1. Users
1.1. Objective
Users can be created and managed within the application, including changing a user’s password and expiring the account therefore preventing the user from logging in.
For users managed in the LDAP directory, the application will synchronize users with the LDAP directory as well as delegate authentication to LDAP therefore providing users with the ability to sign into the application using their LDAP username and password.
1.2. Lesson
1.2.1 Create a New User
To manage user you must log into the application as a user with the Admin role.
To create a new user go to the Security -> User menu item. This will open the User Maintenance screen.
Fig. 1 – User Maintenance screen
Press the Add New button.
Fig. 2 – User Maintenance screen mandatory fields
The yellow fields are mandatory fields.
Enter a username and password. The username must be unique.
It is also a good idea to enter the user’s full name in the Description field.
Fig. 3 – User Maintenance screen with fields entered
Press Insert.
If the username is not unique the following error message will be displayed.
Fig. 4 – Username error
You can change the username and press OK, or press Cancel to return to the User Maintenance screen.
1.2.2. Adding a User to a Role
A user will not be able to access the application until they are associated to a Role. It is possible to add specific permission to an individual user, but it is recommended to create a Role with specific permissions and associate users to that Role.
To add a Role to a user edit the user and select the Roles tab.
Fig. 5 – Roles tab selected
To add a user to a role select the role in the left field and press the Add button. This will move the Role to the right field.
Fig. 6 – Adding a role
To remove a role select it in the right window and press the Remove button.
1.2.3. Change Password
Any user can change their password from the Security -> Change Password menu item.
Fig. 7 – Change Password screen
The user can enter their old password and their new password twice.
Note: this will not change the user’s password in LDAP therefore should not be used by users.
13.2.4. Expiring Users
Users are used throughout the application therefore it is not advised to delete a User unless they have never logged into the application. It is better to expire their account which will prevent them from being able to log into the application.
Go to the User Maintenance screen and search for the user.
Fig. 8 – Search for user
Press Edit in the bottom left corner of the screen. This will open the User record.
Fig. 9 – Found user record
Enter a data into the Expires field and press Update
1.3. Review
Perform the following steps:
- Create a new User and assign them to the User and Contract Requestor Roles
- Log into the application as this user
2. Roles and Permissions
2.1. Objective
A Role allows for an administrator to group together a set of permissions that can be assigned to a group of users.
A user can also have multiple Roles, therefore allowing for commonly used screens to be in a common Role that all users will be assigned to. This common role is usually the User role.
2.2. Lesson
2.2.1 Creating a New Role
To create a new Role go to the Security -> Role menu item. This will open the Role Maintenance screen. Press the Add New button.
Give the role a Name and select the Type. The Type field does not do anything with respect to security, it just classifies the level of security this role will enable.
2.2.2 Adding a Permission to a Role
To add a permission to a Role navigate to the Role and select the Permissions tab.
Press the New button in the bottom left of the screen. This will open the Permissions Maintenance screen.
Select the Object to apply the permissions to.
To find the object start to type the name of the object into the Criteria field. This will provide a list of matching objects. Select the appropriate object.
Check off the actions that are required for this Object.
Select Type: Grant All if you want this permission to also be used for all sub classes of the object.
Press Insert.
This will add the permission to the Role.
2.3 Review
Perform the following steps:
- Create a new Role and add a Permission to the Role
- Assign the Role to a user, as well as the User role
- Log into the application as this user
- Verify that the user has access to the screen
3. Employees and Labour Groups
3.1. Objective
3.2. Lesson
3.2.1 Creating a New Employee
Log into the application with a user who has permissions to insert, update and delete Employee.
Go to Administration -> Human Resources -> Employee. This will open the Employee Maintenance screen.
Employees are created during the LDAP directory synchronization.
To create a new Employee press the Add New button.
The yellow fields are mandatory.
Enter the Employee’s first and last name, and under the Employment tab enter their Manager. It is also useful to enter their Email address and if they have a username in the application set the User field (under the Employment tab).
3.2.2 Labourers
The Labourers tab is a list of all the Employees that have this Employee as a Manager.
Additional Employees can be added to this Manager by using the Associate button.
3.2.3 Adding Labour Groups to an Employee
Labour groups control which filtered lists of Employees that an employee show up in. For example only Employees in the Contract Signer Labour Group will show up in the Contract Signer drop down on the Contract for Service screen.
To add a Labour Group to an employee navigate to the employee and select the Labour Groups tab.
Press the Associate button.
Select the Labour Group to add. The screen will close and the Labour Group will be added to the Labour Group tab.
To remove a labour group from an employee select the labour group from under the Labour Groups tab and press the Disassociate button.
3.2.4 Creating new Labour Groups
To create a new Labour Group go to the Administration -> Human Resources -> Labour Groups menu item. This will open the Labour Group Maintenance screen.
Enter the Code and Description fields. They can be the same. Press the Insert button.
3.2.5 Employees in a Labour Group
To view all the Employees in one Labour Group, go to the Labour Group Maintenance window, search on and edit the appropriate Labour Group.
All the Employees assigned to this Labour Group are listed under the Labourers tab.
3.3 Review
Perform the following steps:
- Create a new Employee
Create a new Labour Group and associate it to the new Employee