Skip to content

Understanding security

Security in nGenue is designed to ensure that users have the appropriate level of access to perform their roles effectively while maintaining control and data integrity across the application. It combines Security group-level permissions with Form-level read/write security to provide a flexible, multi-layered permission structure.

At the foundational level, administrators create Security users and organize them into Security groups based on functional roles such as trading, accounting, or logistics. These groups simplify access management by allowing administrators to assign permissions collectively rather than configuring each user individually.

Through the Security group - assign permission screen, administrators determine which application screens are accessible to each group. For example, assigning a screen to a specific group automatically allows all members of that group to access it. Members of the Full access group inherently have complete control-viewing, creating, modifying, and deleting records across all screens.

Once screen-level permissions are configured, administrators can fine-tune access through the Form security - configuration screen. This form allows assigning Read or Write permissions at the individual user level within a security group:

  • Read access enables users to view data only.
  • Write access provides full privileges, including creating, modifying, and deleting records.

Key features of security management

  • Centralized access control: Manage all user and group permissions from a unified interface.
  • Role-based security: Assign users to security groups based on business functions to simplify administration.
  • Granular permissions: Define access at both the group and individual user level, providing precise control.
  • Read/write flexibility: Configure form-level permissions to limit or extend user capabilities as needed.
  • Hierarchical precedence rules: Automatically resolve conflicts between group-level and user-level permissions.
  • Full access control: Provide designated users or groups unrestricted control over all application areas.
  • Auditability and compliance: Maintain transparency and traceability of access configurations to support audits.
  • Scalability: Easily accommodate organizational growth by adding new users, roles, or permissions without restructuring the security model.

Rules and precedence

The system follows a clear rules and precedence model to resolve overlapping permissions:

  • Full access or System admin users always have unrestricted access.
  • Read-only permissions limit users to viewing content without edits.
  • Write permissions override Read-only restrictions when both apply.
  • When a user belongs to multiple groups, the higher permission (Write) takes precedence over the lower (Read).
  • If a user has form-level restrictions but belongs to a Full access group, the group-level permission overrides the individual restriction.

This layered security model ensures that access control remains both centralized and customizable, allowing organizations to maintain compliance, protect sensitive data, and support operational flexibility within the nGenue application.