Users and user groups
The security system is designed around the allocation of users to security groups. The system automatically creates 2 security groups – sysAdmins and sysUsers. The sysAdmins group gives full security rights to the application including access to the Application Administration module; the sysUsers group gives basic access to the application. Additional rights and restrictions may be allocated by adding new custom groups.
Users and groups are set up, edited and deleted in the Application Administration module. A list of users and groups is displayed in the menu section on the left of the module screen. To set up a new user or group open the menu by clicking the menu design tool on the top right of the screen, select [add new item] and enter new user/group name. The new user/group will be added to the menu list. To delete a user or group open the menu by clicking the menu in design mode, select the user/group and click on the delete option.
Open the user account by clicking on the user name in the menu and selecting the [License Allocation] tab. Add license from drop down list (licenses are allocated by LightGlue© in accordance with terms of client agreement). Select [Members of Group] tab to view group memberships. All users are automatically added to the sysUsers group which allows basic access to the application (see Security Settings below). Additional group memberships may be added from the dropdown list
Open the group account by clicking on the group name in the menu. Group members may be viewed or added from the [User Members] tab. To add/edit table permissions select the [Table Permissions] tab. NB it is not necessary to add permissions for the sysAdmins group as this group has full rights by default. Where additional security settings are to be enabled the sysUsers group permission should be set at the lowest access level (typically read only for those tables open to all). Additional table rights and row/column restrictions are allocated to additional custom groups (see Security Settings and Examples below)
By default all objects in applications built on the LightGlue© platform are open unless at least one permission is set. Permissions may be set on Menus, Tables, Columns within tables and data Rows. Permissions may be specified with different combinations of read/create/update/delete and for multiple security groups. Table and Row permissions may be set from the Application Administration module.
Menus/Menu Groups/Menu Items can be hidden from certain users by setting the 'CanRead' row permissions for the row. Menu permissions are set in design mode, click on the settings (cog) button beside the Menu/Group/Item. On the main details form set the permissions using the padlock icon.
Permissions may be set on tables which apply to all rows within the table and are respected by all the forms/grids that use that table. The table permissions are the highest priority and cannot be 'elevated' by the row permissions. i.e. you can only place further restrictions using row security; you cannot for example grant edit on a row using row permissions if the user does not have edit permissions on the table. Table permissions are set either in the table design page (last tab) or in the User Group edit page. The permissions page on the table editor shows all permissions for the table. The permissions editor on the User Group page shows all table permissions set for the group.
Permissions may be set on columns in the table designer. If a column has no permissions set then it's available to all users to view, edit and delete. If any permissions are added then the column becomes secure and only those users in the specified groups can access/edit/delete the column. Column permissions are set by selecting the column you wish to secure in the table designer and clicking ‘Edit Column Permissions’ from the [Actions] menu at the top of the page..
Permissions may be set on individual rows in grids and forms. If a row has no permissions set then it's available to all users to view, edit and delete. If any permissions are added then the row becomes secure and only those users in the specified groups can access/edit/delete the row. Row permissions are set by selecting the row and using the 'padlock' icon on the toolbar of the form or grid to open the permissions form.