Security Groups for managing security

From All n One's bxp software Wixi

Jump to: navigation, search

1 Overview

This section is managed in individual Security Groups. Security_Group


Instead of having to add content and functionality to diverse user groups, the security access can be stored in the security groups and as users are added and removed from the groups so the appropriate permissions can be applied to the relevant accounts.


This feature is managed from Main Menu > System Access Management > Security Group Management > Security Group - Edit > Choose the Security Group > Security tab


1.1 Operations

1.1.1 Adding permissions

The rules here are applied automatically in 2 places.

  • Editing of a Security Group
    • This causes a refresh of permissions for all members associated with the Security Group
  • Addition of member to a Security Group
    • This causes a refresh of permissions for all members associated with the Security Group and addition to any new members added to the group.


1.1.1.1 Functional Access

This allows sections and functions to be automatically modified to a user when they are added to a group. The rules are entered as XX-ADD,YYYY-ADD,XX-REM,YYYY-REM

    • XX is the two digit id of a module.
    • YYYY is the four digit id of a section
    • ADD will add access to the users. REM will remove this access from the users.

Granting access to read an eCourse and the ability to add records to an Inbound form would look like. 

09-ADD,0910-ADD,47-ADD,4710-ADD


A full reference table of the module ids and the section ids is provided here The_Modules_and_Sections_of_bxp_(Reference_Table)


If permission already exists nothing will change. If permissions do change the user accounts will be updated with the editing details of the person who edited the group and when they edited it. i.e. if you profile a user account and view their security details, last edited by and when will reflect the editing of the security group. Bxp_R10SER1_-_System_Access_Management#System_Information_tab


1.1.1.2 Content Access

This allows Content to be automatically modified by a group of users when they are added to the group. The rules are entered as TYPE-ID-ADD,TYPE-ID-REM

    • Id is the numeric id for the content available from the various modules.
    • ADD or REM will add or remove the content types appropriately


For example if we wanted to grant access to Form 41, eCourse access to book 13 and KeyStat workbook 3 the command would look like : 

form-41-ADD,bookread-13-ADD,workbook-3-ADD

1.1.2 Removing permissions

There are two places where this is an option

  • Deleting of a Security Group (rules are reversed)
  • Removal of a member from a Security Group (rules are reversed)


There are four options presented in these two places.

  • Do not reverse access
  • Reverse only Functional Access
  • Reverse only Content Access
  • Reverse all access

If permissions are granted through another group, removal will override the other groups permissions. The preferred option should be "Reverse only Content Access".

Retrieved from ‘https://www.bxpsoftware.com/wixi/index.php?title=Security_Groups_for_managing_security&oldid=8791