To create roles and authorizations - details

To create the standard role that contains the basic user authorizations, use the following procedure.

Note: the procedure details described in this section are based on the case study in the To create roles and authorizations section.

Istruzione 1. Add a new role
  1. Start the Dati ruolo (ttams2100m000) session.
  2. On the toolbar, click New to create the standard role.
  3. Enter an identifier in the Ruolo column, and enter a descriptive name for the role in the Descrizione column. For this case study, enter Standard as the role identifier and Basic Employee Authorizations as the role’s description.
  4. Click Save to save the role in LN ’s data dictionary.
Istruzione 2. Define session authorizations at company level

Users must be able to view and print the data in the Global Enterprises’ general data dictionary. The users must also have full, round-the-clock authorizations for the data in the Holland Company and the USA Company.

To define these authorizations at company level, complete the following steps:

  1. In the Dati ruolo (ttams2100m000) session, select the Standard role in the grid.
  2. On the Visualizzazioni, Riferimenti o Azioni menu, point to Autorizzazioni sessione and click Session Authorizations by Company. The Autorizzazioni sessioni per Società (ttams3133m000) session starts.
  3. On the toolbar, click New.
  4. In the Società field, zoom to the Società (ttaad1100m000) session and select Data Dictionary_General (000) company.
  5. In the Gruppi autorizzazioni box, select Print/Display.
  6. In the Ora diinizio and Oratermine fields, define the time interval 00:00 and 24:00, respectively.
  7. Repeat Steps 3 and 4 for the Holland Company and the USA Company and click Save.
  8. Exit the Autorizzazioni sessioni per Società (ttams3133m000) session to return to the Dati ruolo (ttams2100m000) session.
Istruzione 3. Define session authorizations at module level

Full authorization is required to ensure that users can use LN ’s Chart Manager for the sessions in the Chart Manager module. The session authorizations at module level are an addition to the print/display authorization of the Global Enterprise’s general data dictionary (000).

Because the Chart Manager module is part of LN Tools (tt), you must add the session authorization for the chart manager module to the standard role.

To add this session authorization, you must add LN Tools to the general data dictionary in the standard role, and then add full authorization for the Chart Manager to the standard role. To define the session authorizations at module level, take the following steps:

  1. In the Dati ruolo (ttams2100m000) session, select the Standard role in the grid.
  2. On the Visualizzazioni, Riferimenti o Azioni menu, point to Autorizzazioni sessione and click Session Authorizations by Module. The Autorizzazioni sessioni per Modulo (ttams3131m000) session starts.
  3. On the toolbar, click New Group.
  4. In the Società field, zoom to the Società (ttaad1100m000) session and click Data Dictionary_General (000).
  5. In the Package field, zoom to the Packages (ttadv1100m000) session and click tt (Tools).
  6. On the toolbar, click New, and in the Modulo field, zoom to the Modules (ttadv1101m000) session and select the Chart Manager (CHM) module.
  7. In the Gruppi autorizzazioni box, select Full Authorization.
  8. In the Ora di inizio and Orachiusura fields, define the time interval 00:00 and 24:00, respectively, and click Save.
  9. Exit the session to return to the Dati ruolo (ttams2100m000) session.
Istruzione 4. Define session authorizations at session level

To ensure that all necessary functionalities in Global Enterprises’ general data dictionary function properly, some authorizations at the session level must be restricted or added to LN Tools. For example, the authorization for the Gestione tabella generale (ttaad4100 ) session must be restricted to no authorization. You must also extend the authorization for the Selez. disp. (ttstpsplopen ) session to full authorization.

To extend this authorization, you must add LN Tools to the general data dictionary in the standard role, and add the session authorizations at session level. For example, restrict the authorizations for the Gestione tabella generale (ttaad4100 ) session to no authorizations.

To add the session authorizations at session level, take the following steps:

  1. In the Dati ruolo (ttams2100m000) session, select the Standard role in the grid.
  2. On the Visualizzazioni, Riferimenti o Azioni menu, point to Autorizzazioni sessione, and click Session Authorizations by Session. The Autorizzazioni sessioni per Sessione (ttams3132m000) session starts.
  3. On the toolbar, click New Group.
  4. In the Società field, zoom to the Società (ttaad1100m000) session and select Data Dictionary_General (000).
  5. In the Package field, zoom to the Packages (ttadv1100m000) session and select tt (Tools).
  6. On the toolbar, click New, and in the Sessione field, zoom to the Sessions (ttadv2506s000) session and select Gestione tabella generale (ttaad4100 ) session.
  7. In the Gruppi autorizzazioni field, select No Authorization.
  8. In the Ora di inizio and Orachiusura fields, define the time interval 00:00 and 24:00, respectively, and then click Save.
  9. Exit the session to return to the Dati ruolo (ttams2100m000) session.
Istruzione 5. Define table authorizations at company level

You must assign the table authorizations at company level to the standard role. These authorizations are required to ensure that the employees can perform all the necessary database transactions in Global Enterprises’ general data dictionary, the Holland Company, and the USA Company.

To define the table authorizations for the standard role, take the following steps:

  1. In the Dati ruolo (ttams2100m000) session, select the Standard role in the grid.
  2. On the Visualizzazioni, Riferimenti o Azioni menu, point to Autorizzazioni tabella, and click Table Authorizations by Company. The Autorizzazioni tabelle per Società (ttams3144m000) session starts.
  3. On the toolbar, click New. In the Società field, zoom to the Società (ttaad1100m000) session and select the Data Dictionary_General (000) company.
  4. In the Indicatore autorizzazione field, select Delete/Insert/Modify/Read.
  5. Repeat Steps 2 through 4 for the Holland Company and the USA Company, and then click Save.
  6. Exit the session to return to the Dati ruolo (ttams2100m000) session.
Istruzione 6. Define table field authorizations

To make sure that the users cannot change their own user name, user type, and system logon, the employee’s authorizations for these table fields in the User Data (ttaad200) table must be restricted to read only.

To define the table authorizations for the standard role at table field level, take the following steps:

  1. In the Dati ruolo (ttams2100m000) session, select the Standard role in the grid.
  2. On the Visualizzazioni, Riferimenti o Azioni menu, point to Autorizzazioni tabella, and click Autorizzazioni campi tabelle. The Table Field Authorizations (ttams3143m000) session starts.
  3. On the toolbar, click New Group.
  4. In the Società field, zoom to the Società (ttaad1100m000) session and select Data Dictionary_General (000).
  5. On the toolbar, click New. In the Nome campo field, zoom to the Table Fields (ttadv4529m000) session and select the name (ttaad200.name) field in the User Data (ttaad200) table.
  6. In the Authorization field, select Read.
  7. Repeat Steps 4 and 5 for the User Type table field and the System Logon table field, and then click Save.
  8. Exit the session to return to the Dati ruolo (ttams2100m000) session.
Istruzione 7. Convert the role to the run-time data dictionary.

You must now convert the standard role to the run-time data dictionary. This step completes the procedure to create the standard role.

  1. In the Dati ruolo (ttams2100m000) session, on the Visualizzazioni, Riferimenti o Azioni menu, click Convert Changes to Runtime DD. The Conversione modifiche in DD runtime (ttams2200m000) session starts.
  2. Under Ruoli, click Autorizzazioni database and Autorizzazioni libreria/sessione.
  3. Click Converti to convert the standard role to LN ’s run-time data dictionary.
  4. Restart LN: to apply the new settings, the relevant users must log off and log on again.

The employees’ basic authorizations are now defined in the standard role. This concludes the case study. At this point, you can create additional roles and sub-roles for specific tasks. You must use the Dati utente (ttams1100s000) session to link the roles to the individual LN users. For more information, refer to “To create LN users,” in the User-related procedures section.