Pre-requisites
- Granular Access Control (GAC) is an add-on feature of Adeptia Connect. Therefore, you must check if your license supports this feature. If you can not access GAC, contact Adeptia Support for upgrading your license.
- Only System Admin or an IT user can use GAC and create new user types. Therefore, ensure that you log in with the rights of a System Admin or an IT user.
- If you are already using Adeptia Connect and enable GAC on the current version, you must follow the patch deployment guidelines for GAC.
- This feature is applicable only for company users. A partner user can not create new roles using GAC.
Understanding GAC
- You can assign multiple roles to a user and the user will be asked to select one the role types (from the assigned roles) while logging in.
- There are following three pre-built role types in the product that can be used as a base role to create a new role:
- System Admin
- IT User
- Business User
- The permission model is governed through four key permissions
- You must have permission to perform these activities in Adeptia Connect.
Permission Type
While creating a role type, you can give following permissions for the listed entities:
| Permission Type | Description |
|---|---|
| ALL | This permission type grants all permissions for that user role. Selecting this option will automatically select all permissions. |
| VIEW TAB/LINK | This permission type enables the users under the user role to view the tab or link for that entity. For example, if you choose Manage Templates for Template for a user role, then the users of that role will be able to see Manage Template tab on the relevant page. |
| LIST & READ | This permission type controls various actions on the entity that may require read permission, for example, View, Search. |
| CREATE/DELETE | This permission type enables the user to create or delete an entity. |
| EDIT | This permission type enables the user to edit and manage notifications for an entity. |
| EXECUTE | This permission type enable the user to perform all executable actions for example, activating/deactivating a template or granting/revoking access. |
Following table gives a detailed list of various permissions you can control for an entity.
| ENTITIES | Permissions | ||||
|---|---|---|---|---|---|
| ViewTab/Link | List/Read | Create/Delete | Edit | Execute | |
| Template | Manage Templates | View | Delete | Edit | Activate |
| Search | Create | Deactivate | |||
| Donut chart | Create Copy | Grant Access | |||
| Revoke Access | |||||
| Transaction | Manage Transactions | View | Delete | Edit | Activate |
| Search | Create | Add To Favorite | Deactivate | ||
| Template used | Create Copy | Remove From Favorite | Run Now | ||
| Run History | Add To Favorite | ||||
| View Partner | Remove From Favorite | ||||
| Donut chart | |||||
| Network | Manage Networks | Search | Delete | Edit | Grant Access |
| View Partners | Create | Send Notification | Revoke Access | ||
| View Templates | Manage Parameters | Manage Parameters | |||
| View Transaction | |||||
| Partner | Manage Partners | Search | Delete | Edit | Activate |
| View | Create | Update Logo | Deactivate | ||
| View Transactions | Send Notification | Grant Access | |||
| Available Templates | Revoke Acccess | ||||
| Templates Used | Invite Partner | ||||
| View Networks | |||||
| Available Webforms | |||||
| View Users | |||||
| User | Manage Users | Search | Delete | Edit | Invite User |
| View | Move Objects | Activate | |||
| Donut chart | Import User | Deactivate | |||
| Import Partner User | |||||
| AIS Entity | Login in AIS | View | Delete | Edit | |
| Manage Objects | Create | ||||
| Create Copy | |||||
| Secure Entity | Login in AIS | View | Delete | Edit | |
| Security Settings | Import Key | ||||
| Web Forms | Manage Webforms | View | Delete | Edit | Grant Access |
| Search | Create | Revoke Access | |||
| Activate | |||||
| Deactivate | |||||
| Dashboard | Manage Logs | View Logs | Re-Run Transaction | ||
| Search | |||||
| View Triggers List | |||||
| Theme Settings | Manage Theme Settings | View | Import | ||
| Export | |||||
| Edit | |||||
| Reset | |||||
| Process Flow | Manage Process Flow | View | Create | Edit | Publish as Template |
| Search | Delete | Publish as Post Process | |||
| Copy | |||||
Enabling GAC
You can enable the GAC by changing the value of property. To change the value of property, follow these steps:
- Click Configure > All Entities.
- Click Proceed and you will be redirected to Adeptia Suite home page.
- On the Adeptia Suite home page, click Administer tab.
- Go to Setup menu and select the Application Settings option.
- Click the Update System Properties option.
Expand the Connect 2 node. This action will display the properties to be set for GAC.
The default value of the abpm.connect.gac.enable property is false.- Set the value of the abpm.connect.gac.enable property to true.
- Click the Save button to save the new values.
- Reload the settings and restart the services.