Maintain System Users - SECF0021

Purpose

To control the primary level of data access of users of the system.

Subsystem

Security

Structure

Two Blocks

Person
Person Role Grant

 

Navigation Buttons invoke:

Organisational Unit Restrictions form

Correspondence Type Security form

Image

 

 

Person

Explanation

The Person block displays personal details that have already been recorded in the System, for a person. Additional information may be added in this block to record the person as a System user. The navigation buttons invoke restriction forms that allow the user's access to be restricted to data for particular organisational units or data for particular correspondence types.

 

To record a person as a System user using the Maintain System Users form:

  1. Execute a query to locate the record of the person to be recorded as a user.
  2. Enter the person's username in the Oracle Username field.
  3. Enter a password for the person.
  4. Save
  5. Select the Active Oracle User checkbox.

Rules:

  • If entering a password for a user, they should be advised to change their password (using the Change Password option under the Action menu in the menu bar) as soon as possible.
  • The password field may be used to create a temporary password for users who have lost their password.

 

Person Role Grant

Explanation

Having established a person as a System user, it is necessary to grant them access to the areas of the System that they are entitled to use. This is accomplished by assigning security roles to them. Security roles define the primary levels of access to the System and are created and maintained by the Database Administrator.

Access can be further controlled by the use of the Auto Enable checkbox. If the checkbox is deselected for a role grant, the user is only able to access data applicable to that role by using Callista forms, jobs and reports. If the checkbox is selected for the role grant, the user has the same data access via Callista but is also able to access that data using applications other than Callista (eg. third party reporting tools).

Example

 

 

To grant a security role to a System user using the Maintain System Users form:

  1. Ensure that the correct user record is displayed in the Person block.
  2. Select the appropriate security role from the list of values in the Security Role field. (The creation time and date will be entered automatically)
  3. Select or deselect the Auto Enable checkbox as appropriate.
  4. Enter any notes regarding this role grant in the Notes field.
  5. Save.

 

To remove a security role from a user using the Maintain System Users form:

  1. Ensure that the correct user record is displayed in the Person block.
  2. Select the security role to be deleted.
  3. Delete record.
  4. Save.

 

To inquire on the security roles granted to an individual user using the Maintain System Users form:

  1. Locate the required user record in the Person block. (Security roles granted to the user will be displayed in the Person Role Grant block)

Rules:

  • If the Include Deleted Grants checkbox is selected, all of the security roles which have ever been granted to the user will be displayed. The deletion time and date for deleted security roles will also be displayed.
  • If the Include Deleted Grants checkbox is not selected, only those security roles currently granted to the user will be displayed.
  • Selecting or deselecting the Include Deleted Grants checkbox does not have immediate effect. The records in the Person Role Grant block must be requeried for the change to be reflected in the displayed records.

 

Last modified on 11 March 2002