Form-level security
After an authorized user has successfully logged on to the application, the user can only view information for which they are authorized. The specific pages, forms, and reports the user can view depend on the user's security group and the security settings that have been specified for the maintenance forms.
Form-level security determines which maintenance forms and interactions the security groups are authorized to view and modify. Each page and certain sections of page (child forms) can be identified as individual forms.
Security groups, such as supervisor, employee, or system administrator, are function-based so that access to information is limited to the parts of the application the user needs to view and modify to perform their job. A security group does not have specific security privileges until they are explicitly granted.
When you assign permissions to individual maintenance forms, the security groups can be granted one of these permission types:
- Edit: Enables users in the security group to view and edit maintenance forms. Any links or Delete check boxes on forms or pages are functional.
- View: Enables users to view maintenance forms only. links and Delete check boxes are hidden.
- None: Prevents users from accessing maintenance forms.
For example, to prevent users in the Supervisors security group from accessing the Weekly Timesheet, set the corresponding permission to
.Any permission that is set in the JSP Parameter field of the Maintenance Form Detail page overrides the group permissions for the maintenance form. See Maintenance forms.