Previously, a Pro user with the administrator role could manage all users regardless of which companies the administrator had explicit access to.
Acubiz version 7.34 introduces a new security layer for the management of user master data. This measure ensures that a Pro user with administrator rights can only manage and maintain the users to which they have explicit access through their extended rights to secondary companies. This improvement strengthens the integrity of access management by ensuring that users only operate within the permitted scope of their designated responsibilities and organizational units. This new security layer underscores our dedication to maintaining high standards of data security and access control.
In Acubiz, access to an administrator is specified via two fields:
- Primary company
- Secondary companies
An administrator will always have access to the users that are in the administrator's own primary company. However, to gain access to users in other companies, in an organization with multiple companies, explicit access to the secondary companies must be granted.
- Read mere about: Extend a user's roles to secondary companies
Example:
In an Acubiz organization with 7 companies, an administrator has access to Denmark and Sweden. The administrator can see all users, but only manage users in Denmark and Sweden..
- ✅Denmark
- ✅Sweden
- 🛑Norway
- 🛑Germany
- 🛑Finland
- 🛑Austria
- 🛑Great Britain
This is the administrator's setup:
This results in this overview of users in Acubiz.
Therefore, only users in Denmark and Sweden have access.
If the administrator tries to click on a user they do not have access to, this message appears:
Comments
0 comments
Please sign in to leave a comment.