Example: How to Prevent a User from Seeing Finance Data
Example: How to Prevent a User from Seeing Finance Data
Suppose you wanted to allow salary information to be seen by the DEPARTMENT MGR role but not by the DEPARTMENT ADMIN role. You would do so using the tasks in the System / Archibus Administrator - User and Security process.
- First, create a new Security Group called "SALARY" using the Add or Edit Security Groups task.
- Next use the Smart Client's Define Per-Field Group Security task to assign the Employee (em) table's Salary field a Review Group of "SALARY".
- Next use the Assign Security Groups to Roles view to assign the "SALARY" group to the DEPARTMENT MGR role but not to the DEPARTMENT ADMIN role.
- Next assign a user (e.g. "CARLO") the DEPARTMENT MGR role and another (e.g. "BARTLETT") the DEPARTMENT ADMIN role.
- Any change in roles or their assignments to users requires that you select the Flush Cached User Accounts and Roles button, located in the upper right corner of the view. See the User Help topic, Archibus Web Central User's Guide / Archibus Administrator - User and Security / User Management / Flush Cached User Accounts and Roles . Alternately, you can restart the application server.
Now when CARLO logs in and loads a view that contains the Employee Salary field, the field will appear. When BARTLETT logs in and loads the same view, the program will remove the field before presenting the form or any data.