Personal tools
You are here: Home Framework Documentation Administrators Guide User Roles Permissions

 

1 Users

1.1 Objective

Users can be created and managed within the application, including changing a user’s password and expiring the account therefore preventing the user from logging in.

For users managed in the LDAP directory, the application will synchronize users with the LDAP directory as well as delegate authentication to LDAP therefore providing users with the ability to sign into the application using their LDAP username and password.

1.2 Lesson

1.2.1 Create a New User

To manage user you must log into the application as a user with the Admin role.

To create a new user go to the Security -> User menu item. This will open the User Maintenance screen.

UserRoles_Fig1.jpg

Fig. 1 – User Maintenance screen

Press the Add New button.

UserRoles_Fig2.jpg

Fig. 2 – User Maintenance screen mandatory fields

The yellow fields are mandatory fields.

Enter a username and password. The username must be unique.

It is also a good idea to enter the user’s full name in the Description field.

UserRoles_Fig3.jpg

Fig. 3 – User Maintenance screen with fields entered

Press Insert.

If the username is not unique the following error message will be displayed.

UserRoles_Fig4.jpg

Fig. 4 – Username error

You can change the username and press OK, or press Cancel to return to the User Maintenance screen.

1.2.2 Adding a User to a Role

A user will not be able to access the application until they are associated to a Role. It is possible to add specific permission to an individual user, but it is recommended to create a Role with specific permissions and associate users to that Role.

To add a Role to a user edit the user and select the Roles tab.

UserRoles_Fig5.jpg

Fig. 5 – Roles tab selected

To add a user to a role select the role in the left field and press the Add button. This will move the Role to the right field.

UserRoles_Fig6.jpg

Fig. 6 – Adding a role

To remove a role select it in the right window and press the Remove button.

1.2.3 Change Password

Any user can change their password from the Security -> Change Password menu item.

UserRoles_Fig7.jpg

Fig. 7 – Change Password screen

The user can enter their old password and their new password twice.

Note: this will not change the user’s password in LDAP therefore should not be used by users.

1.2.4 Expiring Users

Users are used throughout the application therefore it is not advised to delete a User unless they have never logged into the application. It is better to expire their account which will prevent them from being able to log into the application.

Go to the User Maintenance screen and search for the user.

UserRoles_Fig8.jpg

Fig. 8 – Search for user

Press Edit in the bottom left corner of the screen. This will open the User record.

UserRoles_Fig9.jpg

Fig. 9 – Found user record

Enter a data into the Expires field and press Update.

1.3 Review

Perform the following steps:

  • Create a new User and assign them to the User and Contract Requestor Roles

  • Log into the application as this user

 

2 Roles and Permissions

2.1 Objective

A Role allows for an administrator to group together a set of permissions that can be assigned to a group of users.

A user can also have multiple Roles, therefore allowing for commonly used screens to be in a common Role that all users will be assigned to. This common role is usually the User role.

2.2 Lesson

2.2.1 Creating a New Role

To create a new Role go to the Security -> Role menu item. This will open the Role Maintenance screen. Press the Add New button.

UserRoles_Fig10.jpg

Fig. 10 – Adding a new role

Give the role a Name and select the Type. The Type field does not do anything with respect to security, it just classifies the level of security this role will enable.

2.2.2 Adding a Permission to a Role

To add a permission to a Role navigate to the Role and select the Permissions tab.

UserRoles_Fig11.jpg

Fig. 11 – Permissions tab

Press the New button in the bottom left of the screen. This will open the Permissions Maintenance screen.

UserRoles_Fig12.jpg

Fig. 12 – Permission Maintenance screen

Select the Object to apply the permissions to.

UserRoles_Fig13.jpg

Fig. 13 – Selecting the object

To find the object start to type the name of the object into the Criteria field. This will provide a list of matching objects. Select the appropriate object.

UserRoles_Fig14.jpg

Fig. 14 – List of matching objects

Check off the actions that are required for this Object.

Select Type: Grant All if you want this permission to also be used for all sub classes of the object.

UserRoles_Fig15.jpg

Fig. 15 – Permission type

Press Insert.

UserRoles_Fig16.jpg

Fig. 16 – Inserting the new permission to the role

This will add the permission to the Role.

2.3 Review

Perform the following steps:

  • Create a new Role and add a Permission to the Role

  • Assign the Role to a user, as well as the User role

  • Log into the application as this user

  • Verify that the user has access to the screen

3 Employees and Labour Groups

3.1 Objective

An Employee is a person within the organization who can be associated to a user.

3.2 Lesson

3.2.1 Creating a New Employee

Log into the application with a user who has permissions to insert, update and delete Employee.

Go to Administration -> Human Resources -> Employee. This will open the Employee Maintenance screen.

Employees are created during the LDAP directory synchronization.

To create a new Employee press the Add New button.

UserRoles_Fig17.jpg

Fig. 17 – Adding a new employee

The yellow fields are mandatory.

Enter the Employee’s first and last name, and under the Employment tab enter their Manager. It is also useful to enter their Email address and if they have a username in the application set the User field (under the Employment tab).

UserRoles_Fig18.jpg

Fig. 18 – Entering new employee’s information

3.2.2 Labourers

The Labourers tab is a list of all the Employees that have this Employee as a Manager.

UserRoles_Fig19.jpg

Fig. 19 – Labourers tab

Additional Employees can be added to this Manager by using the Associate button.

3.2.3 Adding Labour Groups to an Employee

Labour groups control which filtered lists of Employees that an employee show up in. For example only Employees in the Contract Signer Labour Group will show up in the Contract Signer drop down on the Contract for Service screen.

To add a Labour Group to an employee navigate to the employee and select the Labour Groups tab.

UserRoles_Fig20.jpg

Fig. 20 – Labour Groups tab

Press the Associate button.

UserRoles_Fig21.jpg

Fig. 21 – List of Labour Groups

Select the Labour Group to add. The screen will close and the Labour Group will be added to the Labour Group tab.

UserRoles_Fig22.jpg

Fig. 22 – New labour group added to the Labour Group tab

To remove a labour group from an employee select the labour group from under the Labour Groups tab and press the Disassociate button.

3.2.4 Creating new Labour Groups

To create a new Labour Group go to the Administration -> Human Resources -> Labour Groups menu item. This will open the Labour Group Maintenance screen.

UserRoles_Fig23.jpg

Fig. 23 – Creating a new labour group

Enter the Code and Description fields. They can be the same. Press the Insert button.

3.2.5 Employees in a Labour Group

To view all the Employees in one Labour Group, go to the Labour Group Maintenance window, search on and edit the appropriate Labour Group.

UserRoles_Fig24.jpg

Fig. 24 – Viewing all employees in one labour group

All the Employees assigned to this Labour Group are listed under the Labourers tab.

3.3 Review

Perform the following steps:

  • Create a new Employee

  • Create a new Labour Group and associate it to the new Employee