2019-10-30: Created 

This document provides an overview of Access Control in the BMS. Access Control provides a means of restricting access to BMS functionality, and logging of user access in real time.

Access Control In The BMS

Your BMS maintains a large number of functions and methods that reach deep into your business. If you employ staff, it is likely that you will want to restrict access to some of this functionality, either to prevent users accidentally posting changes that are undesirable, or to protect sensitive data - like your accounts.

In order to make access control possible, your BMS creates a list of user-actions as they are performed and it is this list of user-actions that can be tested for access.

For instance, when you open an interface from the Main UI for the first time, the BMS creates an entry in your list of user-actions.

User actions can be evaluated in 2 ways ...

There are 2 Access Control methods in your BMS. They can be used together.

1) Simplistic - access-level control

2) Advanced - access-group control

User Log-On

When a user logs into the BMS they can provide 3 pieces of information:

1) User Name: This comes from a Contact Record :-> User Name attribute [LOGON_User_Name].

2) Password: This comes from a Contact Record :-> Password attribute [LOGON_User_Secret_Password]. 

3) Level Access password: This is defined under Access Control.