Skip to main content
Skip table of contents

Manage Security Structure

The Manage Security Structure plugin in the Administrative Console (Security Admin > Setup) consists of a security tree, a details section, and a set of "Rebuild" options.

Security Structure

The security structure is presented as an explorer "tree." It represents the security objects that will be available when configuring security roles for Manage Security Roles and Assign Security Roles. When defining security roles, access may be granted to any of these objects, or indirectly by inheritance from a parent object. Only the objects shown here will appear as security options when defining roles.

Under the top Application Root folder, each application and subsystem will be shown. The subsystems contain three main sections:

  1. Data: Represents the BusinessPlus database tables. In the data section, an entry will be presented for each table within the subsystem.
  2. Functions: Represents additional user capabilities, which vary by subsystem.
  3. Menu: Represents the various BusinessPlus pages, reports, and utilities that are available. Each subsystem contains various menu functions and subfunctions, corresponding to the BusinessPlus main menu structure.

Details

The Details section displays additional information about the currently selected security object within the tree. The additional information consists of the object description, its hidden state, and the internal and parent IDs. The Internal ID is provided only for troubleshooting purposes.

The Hidden from all roles flag determines whether the current object will be shown when managing security views. Hidden objects and their child objects will not appear within the security views. This feature can be used to simplify security configuration by removing objects which will never be used by an organization. When the Hidden box is checked, the corresponding object will be hidden from all security roles. Hidden objects appear with the text grayed-out. They will not appear when managing views through the Manage Security Roles plugin.

Column Security

Column Level security is designed to allow restrictions on individual fields on BusinessPlus pages. First, select which columns on each table will be controlled by security (by default, none are selected). In each role, the user then will have the ability to restrict the column by Execute, Read, Write, Delete or Update access. The default is derived, meaning it inherits the security from its table.  When evoking Read access, the corresponding field on the BusinessPlus page will be grayed out.  When the user attempts to update or delete a record they will receive the following message: “You do not have security to update this record (Table and Field Name) (SY21).”  When revoking Write access, the field will be disabled in Add mode. Revoking Update access will disable the field in Update mode. Any combination of Read, Write and Update access levels are permitted.

This security feature can be used to hide sensitive information from certain types of users (e.g., SSN), while allowing them to see the rest of the record. Column Level security can also restrict users from changing portions of the data displayed to them in BusinessPlus pages. This capability should be used sparingly, as many fields are required by BusinessPlus for proper business rule operation.

Rebuild Security Components

The Rebuild Security Components section is used to regenerate the entire list of security objects. This is necessary, for instance, when applying BusinessPlus upgrades.
The options are as follows:

  • Base Structures: Reloads the predefined security objects, including all subsystems and applications.
  • Menu Choices: Reloads all menu choices defined within the current BusinessPlus database. This is the list of masks that is maintained using NUUPJB and presented on the BusinessPlus menu structures. Additionally, a predefined list of BusinessPlus pages is added, to allow security on known BusinessPlus pages that are not maintained as Nucleus menu items.
  • Table List: Reload table names for all installed BusinessPlus subsystems, based on internal details derived from database schemas at table creation time.
  • Remove Obsolete Menus: Compare the current security component list to the Nucleus menu definitions, removing any "mask" objects that do not exist in Nucleus or in the predefined list of BusinessPlus page objects.
  • Remove Obsolete Tables: Compare the current security component list to the existing tables within the database server, removing any table objects that represent non-existent tables.
  • Remove Obsolete Functions: Running this option may potentially remove security objects.
  • Reset Dashboard Content Groups
  • Remove Obsolete Attachment Definitions

To rebuild security components, check all desired boxes and click the Rebuild button. A dialog window displays the rebuild process status. Depending on system/network performance, the rebuild process may take a few minutes. Running the rebuild functions more than once will not cause problems.

Reset Security

If changes are made using the Manage Security Structure tool, several internal security-related structures will be reset upon exit. This process involves the removal of cached security data stored within the BusinessPlus database. The Web server farm will also be requested to reload its security so that the changes will take effect for any users connecting to BusinessPlus. For users who are already connected to BusinessPlus, certain types of security changes will not take effect until the user's next Web browser session.

Client-Specific Security Objects

In addition to the standard BusinessPlus security objects, client-specific menu options and tables may be added. This is only necessary for menu options which are not defined in Nucleus (via NUUPJB), or for database tables which are not regular BusinessPlus tables.

Tools

Select the Tools menu to select from the following tools:

  • Rebuild All Roles Only: Rebuilds security for all roles only.
  • Rebuild All Roles and Users: Rebuilds security for all users in all roles without running out of memory. 

Jobs

Any jobs that were launched from Manage Security Structures after you opened the plugin can be tracked on the Jobs panel. Select the Jobs menu. Double-click the job number to display available job information.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close