System Security

Owned by Robin Rodrigue
Last updated: Jan 14, 2022 by Nora Kinal
7 min read





Overview

This section demonstrates how to add users, change passwords, assign and create roles, and set permissions within the system.

Users

The User section allows you to change passwords, attach users, indicate the type of user, and inactivate a user when necessary.

From the Admin & Maintenance tab, locate and click Users.

Attach Users

The list of users comes from the MCS Admin Console. A new user must first be added into Admin Console before it is available to attach in Edison.

  1. Select Attach User(s).

  2. Select the Username from the list or use the search function to locate a particular User. Then, click Ok.

  3. Scroll to the bottom of the User Maintenance window to locate the new user and establish User information. Then, click Save Changes.

    1. Full Name - Enter the user's full name.

    2. Email Address - Enter the user's email address.

    3. Inactive - If a user no longer requires access to the system, place a checkmark in the inactive box.

    4. Default Site - Use the magnifier icon to locate and select a default site for the user or click Add Site Role (if applicable). e.g. An area supervisor may be a cafeteria manager for a specific site as well).

    5. Report Menu Configuration - Use the drop-down menu to select a report menu configuration (allowing access to certain reports).

    6. Checklist - Use the drop-down menu to select the appropriate checklist (if applicable).

    7. System Administrator - If the user will take on an administrator role, place a checkmark in the System Administrator column.

    8. Normal User - If the user will take on a normal role, place a checkmark in the Normal User column.

    9. User-Defined Roles - If the user will take on any user-defined roles, place a checkmark in the Area Supervisor column. You can create new roles here.

  4. Select the user and click Add Site Role. Next, select a Site Scope and Role for the user's role. Then, click Ok.

  5. Click Save Changes when you are done.

Change Password

  1. Highlight the user from the list and select Change Password.

  2. Enter the New Password and then Confirm Password. Then, click Ok to save the new password.

As an administrator, you have the ability to reset User passwords without entering the old passwords. Non-administrators will need to enter old passwords before changing.

Passwords must contain at least one (1) letter and one (1) digit or punctuation and must be at least six (6) characters. e.g. Edison1

Roles

Roles are comprised of two groups in order to maintain better security of the system - Database Roles and Site Roles. Roles match the users with Permission in the system.

Database Roles

Database Roles can be created for various job descriptions within the District. The system default roles are System Administrator, Normal User, and Area Supervisor.

Default Database Role Security Levels

Default Database Role Security Levels

System Administrator

Highest Security Level

Normal User

Lowest Security Level

User-Defined Database Role(s)

User-Defined Security Level

  1. From the Admin & Maintenance tab, select Roles. Then, choose Database Roles.

  2. Create a new Database Role. Then, click Save Changes.

    1. Role Description - Enter a description of the new role in the blank space with the asterisk * (typically the last row).

    2. Template - Select a permissions template from the drop-down menu that closely matches the new role or leave at none. Once a new role is created, the role will appear in permissions and can be established.

Site Roles

Site Roles can be created for various job descriptions within the District. The system default roles are Full Control and Manager. Additional roles may be added.

Default Site Role Security Level

Default Site Role Security Level

Full Control

Highest Security Level

Manager

Lowest Security Level

User-Defined Site Role(s)

User-Defined Security Level

  1. From the Admin & Maintenance tab, select Roles. Then, choose Site Roles.

  2. Create a new Site Role. Then, click Save Changes.

    1. Description - Enter a description of the new role in the blank space with the asterisk * (typically the last row).

    2. Template - Select a permissions template from the drop-down menu that closely matches the new role or leave at none. Once a new role is created, the role will appear in permissions and can be established.

Permissions

Permissions are comprised of two groups for ease of maintaining security levels of the system - Database Role Permissions and Site Role Permissions. Permissions are designated by Roles within the system. You can review additional permission information by clicking on a permission and reading the details at the bottom of the screen.

Database Role Permissions

  1. From the Admin & Maintenance tab, select Permissions. Then, choose Database Role Permissions.

  2. Establish security levels for each permission and role. Then, click Save Changes.

    1. Highlight a permission from the list.
      Note: Information about each permission is given at the bottom of the window to further explain each in better detail.

    2. Choose a setting for the permission under the relevant role.

None 

Users assigned to only one role will not have the ability to perform this function (see below for more details).

Allow 

Users will have the ability to perform this function.

Deny

Users will not have the ability to perform the function.

Read-Only

Users will not have the ability to perform the function, but will be able to view.
Note: This option is only available for menu and recipe maintenance, item maintenance, and price contract maintenance

 

Permission Matrix

Function

Role 1

Role 2

Results

Override Lock

Allow

None

Allow

Item Maintenance

Deny

None

Deny

Ordering Setup

None

Deny

Deny

Send Orders to Vendor

Allow

Deny

Deny

Tax Rate Maintenance

None

None

Deny



  • Alert maintenance

  • Checklist maintenance

  • Export maintenance

  • Inventory period maintenance

  • Ordering setup

  • Peripheral device setup

  • Report menu configuration maintenance

  • Scheduled-job maintenance

  • Security and user maintenance

  • Site maintenance

  • System setup

  • Tax-rate maintenance

  • Test database maintenance

  • Upgrade application

  • User-defined report maintenance



  • Advanced catalog number change

  • Advanced item merge

  • Item maintenance

  • Partial-use unit maintenance

  • UPC code maintenance



  • Menu and recipe maintenance

  • Menu count types and nutrient standards





  • Bid analysis

  • Bid analysis setup

  • Bid quote entry

  • Price contract maintenance



  • Edit inventory without opening days

  • Edit my comments

  • Edit other's comments

  • Login to Edison

  • Override order locks

  • View news and announcements



Site Role Permissions

  1. From the Admin & Maintenance tab, select Permissions. Then, choose Site Role Permissions.

  2. Establish security levels for each permission and role. Then, click Save Changes.

    1. Highlight a permission from the list.
      Note: Information about each permission is given at the bottom of the window to further explain each in better detail.

    2. Choose a setting for the permission under the relevant role.

None 

Users assigned to only one role will not have the ability to perform this function (see below for more details).

Allow 

Users will have the ability to perform this function.

Deny

Users will not have the ability to perform the function.

 

Permission Matrix

Function

Role 1

Role 2

Results

Commit Physical Inventory

Allow

None

Allow

Order

Deny

None

Deny

Receive

None

Deny

Deny

Edit Inventory After Physical Inventory

Allow

Deny

Deny

Edit Completed Order

None

None

Deny