Settings - General - Access rights assignment

NoteIn order to be able to edit the access authorization, you must have the necessary administrator rights. In a new installation you can do this with the predefined user <product> Administrator (default with password: admin), which is permanently assigned to the role Administrator. The role Administrator is in turn permanently associated with the root functions <Product> with the right Administrator. This assignment is not visible and cannot be deleted.

The individual parts for which the authorization can be set individually are referred to as functions. The functions are fixed. However, they can change from version to version. The existence of the functions also depends on the product and its licensing. and its licensing.

The structure of the functions corresponds to a large extent to the modules and its registers. In some cases these contain additional special functions. In addition to the modules, there are also some general functions such as the access authorization itself or the settings.
A separate function are also all reports, which are again structured like the print buttonsavailable in the program.

The rights of the roles and users are defined in the function tree. With a right click on a function or by clicking on the Edit button the permission edit dialog is displayed.

A set right on a function is passed on in the function tree to all sub-functions assigned to this function, i.e. downwards, downwards.

Note: When assigning the permission, start at the top of the root <product> and define first that what this role is mainly allowed to do. (whether this is read only or write only ). Define then specifically only the functions, which should be different.
Analogous proceeding for the functions data and reports.

In the function tree, all functions for which a right has been explicitly assigned are displayed in bold typeface are displayed. The rights of the assigned roles and users are displayed with the tooltip. This is the case if the option Display: assigned rights is defined.

The effective resulting rights of a user are then dependent on the rights inheritance in the function tree and the affiliation of the user to the roles.
With the option Display effective rights for, these rights can already be visualized during the assignment of rights for each desired user. These effective rights are displayed in the tooltip.

In addition, the entire function tree is colored depending on the rights for the selected user.

• Light gray No access to this function (explicit deny has been set.)

• Dark grey No access to this function (If nothing or no right has been defined.)

• Green Read-only access is allowed (read, print or export).

• Black Editing access is allowed. (at least one of the rights Write, Add, Delete, Copy or Execute is available. available).

• Purple Product-specific rights are available (e.g. self-edit)

• Red Administrator right is present

Client data view (..\Daten\Mandant)

If you have more than one client license, a special function Data/Client is available. (different symbol d instead of fx). With only one client this is not needed and is therefore not visible.
In this branch you can/must additionally to the functional view(which modules, and registers are available, and so on) the data view for each client and main area(for example, hide all persons from client Xy).
Note: There must be rights on the Functional AND on the data view to be able to do what you want!

NoteIf the data view is available, but you do not want to use it, you must at least ensure that all roles on the data function (or inherited through the root <product>) have the permissions for the data view. make sure that all roles on the function data (or inherited through the root <product>) have the permissions for Read, Write, Add, Delete and Copy!

NoteIf, for example, you do not add a right to a role in a client (no checkbox ticked) , then this user will not see the client and all the user will not see the client and all records assigned to the client (including the report).

If a user with the necessary rights has assigned e.g. a person to an agenda entry, this assignment is also visible to users who are not allowed to see the persons of this client. assignment is also visible for users who are not allowed to see the persons of this client. However, it is not possible to jump to the person).

NoteTo be able to assign a person to an agenda, you need read rights for the person and write rights for the agenda. write permissions for the agenda. (analogous for work plan, activity, organization and course delivery) It is not relevant if this assignment is made in the module Person or in the module Agenda. module Agenda. (from the client data point of view, with the functional rights assignment, this can of course be additionally restricted).

Assign people without authorization

If this right (read permission) is set, you can also assign persons from clients without read permission to your own agenda entries (analogous for work plan, activity, organization and course delivery). All persons will be displayed in the person search dialog.

Course Data View (..\DataCourse)

The course data view is only available in the Enterprise version. Analogous to the client data view, the access rights can be defined for each for each course and logout can be defined individually.
NoteIn order to be able to assign persons to a course, read rights are required for the course and the person. For the person assignment to a sign-out, write permissions are required on the sign-out.

Export...

A CSV file is generated with all rights for all users and roles across all functions.