Permissions
Permissions in Commander4j control which screens, reports, and functions each user can access. Access is granted at the group level rather than to individual users directly.
How Permissions Work
A user's effective permissions are the combined set of all modules permitted by every group they belong to. For example, if a user belongs to both the WAREHOUSE group (which allows despatch screens) and the QUALITY group (which allows QM screens), they can access all modules from both groups.
A user with no group assignments can log in but cannot open any screen or run any report.
Assigning Permissions to a User
Permissions are assigned by adding the user to one or more groups:
- Open the Users screen.
- Select the user and click Permissions.
- The Permissions screen shows two lists: groups currently Assigned to the user (left) and groups Available to assign (right).
- Select a group in the right list and click the left arrow to assign it.
- Select a group in the left list and click the right arrow to remove it.
- Click Save to apply the changes.
Changes take effect at the user's next login.
Assigning Permissions to a Group
The set of modules accessible to a group is managed from the Groups screen. Administrators can add or remove individual modules (screens, reports, functions) from each group.
Module Types
Each module that can be permitted has one of the following types:
| Type | Description |
|---|---|
| Form | A data entry or enquiry screen |
| Report | A printed or exported report |
| Exec | A background job or utility function |
| Menu | An organisational menu branch (granting a menu branch does not grant its children individually) |
Audit Trail
All changes to group assignments — both adding and removing users from groups — are recorded in the audit log with the administrator's ID and a timestamp.
See also: Users, Groups, Navigation, Audit Reports