Invantive Vision offers a flexibele model to protect the access to data. The security exists of a aggregate of two security mechanisms:
•Securing of access to data of projects (project security).
•Security of the access to functions like screens and reports (function security).
The aggregate means that:
•A user only has access to data in a function if he has access to the data as well as the function.
•A user can only change data (change, add or delete) in a function if he has writing rights on the project and also writing rights in the function.
•There is no security mechanism to secure access to data which do not belong to projects. The access to the functions decides if someone can see or change the data.
•Because of the aggregate, it is possible that a user can change data in one screen, but not in another.
Document security is described in
Per project, it can be set if someone can have all data of that particular project:
•See
•Change
All data of that project means the project itself, and all other data like invoice lines, orders, revenues and project authorizations.
You can maintain the security in several ways:
•In the screen Settings you can indicate if everyone can see or change all projects.
•In the screen Roles you can indicate if all users with a role can see or change all projects.
•In the screen Project Authorizations you can indicate per aggretate of a project and user if someone can see or change the project.
On top of that, you can automatically maintain rights using profile options with the text '-pae-' in the code, so that a controller can get automatically reading and/or editing rights for the project where he is responsible for.
Notice: the user ‘system’ always has access to all projects.
Per function, it can be set or someone:
•The screen can open
•Data can change in the screen
The function security is set through the screen Role Authorizations.
Notice: the user 'system' always has access to all projects.
The security of the documents is arranged through the combination of project security and function security. There is an additional security mechanism because you can see documents with different types of data like Units, Orders and Revenues in the function Documents
By giving access to the various types of functions for Documents you can determine who is allowed to see which documents. For example, the function 'Access to documents with Project.' yields access to documents with projects if you also have rights for the related project.
For background processes the function 'Access to documents with Background Process.' yields access to the related documents. However, here it is the case that you can always view and edit documents of background processes that you have requested yourself.