The Security System has two jobs:
1 |
Control access to data, so a user can only see information he is supposed to see. |
2 |
Control access to functionality, so a user can only do the things he is supposed to be able to do. |
In SuperOffice CRM 5 this was all hard-coded into the application. You could change it slightly using preferences, but to do anything complex you needed to write your own COM add-in.
From SIX we introduced roles, a matrix of permissions to access various information (just like a user-level) and a list of function rights (what can the role do in the client?). These are now configurable.
In addition we have Sentry plugins
Plug-ins will still work the same way |
They can restrict the data access given by the role |
Must be programmed and distributed |
They cannot give more access than the role defines.