Therefore™ Help

Zoom Window Out
Larger Text | Smaller Text
Hide Page Header
Show Expanding Text
Printable Version
Save Permalink URL

Tutorials > Solution Designer > Access > Roles > Role Based Access Control

Updating Security Concept

How do I update the Security concept in Therefore™ to Role-Based Access Control ?

1.Beginning with the older Therefore™ version (e.g. Therefore™ 2019), which still uses the classic Security features, close the application and begin the process of upgrading to Therefore™ 2020.

SD_T_RBAC_UpdateConcept_002

SD_T_RBAC_UpdateConcept_003

2.In Therefore™ 2020, a new Role node will appear under Access. These will contain several pre-installed named roles (e.g. Administrator, Contributor etc). However, if the previous version of Therefore™ contained defined permissions, these will appear as numbered roles in Therefore™ 2020 (e.g. 'Role 6', 'Role 7' etc.).

note

Note:

• Following an update, security configurations that have been carried over from a previous Therefore™ version will continue to be fully functional in Therefore™ 2020. Under the Role node, these security configurations that have been carried over will be displayed as a numbered role (e.g. Role 6, Role 7 etc), and they will appear as roles with either 'Allow' permissions (symbolized by a green tick RBACtick ) or Deny permissions (symbolized by a red and white mark RBABCMark ).

•The number of roles that the system creates is designed to be at a minimum. E.g. If several users possess the same permission settings in the classic version, they will be given the same role in the new role-based model following the upgrade. However, after the upgrade to Therefore™ 2020, the security configurations (from the older version) may display several numbered roles under the Role node, but these can be condensed into smaller numbers of roles by reviewing and replacing them with an existing defined role.

info

Examples:

Example of a pre-installed named role:

SD_T_RBAC_UpdateConcept_004

Example of a numbered role carried over from a previous Therefore™ version:

SD_T_RBAC_UpdateConcept_005

info

Note: The post-update default setting under 'Security Mode' in the 'Advanced Settings' will be the Access Mask (Deprecated). The classic security concept will remain fully functional (as before) though a new Role node will be included under Access. The classic 'Access Mask' security mode will in reality work with the Role-Based system in the background, where the classical mode emulates the security features of previous Therefore™ versions using the configurations in the Role-Based system. The classic 'Access Mask' security mode will in reality work with the Role-Based system in the background, where the classical mode emulates the security features of previous Therefore™ versions using the configurations in the Role-Based system". We really have emulation of old security based on RBAC.

SD_T_RBAC_UpdateConcept_001 SD_R_Access_RBAC_RoleNode_001a

3.To see how the older configuration has been translated as a role in the new security concept, right-click on the marked role and click Show Assigned objects.

SD_T_RBAC_UpdateConcept_006

4.The Assigned Objects dialog will appear allowing the administrator to see which user was assigned to the specific object. The administrator can then assign a different role to the user by selecting one in the drop-down list labeled 'Replacing with role'.

SD_T_RBAC_UpdateConcept_007

info

Note: Permission within the role can also be edited by opening the Role Definition dialog.

SD_T_RBAC_UpdateConcept_008