Skip to main content

Application Security

Paige Freeman
  • Updated

You must have access to the Settings.ApplicationSecurity security application to access Application Security.

From the Application Security page, you can assign permissions to multiple security groups. Security groups must exist before you can assign permissions to them from this page.

To access Application Security:

  1. From the Settings section of the left navigation menu, select Security Settings. From the Security Settings page, select Application Security from the Security section.
    The Application Security page displays, as shown below.

From this page, you can perform the following:

Create New Application Security

You must have ADD access to the Settings.ApplicationSecurity security application to create new Application Security.

To create new application security:

  1. From the Application Security page, select +New Application.
    The Add New Application Security page displays, as shown below.
  2. Enter the Application name.
    Best practice for entering the application is to start the application with the three-letter acronym of the subsystem. For example, CUS for Customer or MTG for Meetings.
  3. Enter a Description for the application.
  4. Select the Application Type from the drop-down.
  5. From the Security Options section, set the appropriate toggles:
    1. Active
    2. The following options are available if you selected Web Client as the Application Type:
      1. Inherit Module Security
      2. Administrative Application
      3. Enforce Segmentation
    3. The following options are available if you selected Desktop Client as the Application Type:
      1. Standalone
      2. Available for Advanced Search
      3. Override Security
      4. Administrative Application
      5. Enforce Segmentation
      6. Allow User-Specified SQL Views
  6. Select Save to save your changes and return to the Application Security page.

Screen Element

Description

Application

Text box. A unique code for the application.

Best practice for entering the application is to start the application with the three-letter acronym of the subsystem. For example, CUS for Customer or MTG for Meetings.

Description

Text box. A description of the application.

Application Type

Drop-down. The type of application. For example, Web Client or Desktop Client. Depending on which type is selected, different permissions display in the Security Options section.

Active

Toggle. When set to Yes, indicates the application is active. This option is available so you can deactivate an application instead of deleting it. When unchecked, indicates the application is inactive and you cannot launch the screen.

Inherit Module Security

Toggle. When set to Yes, indicates the application should inherit permissions from the module-level security. Applications that are set to inherit module security will have the same permissions set on the module level.

For example, if the Inherit Module Security toggle is set to Yes for the Dashboard.Action application, it will inherit its security permissions from the module-level Dashboard.Module security application.

Security Applications that are Administrator Applications will have Inherit Module Security set to NO and disabled.

Standalone

Toggle. When set to Yes, the application can stand alone and is not dependent on another screen. Standalone applications display in the list of screens (click the Screen link) on the Persona Menu Designer screen. Non-standalone screens, such as pop-ups or choosers, cannot be accessed through the command line.

Available for Advanced Search

Toggle. When set to Yes, the Search Settings button will display for users to modify the search settings on that screen. Only displays when "Desktop Client" is selected as the Application Type.

Override Security

Toggle. When set to Yes, indicates any user can access the application, despite the user’s permissions. When set to No, the permissions for viewing or editing remain for the application. Some screens, such as Choosers or some modal screens, do not require security, so setting this toggle to Yes would not enforce security on those screens.

Administrative Application

Read-only toggle. When set to Yes, indicates the application can only be accessed by an administrative user. Whether or not a user is an administrative user is determinde by the Is Administrator? checkbox on the User Maintenance screen in the Desktop Client.

The following Desktop Client base screens have been marked as administrative applications:

  • APP008
  • APP014
  • APP014B
  • APP014C
  • NTS001_Notification
  • NTS002_Notification_Header
  • NTS003_Notification_Footer
  • NTS004_Notification_Queue
  • NTS007_Notification_Process
  • ORG001
  • ORG002
  • PSM001
  • PSM002
  • PSM003
  • PSM005
  • PSM007
  • PSM011
  • PSM012
  • SyncBOEandTRS

The following Web Client security applications have marked administrative applications. Please do not change the Inherit Module Security/Override Security flag in the Desktop Client for these Web Client administrative applications.

  • Settings.ApplicationSettings
  • Settings.OrganizationSettings
  • Committee.Segmentation
  • CRM360.Segmentation
  • Subgroup.Segmentation
  • Settings.UserSecurity
  • Settings.SecurityGroups
  • Settings.AccessPoints
  • Settings.ApplicationSecurity

Enforce Segmentation

Toggle. When set to Yes, indicates this screen will enforce the segmentation rules.

Allow User-Specified SQL Views

Toggle. When set to Yes,  indicates that the application can be selected when adding a new view. For more information, please see Setting Up Application Views. Currently, this has only been implemented for MRM004 in the Desktop Client.

Edit Application Security

You must have EDIT access to the Settings.ApplicationSecurity security application to edit Application Security.

To edit application security:

  1. From the Application Security page, select the edit pencil in the grid next to the corresponding application you wish to edit.
    The Edit Application Security page displays, as shown below.
  2. Modify the Description and Security Options as needed, then select Save to save your changes and return to the Application Security page.

Setting the Inherit Module Security toggle to Yes will clear all assigned security groups for the application upon Save.

Manage Application Security Groups

You must have ADD and EDIT access to the Settings.ApplicationSecurity security application to Manage Application Security Groups.

To manage Application Security Groups:

  1. From the Application Security page, select Manage Application Security Groups from the contextual menu in the grid next to the corresponding application you wish to manage.

    If the application you are attempting to manage security groups for is set to inherit module security, you will receive the message below:
  2. The Manage Application Security Groups page displays, as shown below.

    From the Manage Application Security Groups page, you can assign or unassign security group permissions for the application.
    Changes made on this page will be saved immediately and a green confirmation message will display at the top of the page, as shown below: 
  3. Select the Assigned, Unassigned, or All grid tabs to filter the display based on whether or not they have been assigned to the security group.
  4. Within the grid, check or uncheck the following boxes to assign or remove permissions:
    1. Check the View checkbox next to the security group that you want to allow to view the application.
    2. Check the Add checkbox next to the security group that you want to allow to add/create new data.
    3. Check the Edit checkbox next to the security group that you want to allow to change/modify data.
    4. Check the Delete checkbox next to the security group that you want to allow to delete data.
  5. The options at the bottom of the screen allow you to perform bulk actions on the security groups currently displayed in the grid.
    These options will only apply to the security groups currently shown in the grid based on the selected filters and/or search criteria.
    1. Select the Grant All Full Access button to automatically give the application full access (all permission checkboxes are checked) to all security groups.
    2. Select the Grant All View-Only Access button to automatically give the application view-only access (only the “View” checkbox is checked) to all security groups.
    3. Select Remove All Access to uncheck all checked checkboxes and remove all permissions.
  6. Once you have completed selecting or modifying your permissions, select the Done button to return to the Application Security page.