Rights and Roles
Rights management in yuuvis® RAD is role-based.
Depending on the description of the position and tasks, employees work with different data, functions, and applications. User rights for access to data, functions, and applications in accordance with the employees’ fields of duties and responsibility are grouped into roles in yuuvis® RAD. In this way, users with the same fields of duties and responsibility also have the same rights in the system.
Users can view the roles assigned to them in yuuvis® RAD client via their settings.
Roles and Groups
Roles are generally assigned to groups, i.e., to departments, teams, or work/task areas. Assigning a role to a group means that all members of the group and all other assigned groups and their members get the rights that the assigned role contains.
- The Accounting role is allowed to read and write invoices, create customers, start invoice receipt processes, etc.
- The Sales role can create Order documents, etc.
Individual Roles for Users
You can also assign roles to users individually. This makes sense if individual users within an organization unit, such as a department head or a technical administrator, require additional rights that other members of the group do not have.
- The Sales management role is permitted to delete Order documents, etc.
- The Model administrator role can view all object types and change the data model, etc.
Excluded Roles
Roles can be explicitly excluded when assigning roles to groups and users. A user will not be assigned excluded roles even if these roles are assigned to this user in a group or as a user.
Logging
Changes to the security system are logged in the \logs\core-service-security.log file in the yuuvis® RAD core-service installation directory.
Security logs must be enabled: Main menu > System > Settings > Core service > Global > Server > Enable security logs.