1. One View Financial Statements
  2. Object-Level Security for OVFS

Object-Level Security for OVFS

Object-level security enables the security administrator to limit access to programs, database tables, specific fields on a form, and other JD Edwards EnterpriseOne objects. Generally, object-level security is set up when the JD Edwards EnterpriseOne system is installed and set up, but it can also be implemented or changed at any time.

Within the object-level security feature, the security administrator can set up multiple levels of security. The items in the following list describe how some of the object-level security features can be applied to objects in the OVFS feature:

  • Application security

    Application security prevents specific users from running a particular application, an application version, or a form within an application or application version. In the OVFS feature, the security administrator can use application security to specify which users or roles are excluded from accessing the programs in the OVFS feature. For example, the administrator might exclude all users and roles of employees who are not in the financial department. Additionally, the administrator might exclude accounting clerks from accessing the revision forms within each application in the OVFS feature, but allow access to the "work with" forms.

  • Action security

    Action security prevents specific users or roles from performing a particular action, such as adding, deleting, revising, inquiring, or copying a record. You can define Action security at the application, version, and form level. Users who are denied permissions to perform actions will not have the controls on a form needed to perform the forbidden action. For example, a user who does not have permissions to modify a record will not have an OK button on forms that would be used to make changes to a record, and so the user cannot save changes.

    In the OVFS feature, the administrator could use this security feature to prevent certain users from making changes to statement definitions and other records in the feature.

  • Row security

    Row security prevents specified users or roles from accessing a particular range or list of records in a database table. Row security is set up based on the values for a data item. For example, the administrator could allow users in a role to access records that have the value BA (budget account) in the Ledger Type field of the F0902 table, and prevent those users from accessing records that have the value AA (actual amounts) or CA (currency amounts) in the Ledger Type field. If a user who is restricted from accessing records with a ledger type of AA performs a search on a form, no records with the ledger type AA are returned in the search result.

    In the OVFS feature, the administrator might use row security to exclude certain users or roles from performing these actions:

    • Accessing row definitions with a specific definition status.

    • Accessing the records in the OVFS tables that contain account balances, such as the OVFS Report (F09300) table.

    • Accessing records based on the OVFS category codes assigned to the records.

  • Column security

    Column security prevents specified users or roles from viewing a particular field or changing a value for a particular field in an application or application version. If the administrator excludes users or roles from viewing a particular field in an application, the field does not appear on forms in the application when the restricted user or role accesses the application.

    In the OVFS feature, the administrator might exclude certain users or roles from viewing or accessing fields with sensitive data. For example, if you use the OVFS category codes, certain users can be excluded from seeing or changing values in those category code fields.

  • Hyper-exit security

    Hyper-exit security prevents specified users or roles from using menu bar exits on JD Edwards EnterpriseOne forms. In the OVFS feature, menu exits exist in the applications that enable users to access other applications in the OVFS feature. For example, users with access to the statement definition program could use an exit to access the export and import function. The administrator can set up hyper-exit security to prevent unauthorized users from importing or exporting OVFS records.

See "Object Level Security" and "Authorization Security for User Defined Objects" in the JD Edwards EnterpriseOne Tools Security Administration Guide.