Welcome Guest, you are in: Login

ComCept Documentation

Image

Navigation



Search the wiki »

Page History: Security Changes 2018 - Phase II

Compare Page Revisions



« Older Revision - Back to Page History - Newer Revision »


Page Revision: 09/19/2018 10:03 PM



The Short Version

ComCept .Net is continuing efforts to migrate away from Security Levels to a total role-based security system where you have more granular control over user access.



In Phase I of the project, we moved all point-of-sale (POS) based functions to role-based security. POS functions were contained in Security Levels 1-3.



In Phase II of the project, we have moved all non-POS based functions in Security Levels 1-3, along with all functions in Security Levels 4-6 to role-based security.



ComCept .Net checks permissions in more places now, so we temporarily gave your users these permissions.  Doing so keeps everyone from losing functionality until you manually take them away.  We did this by adding new groups with the new permissions to your data, and then we assigned the new groups to your users.



Security Administrators should add these new permissions to your security groups, or rename the temporary groups.



Moving forward, as new permissions are added to ComCept .Net, those permissions will be placed in the appropriate starter groups as required.

 



Details

ComCept has been making changes to security that allow you to control better which users can perform functions within ComCept .Net.  We also diminished the use of “Security Levels” throughout ComCept .Net functions, which will require security administrators to act in the next few weeks.



Briefly, we have been:



• creating new permission checks

• removing unneeded permissions

• consolidating redundant permissions

• removing dependencies on “Security Levels”

• making security easier to manage



 

Security Levels vs. Roles

There were ways to grant users access to functions in ComCept.  You could either set the user’s Security Level, or you can grant Permissions through one of your many Security Groups.



Security Levels

Security Levels were assigned to users to indicate how much of the application they can access.  Higher Security Levels allowed access to more functions.



Groups and Permissions

ComCept needed a more granular way to assign permissions than with Security Levels, so we implemented role-based security using permissions and groups.  You can define roles within your organization and assign those roles to your users.



No More Security Levels in ComCept .Net

All the ComCept functions are now entirely dependent on Permissions, not Security Levels.  This change means giving a user Security Level 1 will no longer provide them with access to Invoicing, for example.  As you create new users in your data, you must assign them to groups that grant the permissions they need, as Security Levels will no longer work.

Note: During the transition period, you will still see the Security Level in the employee record. However, it forms no function anymore.

Action Required

ComCept has added new security groups to your data, filled with permissions that will keep your users from losing any functionality.  You should add these permissions to your groups, or rename the temporary groups.

New Groups

We have temporarily added some new security groups to your data, and updated existing temporary groups with non-POS permissions.

ComCept .Net will now check to see if a user has permission to perform these actions before allowing them to continue.  To keep everyone from losing functionality after the code release, we automatically added the new permissions to new Security Groups and assigned those groups to your current users who were already allowed to perform these functions.

Temporary Group Permissions Added

ComCept Level 1 Consignment_New, Lookup_ItemAvailability, Shipment_New

ComCept Level 3 InvDocumentBatch_View

Notes_ManufacturerView, Notes_VendorView, Notes_ViewCustomer, Notes_ViewInventory

PurchaseOrder_Close, PurchaseOrder_Electronic, PurchaseOrder_Generate, PurchaseOrder_New PurchaseOrder_Print, PurchaseOrder_PrintNew, PurchaseOrder_Release, PurchaseOrder_Save

Quote_New

Receipt_New

ReceiptWorksheet_View

TransJournal_View

ComCept Level 4 Bin_View

InventoryLocal_Edit

InventoryMaster_Edit

Manufacturer_New

PriceProfile_View

PurchaseOrder_AdjustTransfers

System_ChangeLocation

Technician_Assign, Technician_View

Vendor_New

ComCept Level 5 AR_PaymentsSearch, AR_ServiceCharges

Attribute_AssignCustomer, Attribute_AssignInventory

Customer_New, Customer_QuickAdd

POS_Invoice_WriteOff

RecurringBilling_View

TransJournal_ViewAllLocations

Note:



Security Level 2: There were no non-POS related permissions to assign to this group.

Security Level 6: Additional privileges within Level 6 were already transitioned to security permissions as ComCept .Net moved those functions from the smart client to the thin client. Therefore, a temporary group for Level 6 was not needed.

Permission Changes and Consolidation



The following permissions were renamed or replaced:

Permission Replaces

Lookup_ItemAvailability Inventory_View

InventoryMaster_Edit InventoryMaster_New

InventoryLocal_Edit InventoryLocal_New

The following permissions were deleted:

Permission

Inventory_View

InventoryMaster_Save

InventoryLocal_Save







 



Copyright © 2000 - 2023 - ComCept Solutions, LLC