.png)
HS&H Kernel - User Guide
Introduction
The HS&H Kernel System GUI is a help desk product allowing a system administrator to undertake a range of tasks common to many corporate applications. The facilities include:
- maintenance of corporate user list
- assign users rights to use a combination of the systems (applications) under HS&H Kernel control
- assign users rights to use a combination of the utilities available in each system
- view automatically generated fatal errors encountered by users in each system
- view version history changes for each system
The external applications supported by the HSH Kernel System use this information at runtime to control access to the corresponding utilities, such as input forms, browsers and reports. A system’s security information is of no use unless the application uses the HSH Kernel’s security routines. To this end, HSH Kernel is included as an .mda file as part of each application’s release.
This document concentrates mainly on the management of the authorised user list and assignment of rights to each system and its utilities.
OperationCorporate User ListAuthorised System UsersSecurity by UserSecurity by Utility
General Operation
The HS&H Kernel System GUI is a help desk product allowing a system administrator to undertake a range of tasks common to many corporate applications. The facilities include:
- maintenance of corporate user list
- assign users rights to use a combination of the systems (applications) under HSH Kernel control
- assign users rights to use a combination of the utilities available in each system
- view automatically generated fatal errors encountered by users in each system
- view version history changes for each system
The external applications supported by the HSH Kernel System use this information at runtime to control access to the corresponding utilities, such as input forms, browsers and reports. A system’s security information is of no use unless the application uses the HSH Kernel’s security routines. To this end, HS&H Kernel is included as an .mda file as part of each application’s release.
This document concentrates mainly on the management of the authorised user list and assignment of rights to each system and its utilities.
OperationCorporate User ListAuthorised System UsersSecurity by UserSecurity by Utility
Corporate User List
The list normally contains the complete collection of authorised application users within a corporation. The input form is shown below. Each user is usually identified by their normal workstation login ID, and the User Name is for completeness. As in NT, each Network Login ID must be unique, but the User Name can be duplicated.
The command buttons perfomr the following functions:
| Systems | Drills down to the assignment of users to each application in the Authorised System Users form. An alternative approach is to double click on a user record. Any changes made on the current edited row will be saved beforehand, if the input rules permit. |
| Security | Assigns users' access righst to applications and utilities |
| Excel | Exports data as an Excel spreadsheet |
| Produces a hard copy of all current authorised users. You can also obtain a printout by pressing Ctrl+P. | |
| Quit | Closes this form. Any changes made on the current edited row will be saved, if the input rules permit. |
OperationCorporate User ListAuthorised System UsersSecurity by UserSecurity by Utility
Authorised System Users
The current list of authorised users is shown for the selected system as indicated in the System combo box near the top of the input form shown below. This combo list comprises the complete set of applications (systems) using the HSH Kernel System’s security features.
Selecting a different system refreshes the form with the corresponding user details. There are three elements that may be completed for a user:
- a check box which determines whether the current user can use the selected system.
- specify the form which opens on startup for the current user. This combo list originates from an internal table (ztblUtility) which is maintained by the application’s development team.
- a check box to indicate if the current user is a developer for the selected system. Applications can be written to behave in a non-standard manner when run be a developer in order to help in debugging etc.
The command buttons perform the following operations:
| Security | Drills down to the assignment of access rights to utilities in the selected system for te current user, in the Security Management by User form. An alternative approach is to double click on a user record. Any changes made on the current edited row will be saved beforehand, if the input rules permit. |
| Excel | Exports data as an Excel spreadsheet |
| Produces a hard copy of all current authorised users. You can also obtain a printout by pressing Ctrl+P. | |
| Quit | Closes this form. Any changes made on the current edited row will be saved, if the input rules permit. |
If a new user is created from the Corporate User List input form, no system access rights are granted. Each required system must be specified in turn. This is also true all utilities within each application.
OperationCorporate User ListAuthorised System UsersSecurity by UserSecurity by Utility
Security Management by User
An application will comprise at least one screen based utility (or feature) which requires user access control. Although a user can use an application, not all features need to be made available. This form allows selective masking on a user by user basis.
The current user and system selections are shown in the combo boxes at the top of the form. The user list is the same as that maintained in the Corporate User List. The System combo list is derived from an internal table (ztblSystem) which is maintained by the development teams.
All utilities available in the current system are displayed as a list with three check boxes at right. When checked, the appropriate facility Read/Edit/Print is available for the current user. Simply check on and off as necessary. The Edit and Read check boxes are mutually dependent: if Read is off, then Edit is off; if Edit is on, then Read is on.
The same attribute for all utilities can be set by double clicking on any check box in the appropriate column. If a box is checked, then all boxes in that column will become Unchecked, and vice versa.
The current user can adopt the same access profile as an other authorised user by specifying the name in the combo box at the foot of the screen. Once displayed, double click on it to effect an immediate update of the current user.
On occasions, it is useful to take an orthogonal view of the user/utility profiles to view the global access rights for a utility across the user list. This is effected by double clicking on the appropriate utility row, which leads to the Utility Management by User input form. Any changes made on the current edited row will be saved beforehand, if the input rules permit.
OperationCorporate User ListAuthorised System UsersSecurity by UserSecurity by Utility
Security Management by Utility
This form behaves in identical manner to the Security Management by User input form, but shows access rights for each user of a system’s utility.
The same attribute for all users can be set by double clicking on any check box in the appropriate column. If a box is checked, then all boxes in that column will become Unchecked, and vice versa.
The current utility can adopt the same access profile as an other utility for all users by specifying the name in the combo box at the foot of the screen. Once displayed, double click on it to effect an immediate update of the current utility.
A user’s complete access profile can be viewed by double clicking on that user’s row in the form. This will redisplay the Security Management by User input form.
OperationCorporate User ListAuthorised System UsersSecurity by UserSecurity by Utility