Understanding User and Group Authorizations
Authorizations can be set on both the User and the Group, unless the Longview system is on the ISW platform, then authorizations can only be set on Users. When Longview is configured to be on the platform, the authorizations are dependent on the type of user license the user has.
When the user is synchronized from the ISW platform and added to Longview, the authorizations are set based on their user license however they can be modified to be less then what is provided by default. Any authorizations that have been manually removed will not be reset upon future user synchronizations.
Account Type Authorizations
Account Type Authorizations only apply to users and cannot be set on a group.
Authorization | Description | Platform |
---|---|---|
User Administrator | Select this option to make the user a user administrator. This authorization allows this user to create groups, users and assign them any authorizations, groups or symbol access regardless of their own access or membership. | Admin Designer Service |
Service Account | Select this option to restrict the user to only connect through Longview REST API. Note:
| Service |
Application Access – Add-In for Office Authorizations
Authorization | Description | Platform |
---|---|---|
Allow Access | Select this option to give the user access to Longview Add-In for Office. Note: You must also select the Connect to Application Framework option in the Data Access category to allow users to access the Longview Add-In for Office. | Designer Power User Viewer |
Submit Data | This option is available only if Allow Access is selected. Select this option to allow the user to submit data in the Longview Add-In for Office. | Designer Power User |
Application Access – Application Administrator Authorizations
Authorization | Description | Platform |
---|---|---|
Allow Access | Select this option to give the user access to Longview Application Administrator. | Admin Designer |
Application Access – Designer Authorizations
Authorization | Description | Platform |
---|---|---|
Allow Access | Select this option to give the user access to Longview Designer. Note: You must also select the Connect to Application Framework option in the Data Access category to allow users to access Longview Designer. | Designer |
Data Import Apps - Create | Select this option to allow the user to create data import apps in Longview Designer. | Designer |
Data Import Apps - Modify | Select this option to allow the user to edit data import apps in Longview Designer. | Designer |
Data Import Apps - Delete | Select this option to allow the user to delete data import apps in Longview Designer. | Designer |
Data Import Apps - Publish | Select this option to allow the user to publish data import apps in Longview Designer. | Designer |
Longview Apps - Publish | Select this option to give the user access to publish Longview Apps in Longview Designer. | Designer |
Application Access – Mappings Editor Authorizations
Authorization | Description | Platform |
---|---|---|
Allow Access | Select this option to give the user access to the Longview Mappings editor. Note: You must also select the Connect to Application Framework option in the Data Access category to allow users to access the Mappings editor. | Designer Power User Service |
Manage Maps | Select this option to give the user access to create, modify, and delete maps. | Designer Power User Service |
Manage Mappings | Select this option to give the user access to create, modify, and delete mappings. | Designer Power User Service |
Application Access – Server Manager Authorizations
Authorization | Description | Platform |
---|---|---|
Allow Access | Select this option to give the user access to Longview Server Manager. | Admin |
Start/Stop Servers, Turn On/Off Dynamic Calculations | Select this option to allow the user to start and stop the servers and turn Dynamic Calculations on and off. | Admin Service |
Application Access – Other Authorizations
Authorization | Description | Platform |
---|---|---|
Longview Dashboard Designer | Select this option to give the user access to Longview Dashboard Designer. | Designer |
Longview Journal Entries | Select this option to give the user access to Longview Journal Entries. | Designer Power User |
Longview Workflow Designer | Select this option to give the user access to Longview Workflow Designer | Designer |
Longview Analysis & Reporting | Select this option to give the user access to Longview Analysis and Reporting and select one of the following Reporting roles to assign to the user:
Note: If you do not select a role, no authorization is assigned to the user. For more information, see the Longview Analysis and Reporting Guide. | Designer Service Power user Viewer |
Data Access Authorizations
Authorization | Description | Platform |
---|---|---|
Connect to Application Framework | Select this option to allow the user to connect to Longview Application Framework. Note: You must select this option to allow users to access Longview Apps, Longview Designer, Longview tools and editors, the Longview Add-In for Office, and Longview Client | Admin Designer Power User Viewer Service |
View Data | Select this option to allow the user to view data. | Designer Power User Viewer Service |
Modify Data | Select this option to allow the user to modify data. | Designer Power User Service |
Delete Comments | Select this option to allow the user to delete any existing comments in the Data Server. Users without Delete Comments authorization can delete only their own comments before they are submitted to the database. Note: Delete existing comments functionality is available in Data Grids only. | Designer |
Post Own JEs (Review) | Select this option to allow the user to review post (temporarily post) any journal entries that they create. | Designer Power User Service |
Post Own JEs (Permanent) | Select this option to allow the user to permanently post any journal entries that they create. | Designer Power User Service |
Delete Non-Shared JEs | Select this option to allow the user to delete non-shared journal entries. | Designer Service |
Current Period Journal Entry | Select any of the following options to give the user authorization related to current period journal entries:
| Designer Power User Service |
Future Period Journal Entry | Select any of the following options to give the user authorization related to future period journal entries:
| Designer Power User Service |
Prior Period Journal Entry | Select any of the following options to give the user authorization related to prior period journal entries:
| Designer Power User Service |
Restatement Journal Entry | Select any of the following options to give the user authorization related to restatement journal entries:
| Designer Power User Service |
Maintenance Access Authorizations
Authorization | Description | Platform |
---|---|---|
Batches and Events | Select this option to give the user Batches and Events authorization. Users with Batches and Events authorization can:
Users without Batches and Events authorization can:
For more information, see “Working with batches”. | Admin Designer |
Foreign Exchange Settings | Select this option to allow the group to manage foreign exchange settings. | Admin Designer |
NDD Settings | Select this option to allow the group to manage NDD settings. | Designer |
Intercompany Eliminations | Select this option to allow the group to manage intercompany eliminations. For more information, see “Working with intercompany eliminations”. | Designer |
Journal Entries | Select this option to allow the group to access Longview Journal Entries. | Designer |
Locks | Select this option to give the group Locks authorization. Groups with Locks authorization can delete any lock in the system with the Data Locks tool, while groups without Locks authorization can delete their own locks only. For more information, see “Working with locks”. | Designer Service |
Rules | Select this option to allow the group to maintain Rules. For more information, see “Working with rules”. | Designer Service |
Schedules | Select this option to allow the group to maintain Schedules. For more information, see “Working with schedules”. | Designer Service |
Symbol Access – Roles | Allows the user to configure symbol access for symbol access roles. For more information, see “Maintaining symbol access roles”. | Designer Service |
Symbol Access – Groups | Allows the user to configure symbol access for groups. This option is unavailable unless Group Administration is selected in the Users and Groups – Groups category Note: Groups can give symbol access only at a level that they themselves have. For example, if a group has read-only access to the TENTITIES symbol with a level of 10, they can give other users, groups, and roles only read-only access to the TENTITIES symbol, with a level of 10 or lower. For more information, see “Applying a symbol access role to a group | Does not Apply |
Symbol Access – Users | Allows the user to configure symbol access for users. This option is unavailable unless User Administration and at least one group are selected in the Users and Groups – Users category. | Does not Apply |
System Attributes | Select any of the following options to give the group authorization related to system attributes:
| Designer Service |
Symbol Attributes | Select any of the following options to give the user authorization related to symbol attributes:
| Designer Service |
User Attributes | Select any of the following options to give the user authorization related to user attributes:
| Designer Service |
Symbols
| Select any of the following options to give the user authorization related to symbols: Create—Allows the user to create symbols. Modify—Allows the user to modify symbols. Delete—Allows the user to delete symbols. | Designer Service |
Metadata Audit Trail | Select any of the following options to give the user authorization related to Metadata Audit Trail. Export – Security related—Allows the user to export Metadata Audit Trail information for security related activity. Security related activity includes Authorization maintenance, Group maintenance, Group Membership maintenance, Role maintenance and User Maintenance. Export – Non-Security related—Allows the user to export Metadata Audit Trail information for non-security related activity such as attribute maintenance. Reset – Security related—Allows the user to reset Metadata Audit Trail information for security related activity. Security related activity includes Authorization maintenance, Group maintenance, Group Membership maintenance, Role maintenance and User Maintenance. Reset – Non-Security related—Allows the user to export Metadata Audit Trail information for non-security related activity such as attribute maintenance. | Admin Designer Service |
User and Groups – Group Category Authorizations
Note: If your is configured to be on the ISW Platform then the following authorizations do not apply.
Authorization | Description |
---|---|
Group Administration | Select this option to allow the group to add and modify groups in the Longview system. In Longview Tax, this allows the group to add and modify groups via the UserGroups.csv import file and the User Groups editor. Note: Groups can modify only authorizations that they themselves have. For example, if a group does not have Longview Add-In for Office authorization, they cannot modify that authorization in other users and groups. |
Users and Groups – Users Authorizations
Authorization | Description |
---|---|
User Administration | Select this option to allow the group to add and modify users in the Longview system. In Longview Tax, this also allows the group to add and modify users via the Users.csv import file. If User Administration is selected and AllUsers is selected for Select Groups, this also allows the group to access the Users editor and add and modify users. For more information on AllUsers, see “Understanding the AllUsers group”. Note: Groups can modify only authorizations that they themselves have. For example, if a group does not have Longview Serve Manager authorization, they cannot modify that authorization in other users and groups. |
Reset Passwords | If User Administration is selected, this option is automatically selected and cannot be cleared. Select this option to allow the group to reset user passwords in the Longview system. In Longview Tax, this allows the group to reset user passwords via the Users.csv import file. If Reset Passwords is selected and AllUsers is selected for Select Groups, this also allows the group to access the Users editor and reset user passwords. For more information on AllUsers, see “Understanding the AllUsers group”. |
Select Groups | This option is available only if User Administration or Reset Passwords are selected. In addition, AllUsers is the only group available for this option. Note: When you edit an existing group, the AllUsers group and the group itself are available when User Administration or Reset Passwords are selected. For more information, see “Editing groups”. Select the AllUsers group to assign the selected authorization to the group for all users in the system. For more information on AllUsers, see “Understanding the AllUsers group”. |