About users and groups
You can set access levels and authorizations for individual users or for groups of users.
Group authorizations
When you create a new user, perhaps the easiest way to assign authorizations and permissions to that user is by assigning the user to one or more user groups. This is done using the Users form, when you create the user profile.
Default groups are already set up and delivered in Mongoose; for example, the CoreFormsAdmin and the APPBUILDER-Administrator group. To modify the forms and permissions for an existing group, select the group on the Groups form and click to open the Object Authorization for Group form.
You can add or delete groups on the Groups form.
For a list of the default Mongoose groups, open the Groups form, select the group you want to know about, and then click . This launches the Object Authorization for Group form, which displays the member forms (and/or other objects) for that group.
User authorizations by copying another user's goups
When you create a new user, you can copy the user's group memberships from an existing user. On the Users form, select the user who needs to add groups, and click . On the Copy Groups From User form, select the user from whom you want to copy the groups. If multiple groups are listed, you can select the groups that you want to copy to this user. To return to the form, click . Then save the changes to the new user's record there.
User authorizations
If a user is not assigned to any group, use the Object Authorizations for User form to determine what forms and privileges are available to that user.
How authorizations work together
User groups allow you to determine the authorizations and permissions for multiple users by assigning them all to a single group.
Group authorizations work together. If a user is included in a group where a privilege is granted on a certain form, that granted privilege prevails over any "not granted" setting for the same form in other groups assigned to this user. However, any user authorizations set for individuals always override group authorizations defined for a form.
At the User Authorizations level (Object Authorizations for User form), privileges are either granted or revoked. There is only one set of privileges per form or per component per user. Therefore, if a privilege is revoked at the User Authorizations level, the same privilege cannot be granted at the Group Authorizations level (Object Authorizations for Group form).
User authorizations cannot have multiple privileges for the same form or same component. If a form or component is revoked at the User Authorization level, that revoke setting is used regardless of any group privileges that you specify.
If privileges are left blank at the user authorization level, the user is assigned the permissions defined at the group level.
User Authorization Report
In the User Authorization Report, user and group authorizations for forms and IDOs are grouped together by user ID. Row authorizations are grouped together by user ID and group name, and are sorted by IDO and group name. Options on the form let you choose the specific forms or IDOs you want to see in the report. You can see and compare all authorizations for a single user in the same section of the report. This makes it easier for you to determine whether a user has multiple permissions set differently for the same form, through different groups to which the user is assigned.