We do security by user groups rather than individual users, so we say "what
group should this user be in?", such as warehouse, AP clerk, Purchasing
buyer, etc. Then we assign them to that group in their User Profile, which
has a menu assigned to it, and we are done, for most new users. I think this
is a common approach. We e-mail I.T. and say "put John Doe in group XYZ", so
there really is no form because that is all the data needed.
If the user does not fit in an existing group, we say "what group is he/she
closest to?" in terms of need for access to programs, then make a list of
modifications to the Security Workbench settings for a copy of that "closest
group" which are needed for this user. So I.T. creates a new user group,
assigns the person to it in User Profile, copies the Security Workbench
settings for the "closest group" and makes the changes per the list of mods
needed.
We have (most of) the security settings in an Excel spreadsheet, on the
jdelist Forum at Downloads called Security Settings by Programs and User
Groups Spreadsheet, where W (write) means application security = Y, R
(read) means action set to N for OK/delete/copy, N (no access) means
application security = N, and RR is for R (report/UBE) programs and means
"run report" thus application security = Y.
So I can send an e-mail to Gwen in I.T. and say "please set up Tom Cruise in
a new group, like Gendisplay group with changes of P4310 = W, P4312 = W,
P4101 = W", add the new group to the security spreadsheet and make the
listed changes, Gwen does Security Workbench per the e-mail (copying the
specified group and making changes is much quicker than keying all 1200
lines from scratch) and we are done. I save the e-mails and we have a record
of all changes and new folks and new groups.
You could do a form with data of: date, name, group to assign to, new group
required Y/N, group to copy and modify, mods (with a list of: program
number, action security settings Y/N for OK, Delete, Copy, etc.), and any
special things list Processing Option security.
For a few programs, like P4310, we have security by form (e.g. W4310A).
Lead people (power users, section honchos) have write access to processing
options. All users have read access to processing options. Menus control
access to versions. Leads have Fast Path.
If someone writes a new R report, we have a form specifying what user groups
get access to the report. I can send you that one if you want. E-mail me
direct.
Dave Mallory Denver Water Denver, Colorado, USA