Security in Personify360 is based on security groups that are granted certain privileges for screens. Once these security groups are established, users are defined and assigned to the security groups. Then each user is assigned to one or more personas, which control the following:
· How the menu bar displays
· What versions of screens with which the user can work
Security is defined independently for each organization unit within an organization. Each organization unit can have its own security groups, personas, and users. Security can be assigned to forms (custom and base), access-points, specific fields, operational reports, and TRS reports.
Default security groups and users are included in Personify360. You can assign a full security package for a user that provides security across all subsystems (these begin with an underscore (_)). Or you can build a single user’s security by assigning subsystem-level security (these begin with a subsystem acronym and are followed by an underscore and the permissions). For example:
· LCK_FULL represents the Lockbox subsystem and the security group has full permissions to all screens within the subsystem.
· CUS_RO represents the Customers subsystem and the security group has read-only permissions to all screens within the subsystem.
· MTG_DE represents the Meetings subsystem and the security group has data entry permissions to all screens within the subsystem.
Using the menu bar, you can select one of the following:
· Favorites – Allows users to set an application page as a “Favorite.” This adds the enabled application page to a list under the Add to Favorites link for quick access later. Deleting an application page is done by right-clicking the page’s Favorites link.
· Home Page – Opens the Home Page assigned to the persona in a new tab, as determined by the persona settings on PSM004.
· Change Password – Opens the Password Change window where you can change the user’s password. If this screen opens upon log in, the user must change the password or exit the application. The system will display Password Change Reminders similar to Windows within 14 days before the password expires.
· Configure Email Alerts – Allows you to enable or disable Email Alerts.
Using the interactive links in the bottom-right area of the application, you can perform any of the following. Hover your mouse over the links for help text:
· Change Organization – Allows you to select another organization and organization unit in which to work. You must close all open screens before you can select this option.
· Switch User – Switches users to a different account without closing the system, similar to Windows Vista. You must close all open screens before you can select this option.
· Switch Database – Allows you to switch to another database in your system without closing the application. User login credentials are preserved when switching databases. Before you click OK to switch the database, you can select to Reload Persona (when checked, the persona menus and toolbars are reloaded for the user on the database) and Reload Security (when checked, all security-related data is reloaded for the user on the database). When you click OK, the system performs the following:
o Creates seat information for the new database and the previous user’s login information
o Creates a Network Access Token and a Client Context
o Clears the application data cache
o Clears the code cache
o Refreshes the application runtime parameter
o Refreshes the application interface parameter
o Refreshes the user’s persona and security-related data, if “Reload Security” is checked
o Refreshes toolbars and menu items, shows dashboards and unresolved issues, if “Reload Persona” is checked
o Refreshes the organizations and organization units list
o Notifies the Context Organization Change event so that it can be handled by different objects, if necessary
The databases do not have to be on the same server.
If you currently run on 7.3.1 or earlier, the interactive links appears as options from the menu bar.
There are several pre-requisites that must exist before you can switch your database. Those include:
· Each database must have an entry in the PSM_USER table for the logged-in user with the same credentials.
· All persona security-related data must be synchronized throughout all the databases (i.e. all PSM_xxxxxx table records should be the same in all databases).
· All user’s information must be the same in all of the databases (e.g. User ID, password).
If you do not want this feature available for all users (it is currently in the base application), then do not set the user’s credentials to access the other databases.
o Security information must be the same in all of the databases (e.g. security groups, permissions).
o Persona and Menu Structure must be the same in all of the databases (e.g. personas, menus).
If any of the above conditions do not match, then the user must select to Reload Persona or Reload Security. Otherwise, the application security will not function properly.
· Exit – Closes the application.
The table structures relevant for security setup are as follows: