2001 User permissions
Previous  Top  Next

New "add/chg/del User Permission" option.

Background: Historically Advanced Accounting's security focused on whether the user had access to a program option or not. This was sufficient for many users. However as Advanced Accounting's user base has matured and users have increased in size and whose needs for remote access have increased, more sophisticated security options are needed to control what users can or cannot within certain program functions that they have been provided access to.

Set-up/program operation: Once program updates thru 2001 have been installed, proceed to Y-System Maintenance then C-Enter/Chg Password Info. You will see a new option add/chg/del User Permissions. You must have previously set-up user logons and security levels via the other two options. (Note: it is highly recommended that you assign every user a separate logon code. Users should further be encouraged to change their passwords regularly via the new Change user password option.)

To set security settings for a given user logon, press F2 (or click the look-up button) or enter the logon code. Or, leave the logon code blank and enter a security level that to which the settings will apply.

A person's individual permissions will always override the permissions set for that person's security level. If you wish to restrict a user from printing reports showing other salesperson codes, you must enter that user's employee/salesperson number in the appropriate field; otherwise, the employee number field is of no consequence. If a user is not set up in the user permissions file, he/she will have none of these restrictions.

The intention is to apply these restrictions in some of the most commonly used programs. In certain set-up programs, for example, no restrictions have been implemented because it is assumed that if a user has access to those programs, they need to be able do to enter whatever they want.

Most of the available options/restrictions are self-explanatory; more help may be added here later to better explain what each option does or does not do.

Here are issues specifically involving the AR credit limit option:

Select ALT-R to work with Accounts Receivable options. If you do not want to allow a user to override a credit limit nor be able to enter a credit limit, answer "N" to the "enter credit limits" question. A user who can enter a credit limit will also be override it when entering a sales order via SO-A (but will still receive a warning message). Users who cannot enter a credit limit will not be able to have access to the credit limit field even if they otherwise have access to accounts receivable entry option AR-A.

Credit limit specific issues: In order for credit limit messaging/rights to work, you must have S/O Credit Limit Msg Off set to "Y" under Y-System Maintenance then B-Enter/Chg Invoicing Defaults. When first entering a new sales order, a user who does not have rights to enter a credit limit will not be able to use a customer who has exceeded a credit limit. A user who does have access will be given a warning message, and if they elect to continue, no further messages will be provided. NOTE: no one will be able to use a customer code to create a new sales order who has been set to have a credit limit of less than 0, e.g. -1. The user in this case will receive a message indicating that the account requires credit approval. In addition, if a customer when first being selected on a new sales order has not yet exceed their credit limit but does so in the course of line item entry, a user who does not have rights to enter credit limits will not be able to proceed with entering the line item. They will not however lose what they have already entered if they entered at least one prior line item. A user who can enter credit limits will receive a warning and then may elect to not proceed (and will similarly not lose prior information entered) or may elect to simply proceed. It should be noted that in checking to see whether a credit limit has been exceeded, the program ONLY looks at the customer's outstanding, posted invoices at that moment in time. It does not take into consideration any outstanding credits nor does it take into consideration any other pending sales orders.

Note that when bringing up an existing sales order initially, there is no credit limit checking. However, if prices are changed or new items added that increase that change the total, the same credit limit checking will apply. Note also that if you change the customer code on an existing sales order, credit limit checking will then of course be based on the new customer code. (This might provide the end user with a loophole in changing an existing sales order's customer code to someone who has a higher credit limit and then adding additional items, saving it and then bringing it back-up and changing to the prior customer code however the credit limit checking will "catch" that situation.)

Developer notes:

This option calls a new program, BKSYSSEC. A new data file by the same name is where the various flags are saved. It is likely that more flags will be added to this file in the future.

This option is accessed via SY-C, new program BKSYSSEC, data file BKSYSSEC.

This is a quick summary of programs impacted by this feature (there are some 11th hour program changes where we may have added this to some additional programs that may not be included here) and this is meant as a general guide:
Specify whether user can override control date   SY-A   
Specify number of days prior to or after system date which user may post a transaction AP-B, AP-F, AR-B, AR-C, GL-B, IC-G, PO-D, PR-D, SO-F   
Restrict user to a location PO-A, PO-D, SO-A, SO-I   
Restrict user to a GL department   AP-B, AR-B, GL-B, IC-A, PO-A, PR-A, SO-A, SO-I   
GL: Specify whether user can enter budget amounts   GL-A   
GL: Specify whether user can enter GL dept's AP-B, AR-B, GL-B, IC-A, PO-A, PR-A, SO-A, SO-I   
AR: Specify whether user can enter terms   AR-A   
AR: Specify whether user can enter credit limits   AR-A   
AR: Specify whether user can add customers and change customer information   AR-A, AR-B, AR-C, PO-A, SO-A, SO-I   
AR: Specify whether user can delete customers   AR-A   
AR: Specify whether user can change salesperson numbers AR-A, SO-A, SO-I   
AR: Specify whether user can enter/change/view credit cards AR-A, SO-A, SO-I   
IC: Specify whether user can see cost information   IC-A, ALT-I, PO-D, SO-A, SO-K   
IC: Specify whether user can add products and change inventory information IC-A, PO-A, SO-A, SO-I, SO-J   
IC: Specify whether user can delete products IC-A   
SO: Specify whether user can delete sales orders    SO-A, SO-I   
SO: Specify whether user can delete line items SO-A, SO-I   
SO: Specify whether user can enter negative units SO-A   
SO Specify whether user can go into negative units on hand SO-A   
SO: Specify whether user can override credit limit   SO-A   
SO: Specify whether user can print reports showing other salesperson codes   SO-M   
PO: Specify whether user can delete purchase orders PO-A   
PO: Specify whether user can invoice received purchase orders   PO-D