OPPORTUNITIES
IN THE SYSTEM ADMINISTRATION UNDER AUTHORITY OF AUTOMATED ACCOUNTING "1C:
Enterprise 8.2"
Dmitry
Cherkassov, 4th year student of the specialty "5V070300 - Information
Systems" Sh. A.Baitursynov
Irina
Morozova, Senior Lecturer, Department of Information Systems
KSU. A.Baitursynov
When
users work with corporate IS one of the major challenges that must be applied
to ensure the solution is the access rights of users to some of the information
stored in the information database.
Consider
the mechanisms and tools of corporate management ICs for example, system
administration on a platform of "1C: Enterprise 8.2" on this Site 1C
and user guides. Fixed assets management system "1C: Enterprise 8.2"
implemented in the configurator. However, there are a number of tools and
utilities that are not members of the configurator, but are also relevant to
the administration of the system "1C: Enterprise 8.2."
The 1C:
Enterprise provides simultaneous operation of multiple users with a single
application solution. For differentiation of user access rights to the data
base of information in the system is a list of users who have access to this
application solutions.
When
connecting to another user application solution authentication mechanism lets
you know which of the users listed in the list of users connected to the
application solution. This information can then be used to select the
appropriate user interface to enable access to some information, etc.
The
system supports two types of authentication that can be used depending on the
specific challenges faced by the administrator information database:
-
Authentication by 1C: Enterprise;
-
Authentication by Windows.
To
perform authentication by 1C: Enterprise user, start-up with the applied
solution is to select (or enter) the username and password matches this name:
If the
password entered by the user does not match what is stored in the information
database, access to the application decision will be closed.
When
authenticating Windows, which the user does not require any action on entering
a login and password. The system analyzes on behalf of what Windows-user
connects to the application solution and, based on this determines the
appropriate user 1C: Enterprise. In this case, the authentication dialog 1C:
Enterprise does not appear if no special command line parameter. If the user
does not specify any of the types of authentication - such a user access to the
application solution is closed.
In the
1C: Enterprise is possible to create a list of users who are allowed to work
with the system. Maintaining such a list allows you to
describe the powers of the various users of the system to access to some information, and assign user
interfaces. Member List is not part of the application solutions, and
created separately in a particular organization in which the system is used.
Information
database administrator has the ability to add, copy, delete users, and modify
user data. Creating new users is also possible by copying existing users.
Each user
can be given a name that identifies the user in the system, the full name to be
used when displaying background information, and the order of user
authentication system. In the case of authentication 1C: Enterprise users can
disable the password change.
Also, by
using the options data base, you can set the minimum length of a password, and
the requirement to enter a strong password that meets a certain set of rules.
In addition, users can specify a list of roles that are available to the user
when working with applications solutions, as well as the main interface and the
language in which to display the labels contained in the interface of applied
solutions.
In the process of creating
application solutions developer defines a system of roles that exists in a
particular application solutions . The administrator can only choose among the
existing application in solving roles.
Access system allows us to
describe a set of rules corresponding to positions of users or type of
activity. The structure of rights determined by the specific application
solutions .
In addition to the objects
stored in the database ( reference books , documents , records , etc.) can be
defined access rights to specific fields and records.
For example , the user can
manipulate documents ( invoices, bills , etc.) and certain counterparties do
not have access to similar documents of other contractors.
To implement access
restrictions in application solutions are special objects - Raleigh. Role in
the configuration there can be positions or activities of different groups of
users, which is designed for this configuration .
The role determines what
action, over which objects the user can perform metadata , acting in the role.
In the process of
maintaining a list of user application solution to each user is assigned one or
more roles . When a user attempts to perform
action to which he is not
authorized , the action will not be performed , and the system will display an
alert box "Access violation ".
Among the actions on
objects stored in the database ( reference books , documents , etc.) , there
are actions that are responsible for reading or editing information stored in
the database. These actions include:
- Reading - obtaining
records or fragments from a database table ;
- Add - add new entries
without altering the existing ones;
- Change - change existing records ;
- Delete - Delete some
recordings without changing the rest.
For these
actions in the role settings can be set additional conditions to the data
(restricting access to data). In this case, on a specific object stored in the
database can be performed requested action only if the restriction of access to
the data for the data object is set to "true". Similar conditions can
be set for the database tables do not having the nature of the object (registers).
For object tables and data registers can be set different limits for different
fields of the table, allowing you to place restrictions not only on the level
of database records, but also at the level of its individual fields.