MKS Help

User Access Rights

This Help File Page was last Modified on 06/11/2016

Hide Navigation Pane

User Access Rights

This Help File Page was last Modified on 06/11/2016

Previous topic Next topic No directory for this topic No expanding text in this topic  

User Access Rights

This Help File Page was last Modified on 06/11/2016

Previous topic Next topic Topic directory requires JavaScript JavaScript is required for expanding text JavaScript is required for the print function Mail us feedback on this topic!  

The User Access Rights Form allows the System Administrator to assign individual rights, on a User by User basis, to specifically selected Data Entry and Look Up Forms, each with its own Form Name. as well as defining (in some cases) Field by Field User Access Rights.

These Forms Based Access Rights (CRUDA) are Create, Read, Update, Delete, and Audit.

If entries are to be tracked by the Internal Auditing System's Audit Report, be sure to Check the Audit box.

A User attempting to exceed their User Access Rights on any Form will see a message similar to the one illustrated below explaining the reason for the denial.

 

HelpFilesUserRightsExceededMessage

Insufficient security rights to edit a record

 

Normally, Employees (Users) are assigned to an Employee Group - thus granting those Employees access to, and therefore specified Access Rights for, a Set of Forms the Access Rights to which have been granted to that Employee Group (see the Form Names, Employee Groups and Information Processing Forms chapters for more information about Forms).

The appropriate Form Names and associated Access Rights should be based on what needs to be accomplished by (the tasks typically assigned to) that Employee Group.

Sometimes an Employee needs additional (or fewer) Access Rights than those established in the Employee Group to which they've been assigned.

To accommodate this situation, the User Access Rights Form provides the means to individually grant Access Rights, further limit or remove Access Rights, to specifically selected Form Names, an/or Fields within those Forms.

In the example illustrated below, we have a set of Forms and Access Rights for an individual who needs to create Invoices for Sales, Post Receipts and Allocate those Receipts to specific Invoices.

The Accounting Information Form in the example shown below has a list of Field Names that may be selectively granted or denied by Checking or Un-Checking those individual Access Rights.

 

HelpFilesUserAccessRightsExample

User Access Rights Form - Accommodating various Invoice entry, Receipt Posting and Allocation responsibilities

 

To assign User Access Rights to specific Form Names,

a.Access the Backstage Menu System and Select the Security Menu which will display the General option, then Click User Access Rights.

b.Access the Quick Access Menu System and Select the Security Menu which will display the General option, then Click User Access Rights.

 

These User Access Rights entries are intended to supplement and/or reduce existing Access Rights to Form Names which have been granted to the Employee as a result of being a Member of an Employee Group.

If the Employee has been assigned to an Employee Group on the Security tab of the Employee Form, and if the Access Rights granted to that Employee Group are sufficient for that Employee, no additional entry needs to be made here, for that Employee.

The User Access Rights assigned here are intended to supplement and/or reduce existing Access Rights to Form Names which have previously been granted to an Employee as a result of being a Member of an Employee Group.

There are three sections on this User Access Rights Form:

1.Available Forms - Lists all Available Form Names, for Forms, Procedures and Reports within the MKMS and MKMSCS applications.

2.Assigned Forms - Lists all Form Names for Forms, Procedures and Reports that have User Access Rights specifically and individually Assigned to the selected Employee.

The Assigned Forms on the User Access Rights Form override any Access Rights assigned to this Employee as a result of being a Member of an Employee Group.

3.Field List - Many of the Form Names listed in the Assigned Forms section have individual Field Names to which Access Rights may be specifically Granted or Denied.

By default, when Field Names are listed, each will be Checked indicating that Access Rights are Granted.

By removing the Check, Access Rights to that Field Name are Denied.

 

Why Assign User Access Rights - Customize the Forms - and in some cases the Field Names - that an Employee is permitted to access, and specify the Access Rights to be granted when viewing those Forms:

CRUDA - Assigning Access Rights sets the User's ability to Create, Read, Update, Delete, and/or Audit (i.e., C.R.U.D.A.) information on any data entry Form that accesses and/or reports information in the database.

Form Names - A Form is any screen within the program that allows for data entry, look-up, retrieval or reporting.

 

HelpFilesUserAccessRights

User Access Rights Form - Available Forms, Assigned Forms and Field List sections

 

Understanding the User Access Rights Form:

Employee - Using the Drop-Down Selection List provided, Select the Employee for whom you will be adding (or deleting) Access Rights.

Available Forms Column - Set the User Access Rights, Choose the Form(s), and transfer them to the Assigned Forms list:

Check the box(es) that represent the Access Rights that are to be assigned to the selected Employee for the selected Forms.

Check the box(es) for the desired Forms.

Click the Right Arrow HelpFilesRightArrow-Soft(in the vertical column separating Available Forms from Assigned Forms columns) to move the Checked Forms to the Assigned Forms column.

To move the all of the Forms to the Assigned Forms column, Click the Double Right Arrows >> (something that will rarely be done here).

Assigned Forms Column - Review what was transferred and, if appropriate, Remove the Check Mark from those Access Rights as may be necessary to fine-tune the Access Rights assignments.

You may also individually Select any of the Assigned Forms:

Click the Left Arrow HelpFilesLeftArrow-Soft(in the vertical column separating Available Forms from Assigned Forms columns) to remove it - and its related Access Rights - from the Assigned Forms column.

Click the Double Left Arrows HelpFilesDoubleLeftArrow-Softto remove all the Assigned Forms - and their related Access Rights - from the Assigned Forms column.

 

Denying Access Rights - Identify any Forms to which the Employee's Access Rights should be restricted or denied compared to what was granted by being a Member of an Employee Group.

If the Employee has been assigned to an Employee Group on the Security tab of the Employee Form, and if the Access Rights granted to that Employee Group are greater than that Employee needs (they should be restricted from accessing one or more Forms):

Using the Drop-Down Selection List provided, Select the Employee for whom you want to Deny certain or all Access Rights to one or more Forms.

In the Available Forms column, Locate and Check the Form(s) to which Access is (or selected Access Rights are) to be Denied.

If Access is to be completely Denied:

Check the Access Right of A (Audit)  - because at least one Access Right must be Checked to move this Form to the Assigned Forms column - all other Access Rights should have the Check Marks removed.

Confirm that you have Chosen only those Form(s) for which Access is to be completely Denied.

Click the Right Arrow HelpFilesRightArrow-Softto move the selected Form(s) to the Assigned Forms column.

Un-Check the A (Auditable) box to remove that Access Right for each selected Form.

Click the HelpFilesNavigationMenuSaveIcon on the Navigation Menu to record the change.

This procedure will completely Deny Access by this Employee to the selected Form(s).

This is because the User Access Rights Form's assignments supercede the Employee Groups Form's assignments of Access Rights, so the selected Form(s) will now be inaccessible to that Employee.

If specific Access Rights assigned in the Employee Group are to be Denied: but other assigned Access Rights are to be permitted:

Check only the Access Rights that are to be permitted.

Confirm that you have Checked the correct Form(s) in the Assigned Forms column.

Click the Right Arrow HelpFilesRightArrow-Softto move the selected Form(s) to the Assigned Forms column.

Click the HelpFilesNavigationMenuSaveIcon on the Navigation Menu to record the change.

This is because the User Access Rights Form's assignments super cede the Employee Groups Form's assignments of Access Rights, so the selected Form(s) will only allow the Employee those Access Rights assigned here, rather than what was assigned in their Employee Group.

 

HelpFilesUserAccessRightsAuditOnly

 

Another example (shown in the illustration above):

The Employee originally did have the Access Rights to the Place Accounts on Test Form through their assignment to an Administrative Employee Group with that access, but it was decided they did not need it.

That Form was located in the Assigned Forms column and all Checked Access Rights were removed.

Then, Click the HelpFilesNavigationMenuSaveIcon on the Navigation Menu to record this change.

The Employee is now completely blocked from accessing that Place Accounts on Test Form.