User accounts and access restrictions
Multiple users can work in a single database. This lets you see who created, edited, or deleted entries. Access rights allow you to protect entries from being edited or deleted and hide them from other users.
Setting a password
Initially, the database has only one user – Administrator. This user has full access and cannot be deleted. First, let's set an Administrator password to prevent login without a password.
Creating new users and organizing them into groups
Let's create a couple of new users: Anna, the chief accountant, and John, an intern. Let's also create a group – the Accounting department. For this group, we'll set the "User blocked" checkbox to prevent login as the entire department. Setting the "Read only" checkbox prevents the user from editing any data, only viewing. Let's add another department - Sales – and place these two departments in the New York branch. As you can see, you can create user groups with unlimited nesting.
User permissions
Let's log in as John. On the other computer we will be changing access rights and seeing the results immediately,
thanks to cloud sync. On the right, we see the screen of the second computer, where the light appearance enabled for contrast.
First, we'll completely prohibit the entire branch from editing anything in the database. We'll also prohibit changing access rights, otherwise users will be able to assign themselves permissions. Let's verify that John, as part of the New York branch, can no longer edit, delete, or create anything.
However, the accounting department typically requires full access to the database, except for user management and settings. Let's add the corresponding permissions to the accounting department. For the accounting employees these permissions will have a higher priority than the permissions of the entire branch. Now John, as an accounting employee, can do everything. Only the user accounts directory and database settings are blocked.
But John is an intern and doesn't need full access. Therefore, we'll set up access rights for him separately.
He only enters new data and can't edit anything. As we can see, John is able to create new transactions, but not editing existing ones.
Restricting access to individual entries
You can also restrict access to specific data. For example, you can hide certain accounts or categories from certain users or prohibit them from creating transactions within certain categories or accounts. As a reminder, the screen on the right is from another computer, logged in as Administrator.
Let's hide the "Cash" account for the "New York" branch. As you can see, the entire group has disappeared, along with its sub-accounts. If needed, you can grant access to one of the sub-accounts. The parent account will then also become visible, but not the transactions for that account, they will remain hidden.
This also works with categories. For example, let's hide the "Automobile" category for user "John." And we see that it has disappeared, along with all the transactions. You can hide or protect from changes almost any data, even individual transactions.