User Group Management
This feature is available on a multiuser environment (TeamWork edition).
User groups are used to create a certain level of access rights.
It is much easier to manage security roles than managing access rights of each user seperately.
Example: Suppose that you have support team in your office but you do not want them to
access information about sales or other sensitive information which they do not need for
their job. But you wish them to have read-only access to customer information and
read/write access to support cases information. Create a user group dedicated to support
team and adjust the access permissions for the user group only. Finally add all team members
to this group to apply the group rights to the support team.
In case a new member has joined the support team, it is sufficient to add him/her to the
group to apply the same rights.
If you modify the access permissions of a user group, all users under that user group are
affected at the same time.
Creating / Modifying User Groups
Click "Users" from main menu, select "User Groups". This will open a window
where you will be able to manage user groups.
Click "Create New" button, type a "group name", check the permissions you wish to grant to this user group.
Tips:
- You may create any number of user groups.
- You cannot grant the right to modify security settings / access rights to a user group you have created.
This right is reserved for the builtin "system administrators" group only.
- It is possible to restrict the access rights of "system administrators" group. This is allowed intentionally
to easily observe the effect of an access rights arrangement.
Monitor Users & Permissions: Allows the users of the group to monitor user group permissions
and access rights.
Modify Database Design: Allows the group users to modify database connection settings.
Modify System Preferences: Allows the group users to modify system preferences.
Unlock Protected Records: Allows the group users to remove protection from a record which is set to the protected status.
Manage Report Templates: Allows to create/modify/delete custom report templates.
Manage Public Views: Allows the group users to create/modify/delete all
public views that are shared by all users.
Allow Private Views: Allows the group users to create custom views
dedicated to their user profile. (recommended)
Allow Pagination: Enables page navigation tools when the number of records on current view is more than the page limit.
Allow Custom Font and Colors: Allows the users to customize the data display font, color and style on their own screen.
(recommended).
Default Permissions For Record Management: Sets the default permissions of the group users to access
information in your database. These permissions are valid for all catalogs and field of the database.
You can always create exceptions to overwrite them on catalog, field or user level.
Tip: If you plan to grant full access to most of the information in your database, check all the default
permissions and create access right exceptions for the catalogs you wish to restrict. On the other hand, if you plan to only grant
access to a very limited amount of information in your database, uncheck all the default permissions and create access right exceptions
for the catalogs you wish to grant access.
DISCLAIMER!
For multiuser (Teamwork) licenses:
Beware that, access control management in SpeedBase is designed mostly for preventing accidental data loss, to keep the desired part of the information away
from curious people around and from your own users who simply do not need it. This feature should not be considered as a high level of protection
against your own users. Do not consider it as a way to hide sensitive information from your own users.
If you want to save sensitive information like passwords, you are recommended to use encryption feature.
Adding/Removing a User To/From a User Group
Open user groups window, select the user group you wish to modify,
click "modify" button, click the "group members" tab on the "user group properties" window.
To add a user, click "add" button and select the user. To remove a user select the user from member list and
click "remove" button.
If you add a user to a second user group, the user rights are elevated to gain the extra rights coming from the second group.
If you remove a user from a user group, the user loses all added rights he/she gained from that user group.
Creating Access Right Exceptions For a User Group
The (data) access rights of the group users are determined by the group settings.
However, you may still create exceptions which will overwrite the rights gained/lost thru group settings.
To do this, select the user group from the user group list,
click "access rights" button and create the exception you need using "access rights manager".
See "Advanced Access Rights Manager" for more info.
Deactivating a User Group
You may deactivate a user group by unchecking the "user group is active" checkbox. This will disable
all rights gained from this user group.
Deleting a User Group
To delete a user group, select the user group from the user group list,
click "delete group" button.
Deleting the the user group "system administrators" is not allowed.