Master Tables
Master Table Overview
The Master Table component of the User Management System (UMS) allows you to create and manage users, control access to views and applications from within the PointForce iTopia, create resources and group them into menus and configure who can use and administer the system.
The UMS is a security authorization service that determines whether or not a given resource can be accessed by a specific user. The UMS is comprised of a number of resources that enable users, roles and resources to be maintained. A tightly integrated relationship exists between each of these components.
- Resources are created and grouped into roles, which in turn must be assigned to users (or vice versa, i.e. users can be assigned to roles).
User Master Modules:
- All users at your site are set up in the User Master modules. Note: These are named users. Each user can only be logged into the iTopia environment once.
- User profiles include passwords and custom preferences, as well as email addresses, phone numbers and job-related particulars. The user profiles also enable system administrators to assign database access permissions, for example: full, read-only, or web services. These are dependent upon the number of application and user licenses purchased by your company.
- Users may be assigned global and/or individual roles.
Role Master Modules:
- The Role Master modules allow you to create roles to which resources are assigned.
- Roles are assigned to users:
- Roles are system-designed job functions into which individual and group resources are assembled . A role can be as generic as representing a group of users, such as ‘AP Clerk’ or ‘Order Entry Desk’, or it can be as specific as required to represent a single user, such as ‘Comptroller’ or ‘metadata administrator’. Roles allow a system administrator to limit an individual’s access to only those resources relevant to their function in an organization.
- Roles are assigned Access Control Lists (ACLs) that define their accessibility rights. Such accessibility includes CRUD (i.e., create, read update and delete) permissions, as well as the ability to execute a resource, activate or deactivate rows from within a resource, or personalize views, including search criteria and search results.
- Using the Permissions module within the Role Master, accessibility rights or operators are assigned to resources, and then resources are assigned to roles.
- When a user is created, a personal role is automatically created for that individual. The personal role cannot be removed from the user. Views that are personalized by an individual are assigned to that user’s personal role. The resulting views are only available to the user that created the view; other users will not have immediate access to the new views.
Resource Master Modules:
- Individual resources may represent meta database views, documents, images, or any other files or applications that are available from within the PointForce environment and that can be accessed with a URL address.
- Resource groups represent categories of predefined resources, which can then be presented as menus on the portal (PointForce iTopia). Access to a given resource via the portal is considered only once a user has been successfully authenticated.
|