query Records | Confirm Query Records | Require Confirmation if more records will be returned by the query (If not defined 500) | Enter the number of records the query will return without confirmation to avoid unnecessary system load. If 0, the system default of 500 is used. | ConfirmQueryRecords numeric(10) NOT NULL Integer |
| Max Query Records | Max Query Records | If defined, you cannot query more records as defined - the query criteria needs to be changed to query less records | Enter the number of records a user will be able to query to avoid unnecessary system load. If 0, no restrictions are imposed. | MaxQueryRecords numeric(10) NOT NULL Integer |
| Connection Profile | Connection Profile | How a Java Client connects to the server(s) | Depending on the connection profile, different protocols are used and tasks are performed on the server rather then the client. Usually the user can select different profiles, unless it is enforced by the User or Role definition. The User level profile overwrites the Role based profile. | ConnectionProfile character(1) List |
| Auto expand menu | Auto expand menu | If ticked, the menu is automatically expanded | null | IsMenuAutoExpand character(1) NOT NULL Yes-No |
| Allow Info Account | Allow Info Account | null | null | Allow_Info_Account character(1) NOT NULL Yes-No |
| Allow Info Asset | Allow Info Asset | null | null | Allow_Info_Asset character(1) NOT NULL Yes-No |
| Allow Info BPartner | Allow Info BPartner | null | null | Allow_Info_BPartner character(1) NOT NULL Yes-No |
| Allow Info CashJournal | Allow Info CashJournal | null | null | Allow_Info_CashJournal character(1) NOT NULL Yes-No |
| Allow Info InOut | Allow Info InOut | null | null | Allow_Info_InOut character(1) NOT NULL Yes-No |
| Allow Info Invoice | Allow Info Invoice | null | null | Allow_Info_Invoice character(1) NOT NULL Yes-No |
| Allow Info Order | Allow Info Order | null | null | Allow_Info_Order character(1) NOT NULL Yes-No |
| Allow Info Payment | Allow Info Payment | null | null | Allow_Info_Payment character(1) NOT NULL Yes-No |
| Allow Info Product | Allow Info Product | null | null | Allow_Info_Product character(1) NOT NULL Yes-No |
| Allow Info Resource | Allow Info Resource | null | null | Allow_Info_Resource character(1) NOT NULL Yes-No |
| Allow Info Schedule | Allow Info Schedule | null | null | Allow_Info_Schedule character(1) NOT NULL Yes-No |
| Allow Info CRP | Allow Info CRP | null | null | Allow_Info_CRP character(1) NOT NULL Yes-No |
| Allow Info MRP | Allow Info MRP | null | null | Allow_Info_MRP character(1) NOT NULL Yes-No |
TAB: 机构访问权限
描述: 维护机构访问权限
幫助 Add the client organizations the user has access to.
File:角色 - 机构访问权限 - 窗口 (iDempiere 1.0.0).png
| 名稱 | 名稱 | 描述 | 幫助 | 產品規格 |
|---|---|---|---|---|
| Client | 客户 | 安装此软件的客户 | 客户是一个公司或者合法的实体。你不能在客户之间共享数据。 | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | 机构 | 客户内的机构实体。 | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | 角色 | 职责角色 | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Active | 有效 | 本记录有效 | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Only | 只读 | 字段被只有读 | The Read Only indicates that this field may only be Read. It may not be updated. | IsReadOnly character(1) NOT NULL Yes-No |
TAB: 用户任务
描述: 有这个角色的用户
幫助 The User Assignment Tab displays Users who have been defined for this Role.
File:角色 - 用户任务 - 窗口 (iDempiere 1.0.0).png
| 名稱 | 名稱 | 描述 | 幫助 | 產品規格 |
|---|---|---|---|---|
| Client | 客户 | 安装此软件的客户 | 客户是一个公司或者合法的实体。你不能在客户之间共享数据。 | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | 机构 | 客户内的机构实体。 | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | 角色 | 职责角色 | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Search |
| User/Contact | 客户或联系人 | User within the system - Internal or Business Partner Contact | The User identifies a unique user in the system. This could be an internal user or a business partner contact | AD_User_ID numeric(10) NOT NULL Search |
| Active | 有效 | 本记录有效 | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
TAB: 窗口访问权限
描述: 窗口访问
幫助 The Window Access Tab defines the Windows and type of access that this Role is granted.
File:角色 - 窗口访问权限 - 窗口 (iDempiere 1.0.0).png
| 名稱 | 名稱 | 描述 | 幫助 | 產品規格 |
|---|---|---|---|---|
| Client | 客户 | 安装此软件的客户 | 客户是一个公司或者合法的实体。你不能在客户之间共享数据。 | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | 机构 | 客户内的机构实体。 | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | 角色 | 职责角色 | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Window | 窗口 | 数据输入或显示视窗 | The Window field identifies a unique Window in the system. | AD_Window_ID numeric(10) NOT NULL Table Direct |
| Active | 有效 | 本记录有效 | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | 读写 | Field is read write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: 程序访问权限
描述: 程序访问
幫助 The Process Access Tab defines the Processes and type of access that this Role is granted.
File:角色 - 程序访问权限 - 窗口 (iDempiere 1.0.0).png
| 名稱 | 名稱 | 描述 | 幫助 | 產品規格 |
|---|---|---|---|---|
| Client | 客户 | 安装此软件的客户 | 客户是一个公司或者合法的实体。你不能在客户之间共享数据。 | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | 机构 | 客户内的机构实体。 | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | 角色 | 职责角色 | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Process | 进程 | 程序或报表 | The Process field identifies a unique Process or Report in the system. | AD_Process_ID numeric(10) NOT NULL Table Direct |
| Active | 有效 | 本记录有效 | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | 读写 | Field is read write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: 表单访问权限
描述: 表单访问
幫助 The Form Access Tab defines the Forms and type of access that this Role is granted.
File:角色 - 表单访问权限 - 窗口 (iDempiere 1.0.0).png
| 名稱 | 名稱 | 描述 | 幫助 | 產品規格 |
|---|---|---|---|---|
| Client | 客户 | 安装此软件的客户 | 客户是一个公司或者合法的实体。你不能在客户之间共享数据。 | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | 机构 | 客户内的机构实体。 | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | 角色 | 职责角色 | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Special Form | 特别的窗体 | 特别的窗体 | The Special Form field identifies a unique Special Form in the system. | AD_Form_ID numeric(10) NOT NULL Table Direct |
| Active | 有效 | 本记录有效 | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | 读写 | Field is read write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: 工作流访问权限
描述: 工作流访问
幫助 The Workflow Access Tab defines the Workflows and type of access that this Role is granted.
File:角色 - 工作流访问权限 - 窗口 (iDempiere 1.0.0).png
| 名稱 | 名稱 | 描述 | 幫助 | 產品規格 |
|---|---|---|---|---|
| Client | 客户 | 安装此软件的客户 | 客户是一个公司或者合法的实体。你不能在客户之间共享数据。 | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | 机构 | 客户内的机构实体。 | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | 角色 | 职责角色 | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Workflow | 工作流 | Workflow or combination of tasks | The Workflow field identifies a unique Workflow in the system. | AD_Workflow_ID numeric(10) NOT NULL Table Direct |
| Active | 有效 | 本记录有效 | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | 读写 | Field is read write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: 任务访问权限
描述: 工作访问权限
幫助 The Task Access Tab defines the Task and type of access that this Role is granted.
File:角色 - 任务访问权限 - 窗口 (iDempiere 1.0.0).png
| 名稱 | 名稱 | 描述 | 幫助 | 產品規格 |
|---|---|---|---|---|
| Client | 客户 | 安装此软件的客户 | 客户是一个公司或者合法的实体。你不能在客户之间共享数据。 | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | 机构 | 客户内的机构实体。 | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | 角色 | 职责角色 | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| OS Task | 任务 | 操作系统任务 | The Task field identifies a Operation System Task in the system. | AD_Task_ID numeric(10) NOT NULL Table Direct |
| Active | 有效 | 本记录有效 | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Read Write | 读写 | Field is read write | The Read Write indicates that this field may be read and updated. | IsReadWrite character(1) NOT NULL Yes-No |
TAB: Document Action Access
描述: Define access to document type / document action / role combinations.
幫助 Define access to document type / document action / role combinations.
File:角色 - Document Action Access - 窗口 (iDempiere 1.0.0).png
| 名稱 | 名稱 | 描述 | 幫助 | 產品規格 |
|---|---|---|---|---|
| Client | 客户 | 安装此软件的客户 | 客户是一个公司或者合法的实体。你不能在客户之间共享数据。 | AD_Client_ID numeric(10) NOT NULL Table Direct |
| Organization | 机构 | 客户内的机构实体。 | An organization is a unit of your client or legal entity - examples are store, department. You can share data between organizations. | AD_Org_ID numeric(10) NOT NULL Table Direct |
| Role | 角色 | 职责角色 | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Table Direct |
| Document Type | 文件类型 | 文件类型或规则 | The Document Type determines document sequence and processing rules | C_DocType_ID numeric(10) NOT NULL Table Direct |
| Reference List | 引用列表 | 基于表的引用列表 | The Reference List field indicates a list of reference values from a database tables. Reference lists populate drop down list boxes in data entry screens | AD_Ref_List_ID numeric(10) NOT NULL Table Direct |
| Active | 有效 | 本记录有效 | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
TAB: Included roles
描述: null
幫助 null
File:角色 - Included roles - 窗口 (iDempiere 1.0.0).png
| 名稱 | 名稱 | 描述 | 幫助 | 產品規格 |
|---|---|---|---|---|
| Sequence | 序列 | Method of ordering records; lowest number comes first | The Sequence indicates the order of records | SeqNo numeric(10) NOT NULL Integer |
| Active | 有效 | 本记录有效 | There are two methods of making records unavailable in the system: One is to delete the record, the other is to de-activate the record. A de-activated record is not available for selection, but available for reports.
There are two reasons for de-activating and not deleting records: (1) The system requires the record for audit purposes. (2) The record is referenced by other records. E.g., you cannot delete a Business Partner, if there are invoices for this partner record existing. You de-activate the Business Partner and prevent that this record is used for future entries. |
IsActive character(1) NOT NULL Yes-No |
| Role | 角色 | 职责角色 | The Role determines security and access a user who has this Role will have in the System. | AD_Role_ID numeric(10) NOT NULL Search |
| Included Role | Included Role | null | null | Included_Role_ID numeric(10) NOT NULL Table |
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}
.png){kind=link}