To ensure that users could not connect to the Finance database (regardless of Synergetic permission granted). System Administrators would not grant 'public' access to the Finance databases for specific users.
Due to architectural changes in Synergetic for version 68, this functionality has been preserved with a slightly different method.
Under the new single database > Security > Roles > Database Roles, contains:
- public - this can be disregarded as it is a standard role that exists in SQL Server
- publicfinance - for general access to the old SynergyOneFinance database
- public{ExtraFinanceDBName} - for general access to any additional finance databases.
- Please note that additional finance databases and their naming are specific to each site and may not exist for yours
Users that already had public access to the SynergyOneFinance or additional finance databases have been converted to these new roles during the Synergetic migration process.
If users are granted permission to areas of Synergetic that require a connection to the finance schema and are not members of this role, will receive error message: You are not authorised to access the financial schema. Please contact your System Administrator.
Adding users
For any future users that you wish to allow access to the finance schema(s) will require adding them to the relevant role.
The manual method is to right mouse click on the role and select Properties
On the General tab, select the Add... button
Enter the name of the user to grant permission to and select either OK or Check Names button
The user should be added to the Members of this role section, select OK to complete this process
In previous versions of Synergetic, users would need to have public access granted to the SynergyOneFinance database. If this access was not given users would not be able to access the finance database. Now in Single Database land there is no finance "database". Financial information is all stored in separate schemas within the main Synergetic database.
Now we simply need to grant users public access to the required database and granting to finance schemas is done within Synergretic itself.
First of all please note that we authorise GROUPS to financial schemas, not the individual users. As per regular permissions, a users access to a financial schema will be based on the group(s) they belong to.
Group/User Security Maintenance is where we control access to financial schemas. When a financial entity is chosen from the drop down list a check box appears (shown below), and the state of this check box indicates whether or not the group can access data from that financial schema - within the Synergetic interface.
If the check box is not ticked the security resources will not show and users in the group will not be able to access the financial parts of Synergetic.
Please note that unticking the check box does not actually obliterate existing security settings and re-ticking the check box will see existing settings re-appear.
If the user is not able to access the financial entity then Synergetic will also hide financial content on certain tabs (in the past you got a nasty error message). For example, Student Maintenance belongs to the Student module which is non-financial but the Concessions tab is driven by financial data. In these cases the tabs will appear as shown below
Likewise, if the program you try to enter is a financial program that originates from the System module (eg Finance Configuration Maintenance) then you would receive a message as follows
Special Notes
- The 'Allow access...' check box only applies within the Synergetic interface. If the user accesses the database via a third party application (eg MsQuery) it has no effect at all and access is controlled purely by the users SQL level permission to the database
- The authorisation is at a GROUP level
- if a user belongs to MULTIPLE groups, access to the financial schema is granted if ANY of those groups are authorised to the financial schema
- The check box is applicable to a single finance schema. The group must be authorised to each financial schema it is permitted to access
- Users should only be given public level permission to the Synergetic database. This will ensure that the only way they can access important data through the Synergetic interface