Versions Compared

Old Version 13

changes.mady.by.user Laura Packard

Saved on

compared with

New Version Current

changes.mady.by.user Melanie Whitelock

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Insert excerptIMOSIMOSnopaneltrue 🔑 This is a Key Topic, with high value for all users.

...

Groups and Users

IMOS recognizes two types of users for assigning access rights:

...

Anchor
Module Rights
Module Rights

Module Rights

Module Rights can be assigned at three different levels:

...

Anchor
Object Rights
Object Rights

Object Rights

Object Rights can be assigned at two different levels:

...

  • By object: An individual company, vessel type, vessel, or pool.
    For example, you can assign a group or a user different rights to different vessel types.

Anchor
Rights
Rights
Levels and Priorities of Rights

In the User Properties and Group Properties windows, each module or object name is preceded by a gray arrow ( ) or a black arrow ( ) and a check box ( ). Do any of the following:

  • To assign a right, click a check box. To change to a different right, click again. Each time you click, the right changes.

    Image Removed


    Image Added

    : No rights have been assigned here. But keep in mind that these rights for groups or users might have been assigned in any groups in which they are members.

    Image Removed


    Image Added

    : Some rights have been assigned at a lower level. To see them, click

    Image RemovedImage Added

    to expand the item.

    : Read, Write, and Delete

    Image Removed


    Image Added

    : Read and Write

    Image Removed


    Image Added

    : Read Only

    Image Removed


    Image Added

    : All Rights Denied

  • To expand a level, click

    Image RemovedImage Added

    .

  • To collapse a level, click

    Image RemovedImage Added

    .

  • To see the legend that explains the rights, click Legend on either tab.

    Image RemovedImage Added

Priorities for Users with Conflicting Rights

Rights have priorities to determine which right applies if a user either has individual rights that conflict with group rights or is a member of more than one group, and the groups have different rights. The order is:

...

However, please note that, unless explicitly denied, Read Only users should still have the ability to create/edit/delete analytical views of data as the Report Designer reports are not considered to be “data” but means to view the data.

Anchor
config
config

Reporting on User Rights

You can create a Module Access Report in the Report Designer, which shows a summary of Module Rights by user; a similar report can be created for object rights. Download the example report definition from Example Reports - Report Designer.


Expand
titleRelated Configuration Flags


Name

Description

Enable Company Security

Set company-based permissions for each user or group on the Object Rights tab in Security, under Company. Permissions apply where needed to prevent users from editing or seeing various items associated with any restricted companies.

Use Contract Company

If enabled, displays Company as a required field on the Voyage Fixture, Time Charter, and Voyage. If LOB is enabled, this field will also be required. Note that this flag enables strict company matching (that is, sale and purchase companies must match) for the TDE.

This flag is almost always enabled when company-based security (CFGEnableCompanySecurity) is in use, as it requires the Company Code to be specified in records before the user can save. A warning message will appear if an invoice is issued in which they do not match.

Require Company Match for Invoice

When enabled and CFGUseContractCompany is also enabled, the contract company must match the fixture company to approve or post invoices.

Invoice Approvals by Type

Specifies whether the control of invoice approval by type is enabled or not; adds an Invoice Approval Types control list to the Object Rights tab in Security, to grant users rights to approve specific types of invoices. On the Approve Invoices List and Transaction Summary, if a user does not have approval rights for an invoice type, the Review link will not be available for those invoices.

Invoice Postings by Type

Specifies whether the control of invoice posting by type is enabled or not; adds an Invoice Posting Types control list to the Object Rights tab in Security, to grant users rights to post specific types of invoices. On the Post Invoices List and Transaction Summary, if a user does not have posting rights for an invoice type, the Post link will not be available for those invoices.

Invoice Actualization by Type

Specifies whether the control of invoice actualization by type is enabled or not; adds an Invoice Actualization Types control list to the Object Rights tab in Security, to grant users rights to set specific types of invoices to Actual.

Invoice Reversals by Type

Specifies whether the control of invoice reversal by type is enabled or not. When enabled, on the Object Rights tab in Security, an Invoice Reversal Types control list is added to grant users rights to reverse specific types of invoices.

Journal Approval Needed

Enable specifying the number of approvals required for journal invoices . After an invoice has been approved, if it should be approved at least once more, its status is Partially Approved, and the last Approval User is in the Approval User column. An additional column, Approval User 2, is available in the Financials lists.

Approvals Mask

Bitflag: If accounting approvals are enabled, determines which are active. Possible values:

  • 0 = None

  • 1 = Payables only

  • 2 = Receivables only

  • 4 = Journals

  • 64 = By company; adds an Approval Company node in Object Rights for each user.

The default value is 7=1+2+4.


...