Difference between revisions of "Company and User Security Matrix"

Latest revision as of 10:40, 13 February 2023

	This article will explain how you can implement this feature for use on your SmartSimple system.

Overview

Enabling the Company and User Matrix

Note: You will need Global User Administrator Privileges to enable and configure this feature

In the Configuration menu, Click on Global Settings
Under the Security Tab, add a check mark to the box Enable Company and User Security Matrix
Click Save.

Configuring the User Security Matrix

In the Configuration menu, click on Global Settings
Under the Security Tab, click on the User Security Matrix
Under the Login User Role select the user role you will be permissioning
First set Hierarchy Permissions if applicable - This sets what general permissions a specific user role has to view and modify based on the following options
- Users Under All Organizations - access to all users under all organizations
- Users Under their Own Organization - access to those users found under the current users organization
- Users Under Sub Organizations - access to those users found under the current users organization or its sub-organizations
- Own Profile - access to users own profile

Set Roles Permissions if applicable - This sets the granular role-by-role permissions to perform views, edits, deletes, and lookups.

Configuring the Company Security Matrix

In the Configuration menu, click on Global Settings
Under the Security Tab, click on the Company Security Matrix. This defines how users can interact with company data
Under the Login User Role is displayed a list of all defined user roles. Select the user role you will be permissioning
Set appropriate Hierarchy Permissions if applicable - This sets what general permissions a specific user role has to view and modify organization data that they belong to.
- Options include the ability to view, edit, add, delete, and lookup permissions for All Organizations, their Own Organizations, and their Sub Organizations.
- By adding a check mark to the specific check box in the matrix you will be enabling that permission for the specified user role.
Set Category Permissions if applicable - This sets granular category-by-category permissions to perform views, edits, deletes, and lookups.

Permission Types

The following 10 permission types are available:

Deny View - Users in this role are denied access to this item.
Deny Edit - Users in this role can access but cannot edit.
Deny Add - Users in this role can access but cannot create a new item.
Deny Delete - Users in this role can access but cannot delete an existing item.
Deny Lookup - Users in this role can access but cannot search an existing item.
View – View the item.
Add – Create a new item.
Edit – Edit an existing item.
Delete – Delete an existing item.
Lookup – Search an existing item.

Company Security Matrix Example

1. Review the Hierarchy Permission and Category Permission shown below for the Employee Role:

A. From the Hierarchy Permissions - Employees can View, Edit, and Add data related to their Own Organization.

B. From the Category Permissions - Employees can View and Edit "Event Registrant Organization" and View "Fiscal Agents".

Notes

Only a Global User Administrator can define or modify roles.
When Company or User security matrix is enabled, then the system will ignore any other Company or User specific permissions when the current user is either a Local User Administrator or basic User.

Also See

Security Matrix
The Key Control Element – Roles
Using Roles
Roles & Permissions

	Click here to learn why this feature is a benefit to your organization.

@@ Line 1: / Line 1: @@
 {| class="wikitable"
 |-
-|[[Image:How.png|50px|link=]]
+||[[Image:How.png|link=|50px]]
-|This article will explain '''how''' you can implement this feature for use on your SmartSimple system.
+||This article will explain '''how''' you can implement this feature for use on your SmartSimple system.
 |}
 ==Overview==
 ==Enabling the Company and User Matrix==
 Note: You will need [[Global User Administrator]] Privileges to enable and configure this feature
 # In the '''Configuration''' menu, Click on '''Global Settings'''
 # Under the '''Security''' Tab, add a check mark to the box '''Enable Company and User Security Matrix'''
-# Click '''Save'''
+# Click '''Save. '''
+:: [[File:Org and user security matrix.png|800px|border]]
 ==Configuring the User Security Matrix==
 * In the '''Configuration''' menu, click on '''Global Settings'''
 * Under the '''Security''' Tab, click on the '''User Security Matrix'''
 * Under the '''[[The Key Control Element – Roles|Login User Role]]''' select the user role you will be permissioning
-* First set '''Hierarchy Permissions''' if applicable - This sets what general permissions a specific user role has to view and modify '''Users Under All Organizations''', '''Users Under their Own Organization''', '''Users Under Sub Organizations''' and '''Own Profile'''.
+* First set '''Hierarchy Permissions''' if applicable - This sets what general permissions a specific user role has to view and modify based on the following options
-* Set '''Roles Permissions''' if applicable - This sets the granular category-by-category permissions to perform views, edits, deletes, and lookups.
+*:* '''Users Under All Organizations''' - access to all users under all organizations
+*:* '''Users Under their Own Organization''' - access to those users found under the current users organization
+*:* '''Users Under Sub Organizations''' - access to those users found under the current users organization or its sub-organizations
+*:* '''Own Profile''' - access to users own profile
+* Set '''Roles Permissions''' if applicable - This sets the granular role-by-role permissions to perform views, edits, deletes, and lookups.
 ==Configuring the Company Security Matrix==
 * In the '''Configuration''' menu, click on '''Global Settings'''
-* Under the '''Security''' Tab, click on the '''Company Security Matrix'''This defines how users can interact with company data
+* Under the '''Security''' Tab, click on the '''Company Security Matrix. '''This defines how users can interact with company data
-* Under the '''Login User Role''' is displayed a list of all defined user roles.  Select the user role you will be permissioning
+* Under the '''Login User Role''' is displayed a list of all defined user roles. Select the user role you will be permissioning
 * Set appropriate '''Hierarchy Permissions''' if applicable - This sets what general permissions a specific user role has to view and modify organization data that they belong to.
-:* Options include the ability to view, edit, add, delete, and lookup permissions for '''All Organizations''', their '''Own Organizations''', and their '''Sub Organizations'''.
+** Options include the ability to view, edit, add, delete, and lookup permissions for '''All Organizations''', their '''Own Organizations''', and their '''Sub Organizations'''.
-:* By adding a check mark to the specific check box in the matrix you will be enabling that permission for the specified user role.
+** By adding a check mark to the specific check box in the matrix you will be enabling that permission for the specified user role.
 * Set '''Category Permissions''' if applicable - This sets granular category-by-category permissions to perform views, edits, deletes, and lookups.
+==Permission Types==
+The following 10 permission types are available:
-==Permission Types==
+* '''Deny View''' - Users in this role are denied access to this item.
-The following six permission types are available:
+* '''Deny Edit''' - Users in this role can access but cannot edit.
-* '''Deny''' - Users in this role are denied access to this item.
+* '''Deny Add''' - Users in this role can access but cannot create a new item.
+* '''Deny Delete''' - Users in this role can access but cannot delete an existing item.
+* '''Deny Lookup''' - Users in this role can access but cannot search an existing item.
 * '''View''' – View the item.
 * '''Add''' – Create a new item.
 * '''Edit''' – Edit an existing item.
 * '''Delete''' – Delete an existing item.
 * '''Lookup''' – Search an existing item.
 ==Company Security Matrix Example==
@@ Line 46: / Line 55: @@
 [[Image:Company_security_matrix_2015-12-16_1531.png|link=]]
-:A.  From the '''Hierarchy Permissions''' - Employees can View, Edit, and Add data related to their Own Organization.
-:B.  From the '''Category Permissions''' - Employees can View and Edit "Event Registrant Organization" and View "Fiscal Agents".
-==Notes==
-* Only a {{GUA}} or a {{LUA}} can define [[Role|roles]].
+A. From the '''Hierarchy Permissions''' - Employees can View, Edit, and Add data related to their Own Organization.
+B. From the '''Category Permissions''' - Employees can View and Edit "Event Registrant Organization" and View "Fiscal Agents".
+==Notes==
+* Only a {{GUA}} can define or modify [[Role|roles]].
+* When Company or User security matrix is enabled, then the system will ignore any other Company or User specific permissions when the current user is either a [[Local User Administrator]] or basic [[User]].
 ==Also See==
@@ Line 59: / Line 71: @@
 [[The Key Control Element – Roles]]<br />
 [[Using Roles]]<br />
-[[Roles & Permissions]]<br />
+[[Roles & Permissions|Roles & Permissions]]
@@ Line 65: / Line 77: @@
 {| class="wikitable"
 |-
-|[[Image:Why.jpeg|50px|link=?]]
+||[[Image:Why.jpeg|link=?|50px]]
-|Click [[Company and User Security Matrix - Why?|here]] to learn why this feature is a benefit to your organization.
+||Click [[Company and User Security Matrix - Why?|here]] to learn why this feature is a benefit to your organization.
 |}
 [[Category:How]][[Category:Security]]

Difference between revisions of "Company and User Security Matrix"

Latest revision as of 10:40, 13 February 2023

Contents

Overview

Enabling the Company and User Matrix

Configuring the User Security Matrix

Configuring the Company Security Matrix

Permission Types

Company Security Matrix Example

Notes

Also See

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools