Teams and other Restrictions

Root > 1. WiredContact Enterprise


"Teams" and Security in WiredContact 

User Security

The User Security applies rules to individual users regardless of the License the user has applied to them and applies the rules to the tables of data within WiredContact.
 

The security rules govern whether a user is able to Access, Update, Delete, Add New, View Reports for a record in a table. The Add New applies only to a table, since you can't apply Add New permissions to a record that already exists.

There is a default rule that will be followed if there are no other rules that apply for the table and/or record that the user is accessing. That rule is the default.default rule for the user that is logged in. Alll other rules are optional.

For each table, you may apply up to four rules that apply to the user:

  • Default

  • Not Record Manager(Not RM)

  • Not Team Member Owner (Not TMO)

  • Managing Team Field value does not match user Team (Not MT)

The Default.Default rule is applied if no other rule matches the current table/record.

The Default rule for a table is applied if no other rule matches the current table/record. If the Default rule for the table is applied, the Default.Default rule is not applied.

The Not Record Manager rule applies to specific records in a table. (The Add New security attribute is not applicable). If the user is the Record Manager (Record Manager field defined in the Table Defaults) of the record, then the Not Record Manager rule is NOT applied, and Default rule for the table or Default.Default rule is applied. If the user is Not the Record Manager of the record, then the Not Record Manager rule is applied and the Default rule for the table, and Default.Default rule is ignored.

The Not Team Member Owner rule applies to specific records in a table (The Add New security attribute is not applicable). If the user belongs to one or more teams, then a list of users is built based on the user members of those team(s). If one of the users from the Team user list is the Record Manager (Record Manager field defined in the Table Defaults) of the record, then the Not Team Member Owner is NOT applied, and the Not RM rule is tested. If that rule is not applied, then the Default rule for the table or Default.Default rule is applied. If the Record Manager of the record is not in the list of users from the Team user list, then the Not Team Member Owner is applied and the following rules are ignored: the Not RM rule for the table, the Default rule for the table, and the Default.Default rule for the table.

The Not Managing Team Field rule applies to specific records in a table (The Add New security attribute is not applicable). One or more Managing Team Fields must be specified in the Table Defaults for this rule to be applied. When the record is evaluated for security, the value(s) of the Managing Team Field(s) are used and compared to the Teams of the user. If the value of the Managing Team Field(s) is equal to '***Allow Everyone***', then the rule is not applied. If the value(s) of the Managing Team Field(s) match one of the User's Team(s), then the rule is not applied. If the value(s) of the Managing Team Field(s) does not match one of the User's Team(s), then the rule is applied and following steps are taken:

  • If the Record Manager field (specified in the Table Defaults) equals the current user, then the user is Allowed Access even if the security specifies to Deny Access, unless in the Table Defaults the Strict Managing Team checkbox is checked.

  • If the Record Manager field (specified in the Table Defaults) equals the current user, and the user id Denied Update by the Not MT rule, the user will be Allowed Edit if in the Table Defaults the Record Manager Edits checkbox is checked.

  • If the Record Manager field (specified in the Table Defaults) equals the current user, and the user id Denied Delete by the Not MT rule, the user will be Allowed Delete if in the Table Defaults the Record Manager deletes checkbox is checked.

You may disable delete for all users at all times by checking the "Disable Delete" checkbox in the Table Defaults.

You may disable New for all users at all time by checking the "Disable New" checkbox in the Table Defaults.

There is a comprehensive debugging option for Security so you can see which rule is applied for a record. Check the "Debug Security" checkbox in the Table Defaults, and when a Security Rule is tested, detailed security results are presented in the "WiredContact Errors.log" file. Make sure you disable this option when you are done testing security as it creates significant text in the WiredContact Errors.log file and has a negative impact on overall application performance.

  • Private: The Private Field is assigned in the Table Defaults for each table. If the Private Field is assigned, and the Private Field has the value specified in the Private Lock Value field, then only the RecordManager for that record may access it.

  • Public Access: The Public Access Field is assigned in the Table Defaults for each table. If the Public Assess Field is assigned and has the value specified in the Public Access Open Value field, then any user has access to that record regardless of the user's security. AltLookupSecurity must be disabled for this function to work.

  • Public Access/Edit: The Public Access/Edit Field is assigned in the Table Defaults for each table. If the Public Assess/Edit Field is assigned and has the value specified in the Public Access/Edit Open Value field, then any user has access to that record and can update it regardless of the user's security. AltLookupSecurity must be disabled (in custom settings) for this function to work.

  • Public RecordManager (RM): The Public Recordmanager is a specialized version of the Public Access/Public Edit field/field value pairs. If a Public RM for Access or Edit is specified then when a record has that value for the Record Manager, that record is public (either Access or Edit). This feature might be useful if you create a special user for distributing leads which would be available to everyone, then users would be able to see those records and assign them to themselves or other users in environments where the security is very strict.

  • Level: Uses the User Level to determine if a record is visible to the user based on the level assigned in the level field for the record, and the user's level. If no level is assigned to the record, the level 0 is used. If the user has access to the record based on the Security set for the table, then if the Level Field is set, the user's level is compared to the record's level, and if the user's level is equal to or higher than the record's level, the record is visible to the user. Otherwise, the user is restricted and would be denied access to the record.

Teams in addition to and in association with Security as defined above.

Users can belong to "Teams", in fact they can below to as many teams as you want, if you apply the restrictions above to a "User" then you also add them to a "Team" you can have a large number of people accessing your system all restricted to only those records they need to see and then only those fields you want them to see.


A contact record can have also have "A Team field" which contains an identifier such as the name of a show or a country / area therefore using this as an additional identifier can further restrict or can allow access to that record.


Layout test

As a record is displayed WiredContact can run a "Test" to see if certain criteria is being met and accordingly display the correct layout for that user or that record or a mix of both.

An example of how this may be applied is where you run a database on behalf of 50 Clients and want each Client to be able to log in and only see their specific Contacts and then to only see certain fields and for some of those fields to be read only or hidden.

In the above scenario you would usually purchase "Concurrent licences" and assign these to your Clients. A Concurrent licence can be assigned to multiple clients which saves you the cost of redundant licences.

If you are instructing us to put this together for you it really would help all parties if we start with a written document that sets out your expectations fully. Often it helps to re-read it and then ask another person in your team to check it - this process will reduce the time it takes for us to assimilate your expectation.

 

 


 

Add Feedback