Security and Users
- Jose Porto
- Leonardo Porto
By default, when starting the execution of Action.NET the system registers the section as being of a predefined user "Guest". This user (guest) does not need to enter a username or password. If you want to ensure access to your projects, you can add users and set up different passwords and permissions for each user.
Â
Adding and Changing Users
To increase the security of a data installation with the Action.NET, you can add and edit users. The system when installed originally comes with the following user names configured by default:
Administrator - user who controls the security system. No password is configured by default. You must set a password for this user.
Guest- Used by default to access the Action.NET and when to end the session with another user. No password is configured by default.
User - Used as a generic user. No password is configured by default.
Users levels with Administrator and Guest ID have predefined attributes in the system. Administrator is the only user who can delete or change a user's permissions and set passwords for database interfaces in the DBs table. You also do not have permission to spell settings in the Engineering space. Do not create other users with these names, or change the settings of these records in the users table, because the system assumes these names with these attributes.
Note: You cannot delete the Guest user, nor add a password to it. The Guest user should always be available as a default user for which the system self-logs, when another user logs off. You may want to change guest user permissions so that you do not have access to all roles. See "Setting Permissions".
To add and edit users:
Go to Edit > Security > Users .
Enter or select the information as needed.
Column | Description |
Name | Enter a user name. The system will let you know if the name is not valid by showing the cell with the red outline |
Permissions | Select the use permission group for this user. See "Setting Permissions." |
Password | Enter a password for the user. The system lets you know if the password is not valid. You can configure password requirements. See "Setting Policies" |
PasswordHint | Among the information that can help you remember the user's password. |
Policy | Select the usage policy settings for this user. See "Setting Policies". |
Blocked | Select block user access. You may want to use this for users who are no longer in the company. |
Deleted | Select to block access and mark the user as deleted, without deleting the user. You may want to use this for users who are no longer in the company. |
Company | You can indicate the name of a company of which the user is a member of the |
UserGroup | You can consider user groups. Here it should be indicated which group to which this user belongs. |
Profile | Enter the user's email address, phone number, and full name |
Keep adding as many users as you need.
Setting Permissions
You can configure the roles that Users will have access permission to edit the project and when they are using the system at run time. You set permissions using what is called user groups. The Action.NET comes with some predefined groups that you can use as they are. You can also create other groups as you need. Each Group uses a row from the table.
To set up permissions:
Go to Edit > Security > Permissions.
Enter or select the information as needed.
Column | Description |
Name | Enter a name for the group. The system will let you know if the name is not valid by showing the cell with the red outline. |
Edit | Click the cell. A list of existing Menu items will appear in the Engineering space. Select the roles that users in this group can access when editing a project. |
Run | Click the cell. A list of existing Menu items will appear in the Engineering space and real-time functions. Select the roles that users in this group can access while using the system at runtime |
Description | Type a descriptive text about the group |
Keep adding as many groups as you need.
The permission groups that you create will be available for use in the Users tab.
Disable switch Windows Apps option
One of the runtime permissions is to disable the ease of switching from one application to another in the MS-Windows environment. The function is EditSecurityPermissions.Run. If disabled, the following keys and actions will be inhibited during real-time running of the Action.NET:
Access to the Start button and the Task Toolbar.
button with windows logo
Ctrl + Alt + Del
Ctrl + ESC
Alt + Tab
alt + F4
Windows logo + L
NOTE - To enable disabling keyboard shortcuts that switch between applications, the DisableTaskSwitchProtection file should be run.bat from the installation directory. This action is to install the keyboard driver required to implement this feature.
Setting Policies
You can configure the permission policies that you want to apply to users. The Action.NET, by default, already has some predefined policies that can be used. If you prefer, you can also create others as needed.
To set up policies:
Go to Edit > Security > Policies.
Enter or select the information as needed.
Column | Description |
Name | Enter a name for the policy. The system will let you know if the name is not valid by showing the cell with the red outline. |
Identification | Select password rules for both project editing and runtime projects. |
Esign | For runtime only. Select the option if you want to impose a timeout for the runtime session. Enter the time-out period in minutes. |
Session | For runtime only. Select whether it will cause an automatic logoff, then enter the appropriate values for InactivityMinutes and DurationHours. This setting only closes the user's session. The application continues to run. |
Description | Enter a description for the policy. |
Keep adding as many policies as you need.
The policies created are available for use in the Users
If necessary, right-click a row in the table to cut, copy, paste, or delete the row.
Removing Users
You have three ways to disable users in Action.NET:
Lock - Use to block user access. You can use this option to prevent access from users who have left your business.
Deleted Flag - Use to block user access and flag the user as deleted without deleting the user. You may want to use this for users who are no longer in your company.
Deleting - Removes the user completely from the system. You should use the method that is best for your company's situation.
To remove users:
Go to Edit > Security > Users.
Click the user you want to remove.
Follow one of the following options:
To block a user, select the Locked column.
To flag a user as deleted, select the Deleted column.
To completely delete a user, right-click on the line and select Delete selected Row..
Managing Users at Runtime
When running the application, the login procedure will accept all users defined in the project configuration, but additional users, defined only by the system at runtime, by Scripts, can also be included. Runtime users are defined in the RuntimeUsers database defined in the Datasets menu. By default, this database is mapped to a SQLite database. You can select any other database by creating another DB connection and assigning it the name RuntimeUsers (you will need to delete or rename the existing RuntimeUsers row before creating the new one because the table does not accept duplicate names). You can populate this database directly before you start running the system, or after the project is already running, you can create or modify users, through dot NET scripts, with the methods available in the Security Namespace.See under http://www.spinengenharia.com.br/help/an-2016/runtime/index.html for the complete programming reference on runtime (runtime) objects. When these methods are run, new or modified users are automatically saved to the RuntimeUsers database.
Interface in engineering workspace
When you choose Edit > Security from the main menu of the Engineering tool, a "Real Time Users" tab is available, with the same columns as the normal user tab, which serves to see users created in real time and even change data from these users. The low figure shows this plug.
The Refresh button can be used at any time to check the new current state of the Dataset, RuntimeUsers, which will be reread and shown on the grid.
Â
Customizing Login Procedures
The login page is editable, you just need to select the screen with the name logon to edit your layout. As you can see in the code behind this screen, it calls the Security.Logon () method to do user validation. If you want to perform any other user validation, you just need to modify this logic by calling your own validation system and then calling the LogOn method according to the results of its validation.
Another way to customize the login is to put your own custom logic in the ClientStartup script task. The script runs on any computer that is connecting to the application server, you can perform IP-based checks of the computer, computer name, whether the user is logged into Windows Active Directory, or any other criteria to determine whether the user is allowed to start the application and what their credentials should be. After this check you can call the client procedure. Shutdown, to terminate the application if the user is not authorized, or (Security.Logon) if the user matches the selected security profile.
By default, when you start the application on a client computer, instead of requesting a login, the system starts the session with the GUEST user. The Guest user is equivalent to an anonymous login, if you do not want this method in your installation, just replace the home page with a page requesting the login information.
Security runtime objects
The Security namespace has all the runtime information relative to the security system.
The Client object has information about the current user logged on to this client station:
The Client.Username property contains the name of the logged-in user. Client.CurrentUser is a reference to a data structure with all the information of the currently logged-on user.
See in http://www.spinengenharia.com.br/help/an-2016/runtime/index.html for the complete programming reference on runtime (runtime) objects.
On this page: