To create roles and authorizations - details

The procedure details are based on the case study in the To create roles and authorizations section.

To create the standard role that contains the basic user authorizations:

Passo 1. Add a new role
  1. Start the Dados da função (ttams2100m000) session.
  2. On the toolbar, click New to create the standard role.
  3. Enter an identifier in the Função column, and enter a descriptive name for the role in the Descrição column. For this case study, enter Standard as the role identifier and Basic Employee Authorizations as the role’s description.
  4. Click Save to save the role in LN ’s data dictionary.
Passo 2. Define session authorizations at company level

Users must be able to view and print the data in the Global Enterprises’ general data dictionary. The users must also have full, round-the-clock authorizations for the data in the Holland Company and the USA Company.

To define these authorizations at company level:

  1. In the Dados da função (ttams2100m000) session, select the Standard role in the grid.
  2. On the Visualizações, Referências o Ações menu, point to Autorizações de sessão and click Session Authorizations by Company. The Autorizações de sessão por companhia (ttams3133m000) session starts.
  3. On the toolbar, click New.
  4. In the Companhia field, zoom to the Companhias (ttaad1100m000) session and select Data Dictionary_General (000) company.
  5. In the Grupos de autorização box, select Print/Display.
  6. In the Horainicial and Horafinal fields, define the time interval 00:00 and 24:00, respectively.
  7. Repeat Steps 3 and 4 for the Holland Company and the USA Company and click Save.
  8. Exit the Autorizações de sessão por companhia (ttams3133m000) session to return to the Dados da função (ttams2100m000) session.
Passo 3. Define session authorizations at module level

Full authorization is required to ensure that users can use LN ’s Chart Manager for the sessions in the Chart Manager module. The session authorizations at module level are an addition to the print/display authorization of the Global Enterprise’s general data dictionary (000).

Because the Chart Manager module is part of LN Tools (tt), you must add the session authorization for the chart manager module to the standard role.

To add this session authorization, you must add LN Tools to the general data dictionary in the standard role. Then add full authorization for the Chart Manager to the standard role.

To define the session authorizations at module level:

  1. In the Dados da função (ttams2100m000) session, select the Standard role in the grid.
  2. On the Visualizações, Referências o Ações menu, point to Autorizações de sessão and click Session Authorizations by Module. The Autorizações de sessão por módulo (ttams3131m000) session starts.
  3. On the toolbar, click New Group.
  4. In the Companhia field, zoom to the Companhias (ttaad1100m000) session and click Data Dictionary_General (000).
  5. In the Pacote field, zoom to the Packages (ttadv1100m000) session and click tt (Tools).
  6. On the toolbar, click New, and in the Módulo field, zoom to the Modules (ttadv1101m000) session and select the Chart Manager (CHM) module.
  7. In the Grupos de autorização box, select Full Authorization.
  8. In the Hora inicial and Hora final fields, define the time interval 00:00 and 24:00, respectively, and click Save.
  9. Exit the session to return to the Dados da função (ttams2100m000) session.
Passo 4. Define session authorizations at session level

To ensure that all necessary functionalities in Global Enterprises’ general data dictionary function properly, some authorizations at the session level must be restricted or added to LN Tools. For example, the authorization for the Manutenção geral de tabela (ttaad4100 ) session must be restricted to no authorization. You must also extend the authorization for the Selecionar dispositivo (ttstpsplopen ) session to full authorization.

To extend this authorization, you must add LN Tools to the general data dictionary in the standard role, and add the session authorizations at session level. For example, restrict the authorizations for the Manutenção geral de tabela (ttaad4100 ) session to no authorizations.

To add the session authorizations at session level:

  1. In the Dados da função (ttams2100m000) session, select the Standard role in the grid.
  2. On the Visualizações, Referências o Ações menu, point to Autorizações de sessão, and click Session Authorizations by Session. The Autorizações de sessão por sessão (ttams3132m000) session starts.
  3. On the toolbar, click New Group.
  4. In the Companhia field, zoom to the Companhias (ttaad1100m000) session and select Data Dictionary_General (000).
  5. In the Pacote field, zoom to the Packages (ttadv1100m000) session and select tt (Tools).
  6. On the toolbar, click New, and in the Sessão field, zoom to the Sessions (ttadv2506s000) session and select Manutenção geral de tabela (ttaad4100 ) session.
  7. In the Grupos de autorização field, select No Authorization.
  8. In the Hora inicial and Hora final fields, define the time interval 00:00 and 24:00, respectively, and then click Save.
  9. Exit the session to return to the Dados da função (ttams2100m000) session.
Passo 5. Define table authorizations at company level

You must assign the table authorizations at company level to the standard role. These authorizations are required to ensure that the employees can perform all the necessary database transactions in Global Enterprises’ general data dictionary, the Holland Company, and the USA Company.

To define the table authorizations for the standard role:

  1. In the Dados da função (ttams2100m000) session, select the Standard role in the grid.
  2. On the Visualizações, Referências o Ações menu, point to Autorizações de tabela, and click Table Authorizations by Company. The Autorizações de tabela por companhia (ttams3144m000) session starts.
  3. On the toolbar, click New. In the Companhia field, zoom to the Companhias (ttaad1100m000) session and select the Data Dictionary_General (000) company.
  4. In the Indicador de autorização field, select Delete/Insert/Modify/Read.
  5. Repeat Steps 2 through 4 for the Holland Company and the USA Company, and then click Save.
  6. Exit the session to return to the Dados da função (ttams2100m000) session.
Passo 6. Define table field authorizations

Ensure that the users cannot change their own user name, user type, and system logon. The employee’s authorizations for these table fields in the User Data (ttaad200) table must be restricted to read only.

To define the table authorizations for the standard role at table field level:

  1. In the Dados da função (ttams2100m000) session, select the Standard role in the grid.
  2. On the Visualizações, Referências o Ações menu, point to Autorizações de tabela, and click Autorizações do campo da tabela. The Table Field Authorizations (ttams3143m000) session starts.
  3. On the toolbar, click New Group.
  4. In the Companhia field, zoom to the Companhias (ttaad1100m000) session and select Data Dictionary_General (000).
  5. On the toolbar, click New. In the Field Name field, zoom to the Table Fields (ttadv4529m000) session and select the name (ttaad200.name) field in the User Data (ttaad200) table.
  6. In the Authorization field, select Read.
  7. Repeat Steps 4 and 5 for the User Type table field and the System Logon table field, and then click Save.
  8. Exit the session to return to the Dados da função (ttams2100m000) session.
Passo 7. Convert the role to the run-time data dictionary.

You must now convert the standard role to the run-time data dictionary. This step completes the procedure to create the standard role.

  1. In the Dados da função (ttams2100m000) session, on the Visualizações, Referências o Ações menu, click Convert Changes to Runtime DD. The Converter alterações para DD de runtime (ttams2200m000) session starts.
  2. Under Funções, click Autorizações banco de dados and Autorizações de sessão / biblioteca.
  3. Click Convert to convert the standard role to LN ’s run-time data dictionary.
  4. Restart LN: to apply the new settings, the relevant users must log off and log on again.

The employees’ basic authorizations are now defined in the standard role. This concludes the case study. At this point, you can create additional roles and sub-roles for specific tasks. You must use the Dados do usuário (ttaad2500m000) session to link the roles to the individual LN users. See “To create LN users,” in the User-related procedures section.