Navigation:  Security > Configuring a security rules set >

Configuring a security rule

Previous  Top  Next

To add a new security rule, perform the following steps:

 

1.Access the Configuration Document Security rule menu.

 

2.Select the desired rule set in the list of records and click on the button.

 

3.On the screen that will be opened, click on the New rule button on the lower part of the "Rule" section listing. To edit a rule, hover the mouse over it and click on the button.

 

4.Adding and editing a rule is performed through a wizard. In it, fill out the fields in the following steps:

 

 

Identification

In the respective field, enter an ID # for the created rule. This ID # will facilitate finding it in the list of rules.

 

Click on the Finish button to finish the rule configuration. Thus, the wizard screen will close and the rule will be displayed in the "Rule" section of the rules set data screen.

 

Condition

In this step, the conditions for the security rule to be applied must be configured. To do that, the following sections are available:

Category

Checked

Unchecked

Apply rule only to the category

Allows defining the rule to which the rule being added applies. In this case, in the Category field that will be enabled, select the desired category.

For the rule to be effectively applied to the selected category, it is necessary to access its data and, in the Security Document section, select the set to which the rule belongs.

The rule will be applied to any category with which the set is associated.

Attributes: Click on the New rule button and, on the fields that will be displayed, select the attribute, an operator and the value that must be filled out in the attribute to condition the application of the security rule.

In order for the rule to be correctly applied, it is necessary for the attribute selected in this section to also be associated with the category to which the rule is applied.

To use more than one attribute as a rule condition, click on the New rule button once again and repeat the procedure described above.

Use the button that will be presented next to each condition to dele the attribute from the listing.

 

The "Category" and "Attributes" sections complement each other to form the security rule enforcement condition. For example: the rule will only be applied to the "PO - Purchase Orders" category and when the value filled in the "Sales Representative" attribute is "Commercial".

 

Use the Next button at the bottom of the wizard to access the next step in which it is located.

 

Permission

In this step, it is possible to perform the security configurations for the documents in the category with which the security rule will be associated. To do that, click on the button on the side toolbar and, on the selection screen that will be displayed, perform the following steps:

a.Select one of the following options to define the type of access to which the security rule permissions will be assigned:

Team: It will be composed of the members of a team already registered in SE Document.

Organizational unit: It will consist of users of a particular organizational business unit/department of the organization.

Department/Position: It will be composed of users from a specific department of the company, who hold a specific position.

Position: It will be composed of users who hold a specific position in the company.

User: It will be composed of a specific user.

All: It will be composed of all users who have access to SE Document.

 

b.According to the selected access type, the Search filters will be enabled to be filled out. Use them to make it easier to search for desired records.

 

c.If the selected access type is Organizational unit, the hierarchy of business units and the departments belonging to them (if any) will be displayed.

Check the business units and/or desired departments. By checking the "Consider sublevels" option at the bottom of the screen, the system will also consider the organizational units that are down in the hierarchy of the selected organizational unit. Note that by checking this option, if new organizational subunits (whether they are business units or departments) are subsequently added, they will be automatically added to the security list.

Next to the hierarchy, the system also makes available buttons that allow you to check all the sub-levels of a particular organizational unit or uncheck all sub-levels. Note that by using the "Check all sub-levels" button if new organizational sub-levels are subsequently added, they will not be included in the security list.

 

d.Then, click on the button on the toolbar of the selection screen. Depending on the access type selected and the values entered in the filters, the result will be displayed in the list of records, located at the bottom of the screen. Select the ones that will compose the security list. Hold the SHIFT or CTRL keys down or check next to each item, to select more than a record at a time.

 

e.In the Controls field, expand the list and check those that will be enabled for the access types:

Edit: The user will be able to edit the document data.

Delete: The user will be able to delete the document.

Revise: The user will be able to create revisions for the document through the Management Revision menu. In order to successfully perform this operation, it is also required for the Revision control to be checked.

Acknowledgment: The user will receive the document publication acknowledgment. For the acknowledgment task to be generated for the user, it is also required for the Electronic copy control to be checked. Notice when this control is checked, the "Notification" control will be disabled for selection.

Distribute copy: The user will be able to distribute document copies. In order to successfully perform this operation, it is also required for the Printed copy control to be checked.

View: The user may view the document data screen and electronic files.

Cancel: The user may edit the document status (cancel/reactivate).

Archive: The user may perform the archiving of the document in the SE Archive component. In order to successfully perform this operation, it is also required for the Physical file control to be checked.

Print: The user may print the electronic files of the document.

Training: The user will be able to participate in document trainings recorded through the SE Training component. For the user to be able to participate in document trainings, it is also necessary for the Training control to be checked.

Create training: The user will not receive the "Training record" task (SE Training) related to the document. In order for the task to be generated for the user, it is also required for the Training control to be checked.

Save locally: The user may save the electronic files of the document to their machine.

Sign: The user may digitally sign the electronic files of the document.

Notification: The user will receive e-mail notifications when the document is created or when its revision is released. For the notification to be sent to the user, it is also necessary for the Electronic copy control to be checked. Notice when this control is checked, the "Acknowledgment" control will be disabled for selection.

Add comments: The user may add text and graphical comments to the electronic files of the document.

Evaluate applicability: The user will receive the Applicability evaluation task related to the document.

f.Once done, save your selection. Use the other side toolbar buttons to edit and delete the record selected in the security list.

The permissions configured in this step will be applied to the categories that meet the conditions set in the "Condition" step. For example, for the "PO - Purchase Orders" category and the "Sales Representative" attribute filled in with the "Commercial" value in the document, will be applied the permissions to change, delete, acknowledge, cancel and print to the "Commercial" team.

The controls that are not checked for a certain access type will be considered "denied".

In order for controls related to other components of SE Suite to be applied correctly, they must be part of the solutions acquired by your organization and that users of the "Access Type" have access to them.

In order for the permissions configured in this step to be correctly applied to the documents, it is necessary to check the "Inherit category security list" option in the Security section of the category.

 

5.Use the Next button at the bottom of the wizard to access the next step in which it is located.

 

6.Click on the Finish button to finish the rule configuration. Thus, the wizard screen will close and the rule will be displayed in the "Rule" section of the rules set data screen.

 

Click on the Previous button, located in the lower part of the screen, to return to a previous step of the security rule configuration, to perform the necessary editing.

Use the Cancel button at the bottom of the screen to exit the security rule configuration wizard. Note that all the data entered up to then will be lost. To perform this operation effectively, it is necessary to confirm the question asked by the system.

Repeat the procedure described before to add all rules that will compose the rules set.