This topic describes the security model implemented with the Motor Loaner Vehicle Tracker sample application. See Administering Security for Entities for information on the Aptify security functionality described in this topic.
The sample application's security model consists of three groups:
- Users: This group corresponds to Motor Loaner's Rental Clerks and Service Technicians.
- Managers: This group corresponds to Motor Loaner's Management team, who need elevated permissions beyond what is granted to the Users group.
- Administrators: This group corresponds to Motor Loaner's IT department and database administrator. This group has all of the permissions of the Managers group plus additional administrator level permissions (such as to the Object Viewer).
Aptify has included a set of sample users to illustrate how the application appears to members of these groups:
- Clerk: To experience the application from the perspective of a Motor Loaner rental clerk, you can log in as the Clerk user (password: ~Pa$$word). This user is a member of the Users group only.
- Manager: To experience the application from the perspective of a Motor Loaner-manager, you can log in as the Manager user (password: ~Pa$$word). This user is a member of the Managers and Users groups.
- sa: to experience the application from the perspective of the Motor Loaner system administrator, you can log in as sa. The sa user is a member of the Users and Administrators groups.
The following sub-topics contain information about how the sample application has applied security settings for these three groups:
- About the Sample Application Security
- Sample Application Entity Security Settings
- Sample Application Field Level Security
About the Sample Application Security
In addition to the security settings described in the Sample Application Entity Security Settings and Sample Application Field Level Security, the sample application includes three Aptify Applications that group together the 12 top-level entities into functional areas:
- Motor Loaner Administration: This application is intended for Administrators and Managers who need to administer the Motor Loaner system. This application includes services such as Vehicle Types and Rental Options, which can only be created or modified by a manager or administrator.
- This application has Group Permissions sub-type records for the Administrators and Managers groups.
- This application uses the Manager's Dashboard (see Manager's Dashboard for details).
- Motor Loaner Customer Service: This application provides access to all of the services commonly used by a rental clerk, including Customers and Rental Agreements.
- This application has Group Permissions sub-type records for the Users, Administrators, and Managers groups.
- This application uses the Rental Clerk Dashboard (see Rental Clerk Dashboard for details).
- Motor Loaner Maintenance: This application provides access to all of the services commonly used by a service technician, including Maintenance Schedules and Service Tickets.
- This application has Group Permissions sub-type records for the Users, Administrators, and Managers groups.
- This application uses a default dashboard generated by Aptify that displays the list of services included in the application.
Sample Application Entity Security Settings
The following table identifies the permissions assigned to each group for each sample application entity. If an X appears in the cell for a group in a particular row, then that group has permissions to perform a particular function within the entity. (Note that U is for Users, M is for Managers, and A is for Administrators within the table.)
|
Read |
Create |
Edit |
Delete |
Merge |
In Place Editing |
Object Viewer |
||||||||||||||
|
U |
M |
A |
U |
M |
A |
U |
M |
A |
U |
M |
A |
U |
M |
A |
U |
M |
A |
U |
M |
A |
Associates |
X |
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
|
X |
CustomerAddress |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
|
X |
X |
X |
X |
X |
|
|
X |
CustomerPhone |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
|
X |
X |
X |
X |
X |
|
|
X |
Customers |
X |
X |
X |
X |
X |
X |
X |
X |
X |
|
X |
X |
|
X |
X |
X |
X |
X |
|
|
X |
Maintenance Schedules |
X |
X |
X |
X |
X |
X |
X |
X |
X |
|
X |
X |
|
X |
X |
X |
X |
X |
|
|
X |
Manufacturers |
X |
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
|
X |
Rental Agreements |
X |
X |
X |
X |
X |
X |
X |
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
|
X |
Rental Options |
X |
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
|
X |
RentalAgreement Options |
X |
X |
X |
X |
X |
X |
X |
X |
X |
|
X |
X |
|
X |
X |
X |
X |
X |
|
|
X |
Service Tickets |
X |
X |
X |
X |
X |
X |
X |
X |
X |
|
X |
X |
|
X |
X |
X |
X |
X |
|
|
X |
Vehicle Color |
X |
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
|
X |
Vehicle Models |
X |
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
|
X |
Vehicle Statuses |
X |
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
|
X |
Vehicle Types |
X |
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
|
X |
Vehicles |
X |
X |
X |
|
X |
X |
X |
X |
X |
|
X |
X |
|
X |
X |
|
X |
X |
|
|
X |
Sample Application Field Level Security
In addition to the Entity Security model shown in the table in the Sample Application Entity Security Settings topic, the sample application also implements Field Level Security for the Service Tickets entity. The Users group has Read only access to the ReleasetoFleet field and the Managers and Administrators groups have Read and Edit permissions.
This field corresponds to the Release to Fleet check box on the Service Tickets record, and once a Completed service ticket has this check box selected, a vehicle is automatically returned to the rental pool (using the Vehicle Status Updater process flow).
This field level security ensures that only a manager or an administrator can move a vehicle out of servicing and back to the Available status.
See Managing Field Level Security Settings for information configuring Field Level Security.
See BPR23: Service Ticket Approval for the Motor Loaner Requirement that corresponds to this feature in the sample application.
Finally, see Vehicle Status Updater Process Flow for information on this process flow.
Comments
Please sign in to leave a comment.