Users interface directly impact usability of an ERP system. A properly designed user interface provides proper accessibility to the intended functions of the system and enables execution of transactions. Earlier users accessed the system with dumb terminals (ASCII) which had lot of usability deficiencies and this led to subsequent adoption of Graphical Users Interface (often with look and feel of MS Windows) during 1990s. With the advent of internet technology, user interface further evolved to enterprise portal, which provides easy access between internet client and application server.
Internet based User Interface:
This is the most popular type of users interface at present due to convenience in accessing the ERP applications even from a remote location. Maintenance by system administrator is also easier, as they need not go to individual desktop or use any additional software distribution software, for the purpose of maintenance. The Internet server application is used as a gateway between the Internet client (IC) and the application server in order to expose the ERP functionality to the Internet domain.
The internet user interface architecture is depicted in the following diagram:
Internet Access Architecture
The HTTP-server security mechanisms are used to offer secure access to the HTML-page that contains the Java applet.
User management functionality is used to create user, provide user login and password and to give authorizations to the users. The userâ€™s authorizations are dependent on their role in a company. To be able to work with ERP applications, users must have some sort of session authorization, database authorization, and library authorization. During installation of ERP, some default roles are automatically created. The default roles make sure that users can use the menu browser and its associated functions and commands.
There are various types of users for an ERP package which can be broadly classified as under:
Normal users, who have restricted authorizations to start sessions, access table fields, work with data that pertains to specific company (database) numbers and so on.
Super users, who have unrestricted authorizations. A system administrator is a good example of a super user.
Role dependent usersâ€™ authorization:
From a user point of view, a role represents a function in an organization. In ERP, a role represents a set of authorizations for a function in a company (database). User authorizations that are defined per role instead of per user significantly reduce the redundant data. The authorizations for normal users are therefore defined in roles to which they can be linked. The role concept provides a user-friendly method to quickly add new users or to update user authorizations.
Because an employee can have more than one function in a company, more than one role may be assigned to the user. A role can also contain more than one sub-role, which can also have sub-roles. All these roles and sub-roles form a role tree, which can be viewed with a role browser. The role browser shows the role tree in a graphical user interface.
Role-dependent authorizations can be defined at the following component levels in an ERP system:
Session authorizations -
The session authorizations define which sessions the users can start and what they can do with these sessions.
Database authorizations -
The database authorizations define the actions the users can perform on specified database tables and the associated fields in the database table.
Library authorizations -
ERP system uses various type interfaces to integrate external programs which communicate with ERP environment through Dynamic-link libraries (DLLs). The Library authorizations define whether the users, who are linked to the role, can access the functions that are defined in DLLs.
The non-role-dependent authorizations:
In addition to these role-dependent authorizations, some additional authorizations can be specified that are not defined by the employeeâ€™s role, for example, the development parameters, device preferences, and so on. These non-role-dependent authorizations are defined in templates to reduce redundant data, which then can be linked to the user profile.
These templates pertaining to non role dependent authorization can be divided into the following categories: