Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
howto "auditor" access permissions
03-06-2017, 07:32 AM,
#1
howto "auditor" access permissions
Hi, is it possible with the security model available to create a "read-only" user?

I would like to give someone, e.g. an auditor, the ability to view anything in the system in the system, but not be allowed to enter, edit, create, or modify anything.

So far, it seems Security Tokens 0 (Main Index Page) and 2 (Basic Reports and Inquiries with selection options) are sufficient, but can anyone say if this will be enough access to see everything? Does this not restrict enough?

Thanks,
Dale

http://www.dalescott.net
Reply
03-06-2017, 09:18 AM,
#2
RE: howto "auditor" access permissions
Hi Dale, you can alter what reports and inquiries that user can see by changing the page security settings for individual scripts under the setup module. You can also remove (if there are any) any scripts you do not want the user to see. You can also set users so that they can view GL codes (either all or some) but not update them which would allow certain GL options to be available.

Thanks
Tim
Reply
03-06-2017, 12:26 PM,
#3
RE: howto "auditor" access permissions
Hi Tim, it's good to hear from you. I created a new "auditor" profile with security tokens 0 and 2 assigned to it, and created a new user with the "auditor" security profile assigned. I poked around the system and wasn't able to do any damage when logged with the auditor security profile. However, I'd like to be a little more confident and was hoping someone with more experience could say if there are any loopholes still open.

Dale
http://www.dalescott.net
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)