| Type of User | Description |
|---|
Application User | A licensed user that can access the database only through the Server or MQL. All other active users have Application User privileges automatically. |
Full User | A licensed user with normal user access. |
Business Administrator | A licensed user with access to the Business Administrator functions. When a person is defined as a Business Administrator, they might have the privilege of being able to set context to any defined person without a password depending on the system setting for privilegedbusinessadmin. For more information, see MQL
Concepts: Privileged Business Administrators. |
System Administrator | A licensed user with access to the System Administrator functions. |
Inactive | A defined user who does not currently have access. |
Trusted | A licensed user for whom read access is not checked. |
Business and System Administrators are also assigned as Full Users.
All persons have a type. If the type is not explicitly assigned, the person will be automatically assigned to the types
application
and
full
. To assign a type, write a Type clause using the following syntax:
type TYPE_ITEM {, TYPE_ITEM} |
-
TYPE_ITEM
assigns or denies the privileges associated with each of the five user types. There are twelve
TYPE_ITEMs. Six of the items assign the user type and six remove a user type assignment:| TYPE_ITEMs | User Access |
|---|
application | Access only through the Server or MQL |
notapplication | No access |
full | Normal access |
notfull | No normal access |
business | Access to the Business Administrator functions |
notbusiness | No access to Business Administrator functions |
system | Access to the Business and System Administrator functions |
notsystem | No access to the System Administrator functions |
notinactive | Current access |
inactive | No current access |
trusted | Read access that is not checked |
nottrusted | Read access that is checked |
When you define a person, a type of application User and Full User is automatically assigned to the person. This means that the user is defined as:
If you want a type that is different from this, you need to write a Type clause. For example, the following command defines a person who is both a Full User and a Business Administrator:
add person rodolph
type full, business; |
If you want the person’s type to be something other than Full and Application, be sure to use the ‘not’ prefix on any types defined by default. For example, to define a consultant named Feng that is a full user but not and application user, use the following:
add person Feng
type notapplication; |
If a person is not allowed access, why have that person defined within the database? One answer has to do with business object creation and ownership. Let’s assume that you have an employee who worked for some time within the system. After that person left the company, you still have many business objects that were created and controlled by the person. Rather than change object ownership, you might want to maintain the old ownership so that you have a record of the original creator. By making the person inactive, you remove that person’s ability to access the system while maintaining the status of all business objects the person created. Although access for other users remains as defined, if an owner is inactive the Business Administrator might want to reassign ownership to another person.