SmartPay operates a permissive security system. This has a couple of practical implications.
- If an item is not selected, then none of the associated restrictions are applied.
- For example, if no Department is selected for a User, then that User will be able to view all payments.
- Where permissions are aggregated - i.e. if an item is selected in one applicable list, but not in another - then the system will treat the item as selected if it is selected in either list.
- For example, 'Payments' permission might be checked in a User's Group or in the User itself - in either case, they will be able to access Payments.
Departments & Funds
- A User's "main" Department is the one allocated to a Payment, Batch, or other item they create.
- Additional Departments may be assigned to aggregate their Fund permissions.
- If no Funds are selected for a Department, permissive security applies - Users with that Department selected will be able to access all Funds, regardless of which other Departments are selected.
- If any of the User's Departments have that implicit "All Funds" permission, then they will be able to view all Payments - see below for more details.
Payment Search & Reports
- For non-admin users, Searches (i.e. Search & Advanced Search) and Reports will automatically be filtered according to the user's Department-Fund permissions.
- If the User has no Department(s) selected, they will be able to view all Payments.
- If any of the User's selected Departments have no Funds selected, then implicitly that Department will have "All Funds" permission and the User will be able to view all Payments.