In an effort to make the SalesLogix web client have similar features to the LAN SalesLogix client, 7.5 SP3 introduces the ability to restrict access to areas within the SalesLogix web client per user. While the implementation of this functionality is a little clunky, it does allow for some nice flexibility. Lets take a look at what this all means.
First, managing the user security roles is handled in the web client’s new Administration area. This is a new set of administrative screens that is intended to eventually replace the SalesLogix Administrator application. While the new web based admin area lacks all of the features the LAN Admin has, it does offer a lot of functionality.
Under the admin area we can see a “Roles” page.
There are a set of standard roles that are predefined functional break downs.
The default role is called “Standard User”. This is what a normal sales user would typically have access to. If we open the detail view of this role we can see what the security roles contain:
The detail view is very simple with just a name for the role and a memo to enter an extended description of the role.
There are two tabs under the role which is where the Actions, or security access, is granted. There is also the tab for users. This is where you assign which user has access to this role.
If you look in the above screen shot you can see the default roles granted to the standard user. These include access to Account, Contact, and Opportunity entity records.
Each of the Entities have 4 options you can define:
We will go over what these options mean in just a second.
To add a role you can click the + icon on the toolbar of the Role tab. This then launches a lookup to the “Secured Roles”. This lookup is really horrible, but oh well. The other shortcoming is that you have to add each Action individually. You cannot select multiple actions at once.
The other tab in the Role area is the user tab. On this tab you can see you have the ability to Add (using the + sign on the toolbar) a User to be a member of this role. The only other option is to remove a user from the role.
Entity Security Action Options
OK, so as I mentioned above, and entity has the ability to have Add, Edit, Delete, or View action rights assigned. Lets take a look at each of these.
Granting Add Rights gives user the option to select the menu item for the entity under the New…Menu. For instance if you are granted Access to Entities/Add/Account you would see the New…Account menu item. If a user is assigned a role that does not have Entities/Account/Add then the New…Account choice would not be visible to the user.
Granting a user the Edit action for an entity allows the Save Icon (the Disk) to show on the main detail form. If a user is not granted the Edit right, then the Save icon would be missing. The one thing I don’t like about this implementation is the interface appears to be editable. The only thing that tells you it is not is that when you try to click Save the button is gone. A user could spend a lot of time modifying data on a page only to discover they can’t save it once they navigate away.D
The Save Icon on the detail toolbar would not show if not granted Edit rights
Similar to the Edit, right the Delete button simply toggles the Delete icon on the detail toolbar. If not granted Delete rights then the Delete (X) icon would not show.
The Delete icon on the detail toolbar would not show if not granted Delete rights.
The View action for an entity does not do anything for a user in a standard system, out-of-the-box. Regardless of if you have or have not assigned, lets say, the Entities/Account/View action to their role makes no difference. What you need to do is assign the View action to a page or pages in the web client. no pages have these security restrictions out of the box. If you do implement a View security to a portal page, the user can still see the navigation item. However, if they try to navigate to that page from any area of the web client, they will get an error message like this:
In my next post I will talk about how to implement a secured view. Check it out here