On Center Home | MyOnCenter Portal | Start an On-Screen Takeoff Trial | Request a Quick Bid Demo | Contact Us | SALES: 1-866-627-6246
   
 
Learn more about Searching
Looking for help for one of ConstructConnect's Other products? Login


Tools
Table of Contents

OST - 20.06 Securing Your Databases (using Access Levels to Restrict What Users Can Do)

Views: 1019 Last Updated: 07/24/2023 01:22 pm 0 Rating/ Voters
Be sure to rate this article 5 Stars if you find it helpful!

You can require users to log into a database to protect a database from unauthorized use. The database Administrator can assign specific Access Levels, limiting what a logged-in user can access.

Database security consists of several parts: Setting up Employees with logins, Assigning Access Levels, and Requiring Users to Log Into Databases. Setting up Employees is covered in Related Articles, we discuss Assigning Access Levels and Setting Databases to "Require Logins" below. First up is defining the different roles (Access Levels) you can assign to employees logging in.

Note
Access-levels and employee rights can be a little confusing. If you have any questions on how to setup your employees, Contact Support.
Warning
To share the database(s) among multiple users, please see Using SQL Server to Share Databases in Classic Products.
Only SQL databases may be shared safely between users, or accessed by multiple users at the same time, or stored in a Network location.

Notes about Security

  • Employees and Access Levels are database specific so each database can have different users/access levels.
  • Access Levels for employees are set from the Employee List (Master).
  • Access Levels are recommended when multiple users are sharing a database (SQL, of course).
  • To use Database Security, and to require Logins, there must be at least one user assigned the Access Level of "Administrator."
  • Database security is not Bid-specific. Changing a user's Access Level/Rights can affect their access to every Bid in the database. Understanding the consequences of making changes to database security is important before implementing.
  • By default, when On-Screen Takeoff is installed, only the "Administrator" access level is created, follow the instructions below to create new Access Levels, based on your needs.
  • When you import a bid package created from a Secured databases, a new database will be created so that your current database's security does not get changed - you can always copy and paste the Bid from that new database to your existing database, if you like.

Creating and Assigning Access Levels

Creating an Access Level

To access the Security Access Levels screen, you open an employee record for an employee who has Enable Logins checked (see Related articles for information on setting up Employees).

  • Click Access Levels, the Access Levels dialog box opens
  • Click New - a blank line is added under the Description field
  • Type in the Description (name) for this Access Level and press <Enter>

OST Access Levels dialog box

If employees assigned to this Access Level are to be have Administrator functions (ability to change Database properties and add/modify employees), put a check in the box next to Set as System Administrator. This Access Level will have Full Access to all Database tables regardless of the specific table settings.

Set Access Levels for a specific Database table by clicking on the cell next to the Database Table under the View column to select the cell, set Access Levels for each table or function (see the chart below for a description of what each setting does)

Click OK to return to the Employee (Master) dialog

Access Level Explained

Below is a explanation of the various options available for setting security rights in On-Screen Takeoff. Bid-related rights are based on who is shown as the "Estimator" on a Bid's Cover Sheet.

Database Table (shown in Access Levels dialog box) Full Access Read Only No Access
Other's Bids Employee can view and edit all Bids in the database whether they are the Estimator or not. Employee can view but will not be able to edit Bids for which they are not the Estimator. The employee would see all other users' Bids on the Bids Tab, though. Employee will not be able to access any Bids for which they are not the Estimator. The Bids list will display these Bids, however, the employee will not be able to open or edit them. The employee would be able to Send another employee's Bid out as a Bid Package.
Bids List (the Bids Tab) Employee can add, modify and delete any Bid that displays on the Bids Tab, regardless of who the Employee is. User will not be able to create new Bids, however, based on "Other's Bids" setting, may be able to delete or modify an existing Bid. Employee cannot Add, Delete Base Bids, Folders or Import a Bid, however, they can add/modify/delete Alternates and CO's for existing Bids. Employee will not be able to see any Bids in the database nor will they be able to add any information to the Bids Tab (they cannot create Bids). This is often used for a database administrator - someone who is responsible for setting up Master records/Styles/Sets/Employees, etc., but doesn't perform takeoff or access Bids.
Master Employee can add, modify, delete all options on the Master Menu. See Related articles for more information. User can view all Master Menu options but will not be able to make changes to the data within the Masters unless he or she is specifically granted "Full Access" rights to Styles/Sets, below (allowing access to Styles/Sets overrides the "Read Only/Masters" restriction). Employee will not be able to view any Master Menu selections unless they specifically have Full Access or Read Only rights to Styles/Sets. All menu items on the Master list will be inactive/greyed-out.
Styles/Sets Employee can Add/Modify/Delete Styles and Style Sets. Regardless of what Access Level is selected under "Master" User can access the Styles and Style Sets lists, however, they will not be able to save any changes. User will have no access to the Styles and/or Style Sets lists (from the Master Menu). They can still insert Styles and Style Sets (use stored information to create new Conditions) to a Bid, but they cannot invoke the actual list from the Master menu, nor can they save changes to any Style or Style Set.

Database Table Explanation

The drop down list indicates Full Access, No Access, or Read Only privileges for each of the 4 different Database Tables.

Others' bids

Bids for which the Estimator, as listed on the Cover Sheet, is not the current logged-in user.

Bid List

The Bids Tab - a list of all bids/projects in the database. If the logged in user has Read Only rights to the Bids list, they will not be able to create new bids, but he or she could edit existing Bids.

Master

Anything listed when a user clicks Master from the main menu bar.

ALT TEXT

Styles/Sets

The Master Style Library and Sets lists. Even restricted users can use existing Styles and Style Sets (to create Conditions), however they can be prevented from making changes to the Master Styles/Sets.

Contact Support or Training for any questions on how to properly configure and implement security settings.

Assigning Employee Access Levels

Access Levels for employees are set in the Employee Detail dialog. Access Levels are recommended, especially when multiple users are sharing a database. To use Database Logins, there must be at least one Administrator and each estimator must be assigned a login name and password.

To assign an Access level to an employee login,

Open an Employee Detail dialog box

ALT TEXT

Check Enable Login (if not already checked)

Click Access Levels - the Access Levels dialog displays

ALT TEXT

Select an Access Level from those in the Description field - by default, when On-Screen Takeoff is installed, only the Administrator access level is created, follow the instructions above to create new Access Levels as needed

After the access level is created, select it and click OK to assign it to the selected Employee.

To enforce these restrictions, you'll need to set the database to require users to login, see the next article.

click here to view the previous article Database Maintenance - Backup and Restore Setting a Database to Require Login click here to view the next article



Product documentation (user guides) describes functionality in the latest version of each major release and may not match the functionality in the version you are using. Please check the Product Information and Downloads pages by clicking one of the product buttons above.

Something Wrong with this Article? Let us Know! The information in this site is protected by copyright by ConstructConnect. You may not reproduce, adapt, or publish any content from this site in whole or in part for any purpose, without the express written consent of ConstructConnect, Inc.
Copyright 2024 - All Rights Reserved.