Information Systems:Extension User Security
(Redirected from Extension User Security)
Jump to navigation
Jump to search
Just as ASW has its own built-in security mechanism (GO SECUR, GO MEDEA), Unity Extensions also has a security system. It can be categorized into the following:
- Menu authorities: controls display of Unity green-screen menus/options (e.g. user can or cannot "go into" this or that program)
- Functional authorities: controls actions in Extensions programs (e.g. PU for purge, F6 for Add)
- Permissions tables (table-based authorities): defines various permissions in tables, that are used by Extensions as well as ASW programs (custom/forked ones, of course).
It is set up by individual user, but can be copied from an existing person doing the same, or similar, job.
Authorize New User
Unity / Start uniPHARM Extensions / VA Company / System Administration / OMM Menus / Work with User Security.
12/02/14 12:33:54 UNIPHARM -- "PRODUCTION" UMRIU330/SYSUCTL
OMM -- List of Users Release 4.0
Display Order Start at: User Code Partial Name
NAM By name
Limit to: With Menu Dept. Conn. Cmd Line All Auth In Group Type
US
2=Update 4=Purge GR=Groups FA=Func. Auth GI=GIVE ALL
8=Copy MA=Menu Auth XA=PURGE AUT
User User/Resource Name Start Menu
ADECCO . ADECCO DC *SYSDEF
FLODELA ABUEL FLODEL DC *SYSDEF
SHEILATST AD sheilats test DC *SYSDEF
CAMILLED AD Camille Deato DC *SYSDEF
CHRISCH AD Chris Chow DC *SYSDEF
DOMERL AD Domer Lovino DC *SYSDEF
HENRYC AD Henry Chung DC *SYSDEF
MUHAMMADA ALI MUHAMMAD DC *SYSDEF
SIONYA ANG SIONY ACCT *SYSDEF
AUDITOR AUDITOR AUDITOR ADMIN *SYSDEF +
Display request satisfied as shown.
F3=Exit F5=Refresh F6=Add a user F8=More F12=Previous
F10=Copy by User
Add New User
Press F6 to add a user.
12/02/14 12:37:32 UNIPHARM -- "PRODUCTION" UMRIU335/UPDATE
ADD OMM -- Enter/Update User/Resource OMM Release 4.0
User First Name Init Surname Salutation Type
KELSEYT KELSEY TRAN MS US
Title
Additional Description
Phone # Local Area Closest Fax Dept
ACCT
Starting Menu
(or *SYSDEF ) Show Cmd All Auth Initial Bulletins Attach Network Net Node/WS
*SYSDEF N N Y
<---------- Network/Other System Passwords ---------->
Default Output Queue Default Job Queue
STEIN QGPL QBATCH
F3=Exit F5=Refresh
F6=Add F12=Previous
Fill in these fields, and press enter. If 'Show Cmd' is yes, the line above 'Option' and 'GO TO MENU' on the menu, will be a command line.
Position to the user just added by keying their last name in ‘partial name’, and pressing enter.
12/02/14 12:33:54 UNIPHARM -- "PRODUCTION" UMRIU330/SYSUCTL
OMM -- List of Users Release 4.0
Display Order Start at: User Code Partial Name
NAM By name TRAN
Limit to: With Menu Dept. Conn. Cmd Line All Auth In Group Type
US
2=Update 4=Purge GR=Groups FA=Func. Auth GI=GIVE ALL
8=Copy MA=Menu Auth XA=PURGE AUT
User User/Resource Name Start Menu
MA KELSEYT TRAN KELSEY ACCT *SYSDEF
__ DONNYT TROTTER DONNY DC *SYSDEF
__ CHRISTINET TUNG CHRISTINE ACCT *SYSDEF
__ MARYT TURNER MARY BUYER *SYSDEF
__ RETURNSUSR USER RETURNS DC *SYSDEF
__ NORWINU UY NORWIN IS *SYSDEF
__ RAYMONDU UY RAYMOND DC *SYSDEF
__ SHEILAV VENESS SHEILA IS *SYSDEF
__ SHEILAUSER VENESS M SHEILA IS *SYSDEF
__ YISHIENW WANG YISHIEN DC *SYSDEF +
F3=Exit F5=Refresh F6=Add a user F8=More F12=Previous
F10=Copy by User
Use option ‘MA Menu authority’ on them.
12/02/14 12:46:35 UNIPHARM -- "PRODUCTION" OMM600/MENULCTL
OMM -- Show List of Menus for User Release: 4.0
User
KELSEYT KELSEY TRAN ACCT
Limit to: System Show Author. Start at: Partial Menu Name
A AUTHORIZED
4=Delete menu for user O=Show Options
Sy Menu Name Menu Description
**END**
The user is authorized to menus shown in HIGH INTENSITY
F10=Copy by User F12=Previous
They will not be authorized to any menus. Press F10 to copy from another user.
12/02/14 12:48:27 UNIPHARM -- "PRODUCTION" OMM715/COPYAUTH
OMM -- Copy Authorities Release: 4.0
Copy From: Menu Name Option # User Profile
CHELSEAM
Copy To: Menu Name Option # User Profile
KELSEYT
Replacement Option
A
Are you sure you want to do this? Y
F12=Previous
Copy all menu authorities from an existing user that is doing the same (or similar) job. Press enter, say ‘Y’ to ‘Are you sure’, and press enter again. Now the new user has authorities.
12/02/14 12:51:30 UNIPHARM -- "PRODUCTION" OMM600/MENULCTL
OMM -- Show List of Menus for User Release: 4.0
User
KELSEYT KELSEY TRAN ACCT
Limit to: System Show Author. Start at: Partial Menu Name
A AUTHORIZED
4=Delete menu for user O=Show Options
Sy Menu Name Menu Description
SY AMT Alert Management System
SY AMTSET Alert Management System Setup Tasks
UX COMPANY-DV DV (Development) Menu .
UX COMPANY-PL PL (Volume Test) Menu .
UX COMPANY-VA VA (Validation) Menu .
UX EXT-ARSTMT AR - Customer Statements .
UX EXT-AUC AUC - Auto Cash Application .
UX EXT-CCP CCP - Cust./Contracts/Pricing .
UX EXT-CNS CNS - Contact Names Subsystem .
UX EXT-CPR CPR -- Cust. Prod. Restr. . +
The user is authorized to menus shown in HIGH INTENSITY
F10=Copy by User F12=Previous
Granting functional authorities
Go back to the list of users.
12/02/14 13:18:16 UNIPHARM -- "PRODUCTION" UMRIU330/SYSUCTL
OMM -- List of Users Release 4.0
Display Order Start at: User Code Partial Name
NAM By name TRAN
Limit to: With Menu Dept. Conn. Cmd Line All Auth In Group Type
US
2=Update 4=Purge GR=Groups FA=Func. Auth GI=GIVE ALL
8=Copy MA=Menu Auth XA=PURGE AUT
User User/Resource Name Start Menu
FA KELSEYT TRAN KELSEY ACCT *SYSDEF
__ DONNYT TROTTER DONNY DC *SYSDEF
__ CHRISTINET TUNG CHRISTINE ACCT *SYSDEF
__ MARYT TURNER MARY BUYER *SYSDEF
__ RETURNSUSR USER RETURNS DC *SYSDEF
__ NORWINU UY NORWIN IS *SYSDEF
__ RAYMONDU UY RAYMOND DC *SYSDEF
__ SHEILAV VENESS SHEILA IS *SYSDEF
__ SHEILAUSER VENESS M SHEILA IS *SYSDEF
__ YISHIENW WANG YISHIEN DC *SYSDEF +
Display request satisfied as shown.
F3=Exit F5=Refresh F6=Add a user F8=More F12=Previous
F10=Copy by User
This time use option FA for Function Authority.
12/02/14 13:20:18 uniPHARM -- PRODUCTION FARIU211/TASKCTL
Show Functions for a User CSU Release: 6.0
Current User # Fun Compare to: Type Qualifier # Fun Limit to: System View
KELSEYT USR CHELSEAM 29
Add: Sy Function Authorities
G=Grant Auth A=Audit 1 1 1 1 1 1 1 1
R=Revoke Auth P=Programs Using A U D I P O P A
d p e n u p g d
Sy Function Function Description d d l q r r m m
SY FLEX-COL Flex Column Support * * * * * * * *
SY FLEX-KEY Change flex key definitions * * * * * * * *
SY HELPTEXT Work with help text files * * * * * * * *
US ACCT FORMS Accounting user data forms * * * * * * * *
UX * * * * * * * *
UX ACCOUNTING Promotions Accounting Access * * * * * * *
UX AUTOCASH Autocash Application * * * * * * * *
UX CNSTABLES Change CNS user tables on fly * * * * * * *
Display request satisfied as shown.
Authority differences indicated by asterisks (*)
F3=Exit F10= LOCK Switches F14=Top F17=Revoke All
F5=Refresh F12=Previous F16=Bottom F19=Grant Missing
For ‘compare to’ key in ‘USR’ and the user ID of the person doing the same job. Press enter. All the functions the other person can do will show, with the authority differences showing as asterisks.
12/02/14 13:20:18 uniPHARM -- PRODUCTION FARIU211/TASKCTL
Show Functions for a User CSU Release: 6.0
Current User # Fun Compare to: Type Qualifier # Fun Limit to: System View
KELSEYT 29 USR CHELSEAM 29
Add: Sy Function Authorities
G=Grant Auth A=Audit 1 1 1 1 1 1 1 1
R=Revoke Auth P=Programs Using A U D I P O P A
d p e n u p g d
Sy Function Function Description d d l q r r m m
SY FLEX-COL Flex Column Support 1 1 1 1 1 1 1 1
SY FLEX-KEY Change flex key definitions 1 1 1 1 1 1 1 1
SY HELPTEXT Work with help text files 1 1 1 1 1 1 1 1
US ACCT FORMS Accounting user data forms 1 1 1 1 1 1 1 1
UX 1 1 1 1 1 1 1 1
UX ACCOUNTING Promotions Accounting Access 1 1 1 1 1 1 1
UX AUTOCASH Autocash Application 1 1 1 1 1 1 1 1
UX CNSTABLES Change CNS user tables on fly 1 1 1 1 1 1 1
Function(s) GRANTED successfully.
Authority differences indicated by asterisks (*)
F3=Exit F10= LOCK Switches F14=Top F17=Revoke All
F5=Refresh F12=Previous F16=Bottom F19=Grant Missing
Press F19 (upper shift F7) to grant all the missing authorities. Answer ‘Y’ to the warning, and press enter.
Granting additional authority
Menu Authority
Identify the menu name and option.
Dec-02-14 14:55:01 UNIPHARM -- "PRODUCTION" OMM111/MENU2CTL 4.0
WSID: SHEILA1
Menu CCP - Cust./Contracts/Pricing USER: SHEILAV
EXT-CCP . SYST: PRODUCTION
COMPANY VA
1 Show list of contracts 50 Promo item sales dtl - display
3 Show list of promotions 52 Promo item sales dtl - print
5 Show items extension list 54 Promo item sales summ- display
7 Show price look up rules 56 Promo item sales summ- print
9 Update markup classes
11 Work with Price Lists 61 Cost/Price List
13 Work with Contract Templates
22 Item Price Simulator
M--> 31 Miscellaneous Billing Menu
Option GO TO MENU 90 to signoff
__ __________ _ F 22 Toggle funct. keys
Your valid function keys are shown below.
1 Enter HELP Mode 5 WRKSPLF user 10 Go home menu 16 Toggle Options
3 Leave OMM 6 File List 12 Go previous men 17 Display any out
4 Current Reports 7 Submitted Jobs 13 Bulletins 20 IBM User Tasks
Go to System Administration, OMM Menus, Work with Users/Menus. There is no password, so just press enter again.
12/02/14 15:11:56 UNIPHARM -- "PRODUCTION" OMM505/TASKCTL
OMM -- Show List of Menus Release: 4.0
Display Order
NAM By menu name
Limit to: Menu Menu Type System Disp Type Lib List Lock
EXT-CCP
2=Update 4=Cancel A=Audit O=Options U=Users L=Library Lists
C=Copy L
Mnu # # of # c
Menu Typ Menu Description Sy Op Users Col k Lib List
AACANALF US Asset Mgmt Financial Analysis AA 13 2 N *NONE
AACANALP US Asset Mgmt Physical Analysis T AA 10 2 N *NONE
AACFIN US Asset Management Financial Tas AA 4 2 N *NONE
AACMAIN US Asset Management Tasks AA 5 2 N *NONE
AACPER US Asset Control Periodical Tasks AA 2 2 N *NONE
AACPHY US Asset Management Physical Task AA 2 2 N *NONE
AACSET US Asset Control Setup Tasks AA 3 2 N *NONE
AACYEAR US Year End Tasks AA 2 2 N *NONE +
Display request satisfied as shown.
F3=Exit F5=Refresh F6=Add F12=Previous
Key in the name of the menu you want to grant the user access to, and press enter.
12/02/14 15:11:56 UNIPHARM -- "PRODUCTION" OMM505/TASKCTL
OMM -- Show List of Menus Release: 4.0
Display Order
NAM By menu name
Limit to: Menu Menu Type System Disp Type Lib List Lock
EXT-CCP
2=Update 4=Cancel A=Audit O=Options U=Users L=Library Lists
C=Copy L
Mnu # # of # c
Menu Typ Menu Description Sy Op Users Col k Lib List
O EXT-CCP US CCP - Cust./Contracts/Pricing UX 16 120 2 N *NONE
--END--
F3=Exit F5=Refresh F6=Add F12=Previous
Key O for options in front of the menu, and press enter.
12/02/14 15:14:55 UNIPHARM -- "PRODUCTION" OMM700/MENU2CTL 4.0
WSID: SHEILA1
Menu Display Type USER: SHEILAV
EXT-CCP CCP - Cust./Contracts/Pricing 2 # Options
. 16
_ 1 Show list of contracts _ 50 Promo item sales dtl - display
_ 3 Show list of promotions _ 52 Promo item sales dtl - print
_ 5 Show items extension list _ 54 Promo item sales summ- display
X 7 Show price look up rules _ 56 Promo item sales summ- print
_ 9 Update markup classes _ 60
_ 11 Work with Price Lists _ 61 Cost/Price List
_ 13 Work with Contract Templates
_ 22 Item Price Simulator
_ 31 Miscellaneous Billing Menu
_ 40
A...Add U...Update D...Delete S...Show X...Authority R...Release lock
L...Lock item
Action Option Copy From Copy Authorities
N
F2=Toggle Display Type F4=Menu Header F12=Previous F17=Audit
Key X for Authority in front of the menu option, and press enter.
12/02/14 15:18:00 UNIPHARM -- "PRODUCTION" OMM670/USOPTCTL
OMM -- Show Users of a Menu Option Release: 4.0
Menu Option
EXT-CCP CCP - Cust./Contracts/Pricing 07 Show price look up rules
.
New Users/Function Profiles For All Users of Function Profile
KEYSEYT 1 __________ _ __________ _ __________ _
Start at: Partial User Name # Authorized Users
121
1 ABDIE US ABDITAHMAN EGALLEH DC
1 ADAMP US ADAM PARENT DC
1 ALBERTK US ALBERT KUDADIRGWA DC
1 ALLISONN US ALLISON NOURSE RET
1 AMANDAN US AMANDA NORMAN-MARTIN DC
1 AMANDAY US AMANDA YU BUYER
1 ANGELAC US ANGELA CHAN ACCT
1 ANGELAW US ANGELA WONG ACCT +
Blank out code, and user is no longer authorized to this option
F4=Show Option F10=Show All Users F14=Enable All
F12=Previous F15=Disable All
Key in the user ID, and 1, then press enter and F12 (it doesn’t have to be 1; actually any character would work).
This is all you have to do if the user already has access to the menu. If they don’t, you will have to make sure they have access to every menu option on the path from ‘Unity’ to here.
Functional Authority
Identify the function, and for which program, that the user needs.
12/02/14 15:22:23 uniPHARM -- PRODUCTION MKRIQ900/LISTCTL
UX - List of Price Look Up Rules PRODUCTION 1.00
Display Order Field Test Value
NAME By Price Look Up Rule
AND
Limit to: AND
Name Status Added By Linked to Customer
MA=Main Info PU=Purge AU=Audit Trail CU=Customer Links
CP=Copy DT=Rule Details
Name Description STATUS ADDED DTE UPDATE DTE
*DEFAULT DEFAULT PRICE RULE AC NOV 08 03
NO-MARKUP NO-MARKUP AC OCT 01 04 OCT 08 04
NON-SH-BAS CUSTOMER -- ONLY BASE AC JAN 30 05 OCT 31 12
NON-SHARE CUSTOMER'S RULE AC NOV 08 03 OCT 31 12
SHARE SHAREHOLDER/ASSOC.MEMBER RULE AC NOV 08 03 OCT 31 12
SHARE-BASE SHAREHOLDER/ASSC.MEM BASE PR AC JAN 30 05 OCT 31 12
SHAREPROMO SHAREHOLDER/ASSC.MEM PROMOONLY AC NOV 03 04 OCT 31 12
SHAREREG SHAREHOLDER/ASSC.MEM EXCLPROMO AC OCT 21 04 OCT 31 12
STAFF STAFF LOOK UP AC FEB 25 04 +
F21=Srcn Reset
F3=Exit F5=Refresh F6=Add F12=Previous F24=Srcn Save
For example, a user of this program may need to be able to purge records from this file, but doesn’t even see the ‘PU=purge’ option.
Go to System Administration, Work with Functional Authority, Change Users.
12/02/14 15:32:17 uniPHARM --Volume test FARIU211/TASKCTL
Show Functions for a User CSU Release: 6.0
Current User # Fun Compare to: Type Qualifier # Fun Limit to: System View
CHELSEAM 28 USR SHEILAV 104
Add: Sy Function Authorities
G=Grant Auth A=Audit 1 1 1 1 1 1 1 1
R=Revoke Auth P=Programs Using A U D I P O P A
d p e n u p g d
Sy Function Function Description d d l q r r m m
_ UX OEPRICOVER Order Entry Price Overrides 1 1 1 1 1 1 1 1
_ UX OERESTOVER Restriction Overrides * * * * * * * *
_ UX OMS Working with OMS files * * * * * * * *
_ UX PALLETS Warehouse Pallets * * * * * * * *
_ UX PLZ Pick Lists 1 1 1 1 1 1 1 1
P UX PRICELIST Price List Authority * 1 1 1 * 1 1 1
_ UX PROMOTIONS General Promotions Authority 1 1 1 1 * 1 1 1
_ UX RELEASES Enter/update releases * * * * * * * *
Authority differences indicated by asterisks (*)
F3=Exit F10= LOCK Switches F14=Top F17=Revoke All
F5=Refresh F12=Previous F16=Bottom F19=Grant Missing
For ‘current user’ key in the ID of the user requiring more authority. For ‘compare to’, key in ‘USR’ and a user that does have that authority. Press enter, then page down until you find the function. You can check that you have found the correct function by keying in P for ‘programs using’, and pressing enter.
12/02/14 15:49:19 uniPHARM --Volume test FARIU320/FNCPGMS
Show Programs Using a Function CSU Release: 6.0
System Start at: Program
UX UniPHARM Extensions
Function
PRICELIST Price List Authority
2=Update 8=Copy 9=Purge F=Other Functions
Program Program Description Level Index
MKRIQ101 LIST OF MARKUP CLASSES (?SUPP) INQ 1
MKRIQ120 LIST OF MARKUP CLASS PERCENTAG ADD 2
MKRIQ120 LIST OF MARKUP CLASS PERCENTAG INQ 1
MKRIQ120 LIST OF MARKUP CLASS PERCENTAG PUR 4
MKRIQ120 LIST OF MARKUP CLASS PERCENTAG UPD 3
MKRIQ900 LIST OF PRICE LOOK UP RULES ADD 2
MKRIQ900 LIST OF PRICE LOOK UP RULES INQ 1
MKRIQ900 LIST OF PRICE LOOK UP RULES PUR 4
MKRIQ900 LIST OF PRICE LOOK UP RULES UPD 3
MKRIQ901 LIST OF PRICE LOOK UP RULES INQ 1
MKRIQ920 LIST OF LOOK UP RULE DETAILS ADD 2 +
F3=Exit F6=Add F8=More F12=Previous
Page down until you see the program you are looking for (they are listed in alphabetic order). Press F12. The current user can do everything but ‘add’ and ‘purge’. To give them purge authority, change the ‘*’ to ‘1’, then press enter and F12.
Table-based authorities
Another way security is implemented is through permission tables. There are tables that correlate to a specific action e.g. SOSPUSERS correlates to 'Users that can create order type SP'; PROMODELET correlates to 'Users who may delete (SP) promo sales orders'. Authorities are thus set by defining users/flags in these tables.
To see/maintain these tables:
- On a green screen, use menu option 7 - UWD Tables Menu.
- Use option 1 - UX Extension Tables.
- Use option 5 to display elements, and add the record (F6), using the current entries as a guide for what needs to be entered (mostly just their username and a 'Y' for 'Yes'.
It is important to note that despite these tables being part of Unity Extension security, some ASW programs/tasks/functions have been modified to consult these tables to enforce permissions that could not be enforced through ASW's own security. The best way to troubleshoot this (and ASW error messages in general), is to determine the program that is presenting the error message, and do a WRKOBJ PROGRAMNAME to determine the library. It may be in the library of modified ASW programs (XX2480BP). A good example of this is DMR302, which is the program to delete sales orders. For order type 'WP', the customized program checks PROMODELET is checked to see if the user is allowed to perform the action. -norwizzle (talk)