2.3. Access Control

BMFO allows to limit access to selected operational areas on a per-user basis.

After you installed BMFO the wizard will create two roles,bmforole role which you have to assign it from SQL to any new full control user and bmforeadonly role which you have to assign it from SQL for any new read only user.

Access for a user to an operational area is granted by inserting a record to the UserOperationalArea table containing the user name and the operational area's coded value.

As of BMFO version 1.0.6, access control is enforced for all write operations and a number of reporting functions.

The following SQL statement can be used to allow the user "Username" to all operational areas:

insert into UserOperationalArea (select
UserOperationalArea_seq.nextval, 'Username', codedvalue from OperationalArea)