The Security System has two jobs:
||Control access to data, so a user can only see information he is supposed to see.
||Control access to functionality, so a user can only do the things he is supposed to be able to do.
In SuperOffice CRM 5 this was all hard-coded into the application. You could change it slightly using preferences, but to do anything complex you needed to write your own COM add-in.
From SIX we introduced roles, a matrix of permissions to access various information (just like a user-level) and a list of function rights (what can the role do in the client?). These are now configurable.
In addition we have Sentry plugins
|Plug-ins will still work the same way
|They can restrict the data access given by the role
|Must be programmed and distributed
They cannot give more access than the role defines.