Role Membership
Role membership associates users and roles, as well as the domains and entities in which that role operates. Use Role Membership Maintain (36.3.6.6) to create and maintain role memberships.
For each domain, access can be restricted to one or more entities in the domain. In essence, role membership defines the context of a particular role by specifying the meaning of a role within a specific domain and entity.
A user’s role always operates within the context of a domain and entity; you cannot set access at the domain level. You must explicitly grant access to users to each entity within the domain. However, entity-level access has meaning in most cases only within financial functions. Users who will be working exclusively with operational functions such as sales, shipping, and manufacturing are typically given access to the primary entity of the domain.
Example: Sophie Woods has the role Project Manager for all companies in the Australia domain. When she accesses the Australia domain, the access privileges for her Project Manager role apply for all entities within the domain. Her privileges do not apply if she logs in to a different domain.
Example: Roger Spencer has been assigned the role Accountant, but only for the entity 001 Fit & Co Pacific in the Australia domain; his role privileges do not apply for other entities in the Australia domain or any other domain.
Certain standard programs, described in the next section employ a user ID, role, or sometimes both in order to control access, as in previous versions of QAD applications.