What’s the difference between a physical file and a virtual file?

If a form in Chris21 has a physical file, then all of the data associated with that form will be stored on its own DAT file. For instance, all of the data entered in the Details (DET) form in Chris21 is stored on the EMDET file.

A virtual file, on the other hand, does not have an associated DAT file. Virtual files are often summary forms in Chris21. For example the Collated History (TCH) form displays a summary list of an employee’s training history, education and licences details. This form gets its information from the Training History (TRH), Education (EDU) and Licences (LIC) forms. There is no physical file or any data dictionary entries for TCH.

How do I set up Chris21 security access for a virtual form?

There is a trick to this. When it comes to Chris21 security access for virtual files you need to ensure that the Forms (SCN) form is also added to your security profile and menu. So, even though you have added TCH to the required security profile and menu, and you have refreshed and/or logged in and out of Chris21, you still won’t have access to TCH without also including SCN.

The reason that SCN is required for security with virtual files is not clear but we can assume it is related to the architecture and programming in Chris21.

The bigger question is: How would a user know about this when they come to set up Chris21 security access for a virtual file? The answer is that most would not know and would therefore spend a lot of time trying to work out what the problem is.

I hope the information in this blog saves you the time and effort should you find that you need to set up security for a virtual file at some time in the future.

The post Virtual Files and Chris21 Security Access appeared first on System Logic.

When attempting to access a form you may have seen this Chris21 error message:

While you may have seen this error message in the past, you may not be sure why this is happening. This error is telling you that the Salary (SMN) form is not accessible but what exactly does this mean and how can it be fixed?

There can be two causes of this error message. The first is that SMN hasn’t been added to your security profile or alternatively, the SMN form hasn’t been added to the menu role that you are using. Either of these scenarios will generate the Chris21 error message shown above.

I should point out that this error will only appear if you use the F6 shortcut key to access the form. This is probably the most common way that Chris21 users move between forms.

The other option to access a form is to navigate using the menu at the left hand side of your Chris21 window. If you navigate this way and you don’t have access to a form then that form will not appear on your menu. The key point here is that even though the form might be on the menu role you have been assigned, you still must have access to the form on your security profile before it will appear on your menu in Chris21. See my blog Chris21 Security and the Link with Your Menus. This blog also links to information about security profiles.

In my experience, the standard practice is to use one menu role for all users. This makes maintenance much easier because if you do have to add new forms for Chris21 users you only have to add them to one menu rather than updating multiply menus.

This works because, as mentioned previously, forms on a menu role will only appear in Chris21 provided the forms also appear on security profiles. In other words, it’s the security profile that ultimately defines how your menu looks when you log in.

To sum up, when you want to assign security to groups of users in Chris21 you do this by creating one security profile for the group. You then assign that security profile to specific users via the User Access (USR) form. For instance, payroll users will require different security to HR users. For more details about this see Understanding Security Profiles in Chris21. Then you just need to make sure that your single menu role contains all of the forms in all of your security profiles.

I hope this blog makes sense as it can be difficult to sometimes understand why a particular Chris21 error message is appearing. Having a better grasp of some of the security concepts in Chris21 should help if you are having trouble when setting up security.

The post How to Fix a Common Chris21 Error Message appeared first on System Logic.

The first step when you want to give a user access to a new form is to add the form to the user’s security profile. A Chris21 security profile is simply a list of all of the forms that a user needs access to. One security profile can then be assigned to multiple users if they have a similar role in your organisation. For instance, payroll officers will usually share the same security profile. See my blog Understanding Security Profiles in Chris21 for more information.

It’s important to remember that the security profile is only one part of the process when setting up Chris21 security. The other part is the menu security. You will notice that every user in Chris21 is assigned both a Security Profile and a Menu Role. You can see this on the User Access (USR) screenshot below:

The Menu Role can be different for various user groups. For instance, you might have a Payroll menu role that is different from your HR menu role. My article How to Use the Chris21 Menu Designer explains this in more detail.

If you are using specific menu roles for different Chris21 user groups, you must remember to update their menu roles whenever you update their security profiles. As an example, if you were to add the Superannuation (SUP) form to the PAYROLL security profile, you must also add SUP to the PAY menu role. If you don’t do this then the user won’t be able to access the SUP form, even though it appears in their security profile.

Of course, it works the other way too. So if a Chris21 form is already present in the menu role, it must also be in the security profile to ensure the user can access the form.

If you have configured Chris21 security and user’s have reported that they can’t access some forms, review the security profile and menu role to ensure they are in sync. In most cases, this will be the cause of any problems.

The post Chris21 Security and the Link with Your Menus appeared first on System Logic.

I think that one of the difficulties when updating security in Chris21 is in understanding how a security profile is created. A security profile in Chris21 is basically the same as a user record. In other words, you create a security profile in much the same way as you create a new user in Chris21. This is done via the User Access (USR) form.

The main difference between a security profile and user record is the Profile flag. You check this flag to indicate that this is a master record. Note in the screenshot above that the Profile field is checked. Also note that the Security Profile field on USR is left blank. This is because this is a master record rather than a user record. It’s only when you create a user record that you use this field to assign a security profile to the user.

Once you have created the master record (essentially a blank security profile), you can then start building the security profile by adding Chris21 forms using the Privileges (ATT) form.

You can see from the screenshot above that the PAYROLL security profile has a collection of 10 forms. Any user who is assigned this profile will automatically have access to these 10 forms.

Now that the security profile has been created you can assign this to your payroll officers as show below:

There are two major benefits of using security profiles in Chris21. The first is that you can assign a security profile to multiple users without having to recreate the profile for each user. The second benefit is that if you need to update a security profile you only need to do this in one place. Simply go to the Privileges (ATT) form, find the security profile from the list of users and add or remove a form. This is much more efficient than having to update the ATT records for, say, all of your individual payroll officers.

After reading this blog have a look at how security has been setup in your system. I hope this will help to give you a better understanding of how to use security profiles in Chris21.

The post Understanding Security Profiles in Chris21 appeared first on System Logic.

Position security in Chris21 can be an unfamiliar or misunderstood concept amongst Chris21 users. Essentially its purpose is to restrict access to the data belonging to certain groups of staff members by Chris21 users. For instance, you may want to set up position security in Chris21 so that a junior payroll officer can’t access details of executive staff members.

You will be aware of the Security Level fields on both the Position Table (PDT) and Position (POS) forms.

These fields are used to control the security access of Chris21 users to employee records within your organisation. Security Level 9 is the highest, while 1 is the lowest. If you assign a Security Level to a PDT record, this level will default to staff members who are assigned to that position. You can override this by changing the Security Level on individual POS records.

These fields are in turn linked to the Security Level field on the Privileges (ATT) form to control position security in Chris21. The setting on ATT determines the access that a Chris21 user is granted.

If the Security Level on an employee’s position record is set higher than the Security Level on the Chris21 user’s profile then the Chris21 user will not be able to access that employee’s details.

In the example shown above, the Chris21 user assigned to the PAYROLL security profile has access to Salary (SMN) records where position security is set to 5 or lower. The SMN records associated with any staff member whose position Security Level is higher than 5 will not be accessible to this Chris21 user.

You need to take care if using HR21. The same security restrictions apply. Therefore, the security profile that is assigned to HR21 users will need to have the appropriate Security Level so that managers can access all of their staff details. It is usually appropriate to grant HR21 users the highest level of 9 to avoid any issues.

One final thought. Chris21 always defaults to Security Level 5 on PDT, POS and ATT. If you decide to use position security you will need to ensure you manually change the ATT Security Level as appropriate.

The post Understanding Position Security in Chris21 appeared first on System Logic.