http://www.ahp-gmbh.de
AHP– about us Our CAQ stragegy Our CAQ System Your ERP - our CAQ System Customer care Further information Contact

Objektberechtigung

iQ-BASIS provides an extensive permissions concept named form permissions. It can be used to define, if a user who is currently logged in can edit, view or even not access at all the data within the context of a specific form because of a membership in one or multiple permissions groups. However, this context does still not provide a solution for the requirement if a user may edit or view specific objects but possibly not any other objects.

The iT-OBJEKTE module allows extending the permissions concepts to the data level to find solutions for even complex permission requirements in conjunction with the form permissions.

Workflow

Object permissions center the object. The object is a record from an iQ-BASIS data table that has been activated for the object permissions system. The system is defined using a so called object model that groups the data within this table according to a specific criterion. The criterion is expressed by an object number. In many situations the object number is equal to the plant ID to specify that the object belongs to a specific plant.

The object permission refers to the object number. To establish a relation to the active user, the system is configured with person groups that have specific permissions for each of the object numbers. When accessing an object for editing or viewing purposes, the system will check if the user belongs to a configured person group for the object number stored within the object to find out if the record should be editable for the user or perhaps even not displayed at all. Because it is possible to specify any number of person groups for each object number and equip the group with different permissions any kind of permissions concept should be implementable.

In practice, this means that a concrete object number needs to be assigned and stored in each record of a table with activated object permissions at the end of the creation of the record. If the object is not assigned to any object number then it would be accessible for everybody (i. e. public)! If a user has access to multiple object numbers then the system will prompt for selecting one of those numbers manually when storing a new record ensuring a correct data handling in this situation, too.

Important Features at a Glance

Definition

Model

Object numbers

Person groups

Permissions

Application

Specifying the object number

Checking permissions

Interfaces to Other Modules