Aptify includes a set of default standard user groups, which are provided as examples only. Categorizing users into groups having similar business functions can simplify the management and control of permissions. Aptify highly recommends using Groups to manage user permissions. Since every client implementation adopts a different security model specific to the user and group structure of each organization, it is important to apply this security model to the standard Aptify system.
Rather than making assumptions regarding the appropriate security configuration in the installation process, Aptify believes that security should be examined during the implementation process, and entity security settings should be modified as necessary. Note that modifying the security attributes for existing entities does not violate any software warranty. Contact an Aptify consultant for more information about how to design and implement a security model for your organization.
When adding a new user to the system, you can assign the user to one or more groups. As a member of a group, the user can access those services and business functions to which the group has been granted permission. If the needs of a new user differ from the standard profile for his/her groups, you can expand the permission set for that user as necessary using User level security.
Aptify's security model is least restrictive and grants permissions to users and groups rather than explicitly denying privileges. This means that a user who is a member of two groups will have a permission set that aggregates the privileges inherited from both groups; this grants the user the highest permission level given his/her group memberships. For example, if the Users group has read, edit, and merging permissions, and the Accounting group has read, edit, and create permissions, a user who is a member of both groups will have read, edit, create, and merging permissions.
This topic covers the following sub-topics related to Group management in Aptify:
Creating User Groups
Administrators can create a new group when a number of users require similar permissions.
- Expand the Users Administration application heading in the Navigation Bar.
- Right-click the Groups service and select New Groups Record from the pop-up menu.
- Enter a Name and Description for the Group in the fields provided.
- Group names cannot be changed once the record has been saved (as illustrated below).
- Group names cannot be changed once the record has been saved (as illustrated below).
- Save the Groups record.
- After a Groups record has been saved, the group name cannot be changed.
Assigning Users to Groups
Users can be assigned to one or more groups as necessary, based on the role the user holds and the permissions the user requires. Users are usually assigned to groups during the process of creating the user login (see Creating User Accounts). However, you can also use the following procedure to add one or more users to a group:
- Open the Groups record.
- Click the Group Members tab.
- Open a new Group Members sub-type record.
- Specify the user that you want to add to the group in the User ID field.
- Click OK to save and close the Group Members record.
- The user now appears under the Group's Group Members tab.
- Repeat steps 3 through 5 to add additional users to the group as necessary.
- Alternatively, you can click OK and New in Step 5 to save the current record and open a new Group Members record in one step.
- Save the Groups record.
Comments
Please sign in to leave a comment.