Data Permissions Overview
Overview
This article provides information about the data permissions feature that allows users with the Fynapse Security Administrator role to grant access to defined data sets to selected user groups. As a result, they can define granular access rules to reduce the chances of unauthorized data exposure.
General Information
Current data permissions implementation allows you to configure data permission rules for transactional data (i.e., Journals) on the Subledger Node level. The results of the configured data permission rules will be visible while using the Journals, Balances, and Period Locking screens, where user groups entitled to access these screens will view only data sets defined by particular data permission rules.
Example
A company defined two data permission rules for its Subledger Node and all users were given access to the Journals screens.
- Rule 1: Scope is set to A and the assigned group is named Accountant Managers
- Rule 2: Scope is set to B and two groups are assigned Accountant Managers and Accountants
In accordance with the defined rules, users from the Accountant Managers group have access to data from both Sublegder Nodes, i.e., A and B. Whereas users from the Accountants group can only access data from the Sublegder Node B. Therefore, when users from the Accountants group enter the Journals screen and run a query, only results from the Sublegder Node B will be returned.
How to Start Using the Feature?
To use the data permissions feature, you need to:
- Configure data permission rules that will grant your users access only to required data sets using the Data Permissions screen
- Enable the feature by turning it on via the Security Settings screen
Data permission rules affect data access only when the data permissions feature is enabled.
Enabling and Disabling the Data Permissions Feature
The data permissions feature can be enabled and disabled but you need to remember that turning it on and off changes the logic how restricting data access works, i.e.:
- Once enabled, user groups will be able to view only specific data included in the data permission rule to which they are assigned. This means that these user groups cannot view all available data, and unassigned user groups lose access to all available data.
- Once disabled, Fynapse will revert to the previous logic for granting access to data, i.e., all user groups can view all available data.
How to Enable Data Permissions Feature?
By enabling this feature, you will change the logic for restricting data access for user groups, i.e., user groups will be able to view only specific data included in the data permission rule to which they are assigned. This means that these user groups cannot view all available data, and unassigned user groups lose access to all available data.
- Go to Security > Security Settings.
- Click the Edit button.
- Under Enable Data Permissions for, select the Subleger Node checkbox.
- Click the Save button to enable the feature or the Cancel button to discard the change.
How to Disable Data Permissions Feature?
If you disable the feature, Fynapse will revert to the previous logic for granting access to data, i.e., all user groups can view all available data.
- Go to Security > Security Settings.
- Click the Edit button.
- Under Enable Data Permissions for, clear the Subleger Node checkbox.
- Click the Save button to enable the feature or the Cancel button to discard the change.
