Using access codes
Introduction
You use access codes to restrict access to 'data' in your system.
Access codes can be entered in specific functions, at either the development level or in the management of basic elements of the software.
Access codes > Use of access codes for generic functionality or functionality attributed to the Supervisor functions.
Access to a function is controlled through the user’s profile. Their profile is defined on the General tab of their user record and controlled through the menu defined for their profile code (Menu profile (GESAPN)) and the permissions (read, write, execute) defined for their profile code (Function profile (GESAFT)). You can therefore specify the functions that each person can use, and the functions from which the person is excluded. By default, all users with administrator rights have access to the whole of your system. Users without administrator rights have access to standard modules and functions, and can have access to specific modules and functions. Access to selected functions, screens and fields is controlled through the user’s access codes. These are specified on the Access tab of their user record.
Standard object management of an access code is as follows:
- When a file contains an access code, object management filters the rights to display and to modify each record using the read and write permissions assigned to the access code for the user.
For records to which an access code is defined, simple access rights are therefore provided automatically by the object management.
Object management also facilitates the addition of specific filters. Simply adding an access code field to a screen for an object in the table associated with that object, then declaring the field in the Access code field of the Objects function is sufficient to apply the filter.
Selected object codes with read and write filters by access code are provided as standard.
Selected access codes are also tested for execution rights when an access code for an object is present.
Access codes
The object codes in the following table are provided with read and write filters by access code as standard:
Object code | Function |
BAN | Bank accounts |
BOD, BOS | Nomenclature (BOM) |
BUP | Budget setup |
CAI | Cash accounts |
CCE | Analytical dimensions |
CDA | Payment attributes |
COA | Chart of accounts |
CYM | Analytical dimension pyramids |
DAD | Dimension allocations |
DIE | Dimension types |
DSP | Analytical allocations |
GAC | General ledger accounting codes |
GDA | Account structure |
GDE | Journal entry transactions |
GTE | Document types |
GYM | Account pyramids |
JOU | Financial journals |
MCL, MDL, MFL, MGL, MIL, MML, MOL, MPL, MRE, MRL, MTL, MWL | Production transactions |
PBY | Assembly/Disassembly |
PRE, PRT | Shipment preparation |
PTA, PTC, PTD, PTE, PTF, PTN, PTR, PTT | Purchasing transactions |
SLA, SLC, SLD, SLI, SLL, SLO, SLQ, SLR, SLS, SLT | Sales transactions |
SCT, SNP, SOT, SPK, SQT, SRG, SRO, SRT | Stock transactions |
SNE | Price list modification definitions |
TBO | BOM alternatives |
TES | Expense codes |
TPY | Payment types |
TXS, TXW | Financial data extraction |
Execution rights
Execution rights are managed for specific objects, as follows:
- An access code present in the transactions that can be parameterized (purchasing, accounting, production management, BPs, sales) prohibit the use of these transactions, if execution rights are not defined for the user's access codes.
- Access codes on system transactions prohibit their execution, if execution rights are not given to the user.
- Access codes on inquiry screens prohibit the use of the screens, if execution rights are not given to the user.
- If an access code is present for the accounts, dimensions, dimension types, distribution key, journals or document types, execution rights must be given in this access code to be able to go to the account movement postings, the dimensions, the dimension types, the journals or the document types respectively, or to use the corresponding distribution key.
- If an access code is present on budgets or analytical pyramids, execution rights must be given in this access code to be able to enter or modify the budgets with this code or a code based on the corresponding analytical pyramid.
- If an access code is present in the analytical dimensions, execution rights must be given to this access code to be able to use the analytical dimensions.
- If an access code is present in the bank accounts, cash accounts or payment attributes, execution rights must be given to this access code to be able to enter the payment movements for the bank accounts, cash accounts or to use the payment types.
- If an access code is present in the route or BOM alternative, execution rights must be given for this access code to be able to use the routes and BOMs with the corresponding alternative.
- If an access code is present in the financial data extraction setup, execution rights must be given for this access code to be able to calculate the specific financial data extraction.
- If an access code is present in the price list modification definitions, execution rights must be given for this access code to be able to calculate the specific price list modifications.
Account postings (GAS) are slightly different. An access code is not entered in the posting entry screens. An access code is assigned automatically from the access code present in the associated journal. This ensures a filter is applied automatically to the journal posting.