Skip to main content
Skip table of contents

Permissions

General information

The permissions of a user group define the scope within which the users of the group are allowed to move within the application. Within the permissions, a distinction is made between functions and contents.

Permissions can only be customized for custom user groups. For the konfipay standard groups, these permissions are unchangeable.

Functions

The functions of a user group represent which program functions within konfipay the user gets access to.

Assignment of the function permissions

Functions are divided into logical areas (e.g. bank accounts, account transactions, PayPal accounts, etc.). These contain sub-items that define the access within the area. A set check mark means that the permission to a function is given. If the check mark is not set, the users of the group cannot access the function.

Users of this group can only see bank accounts, but not enter, edit or delete them

Combinations of permissions

Access to some areas and functions of the application requires a combination of permissions for different functions:

Example

Necessary permissions

Enter SEPA Credit Transfer

  • Bank accounts → Display

  • Transactions → Enter and edit bank transfers

Enter EBICS contact

  • EBICS → Show contacts

  • EBICS → Enter/edit contact

View account transactions

  • Bank accounts → View

  • Account transactions → Show transactions

Access to a locked function

All functions to which the users of a group does not have access are still displayed for the user and can still be selected via the menu. If a locked function is accessed, the user will receive a corresponding message indicating which permissions are required for access.

Message when accessing a locked function

Contents

With content restrictions, the permissions of user groups or their members can be defined on data level. On the basis of certain rules, content can be hidden throughout the application for the members of a user group.

There are two criteria based on which content is hidden:

  • Bank accounts

  • Payment methods

Restrictions on content thus define filters which hide all data to which the users of a group do not have access. In addition to the filter criteria, the operators equal or unequal can be set. The mode of operation will be explained by means of some examples:

Example

Rule

Meaning

Criterion: Bank account

Operator: equal

When the bank account is equal to DE87290400900104040100, it will be not displayed

Criterion: Bank account

Operator: equal

When the bank account is equal to DE87290400900104040100 or DE93750200730024614867, it will be not displayed

Criterion: Bank account

Operator: unequal

All bank accounts unequal DE93750200730024614867 will not be displayed.

Thus, only bank account DE93750200730024614867 is displayed.

Criterion: Payment method

Operator: equal

When the payment method is equal to SALA (salary payment), the payment/account turnover is not displayed

The list of possible criteria will be extended with upcoming versions.

Membership in multiple user groups

If a user is a member of more than one user group, the permissions or restrictions have an additive effect.

Function permissions for membership in multiple user groups

A user who joins additional user groups receives the additional permissions to shared functions of the new groups. However, the user does not lose any permissions. Accordingly, it is sufficient if one user group of the user grants access to a function to obtain the corresponding permission.

Content restrictions for membership in multiple user groups

If a user joins another user group that is subject to a content restriction, the content restriction takes effect for the user - regardless of whether his other user group would actually allow access. Accordingly, it is sufficient if one user group restricts access to a content to block access for that user.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.