LESSON INFO

Audience

  • System administrators responsible for managing access in Themis-Trace.
  • Implementation/support team members who need to create or maintain groups.

Prerequisites

  • You can log in to Themis-Trace.
  • You have access to:
    • Administration → Security Profile → Groups

Skills you’ll build

  • You can create and maintain groups by assigning users and roles.
  • You can activate/inactivate groups and understand when Delete may fail.

LESSON OUTLINE

Concept

  • What a Group is
    • A Group allows you to manage access at scale by assigning Users + Roles together.
    • Groups can include both general action permissions and (when applicable) entity-scoped access rules.
  • How Groups fit with Users and Roles
    • Use Roles to define reusable permission bundles.
    • Use Groups to grant those permissions to sets of users.
  • Lifecycle management
    • Create records with New.
    • Toggle access with Activate / Deactivate.
    • Use Delete for removal (note: delete can fail if the record is referenced elsewhere).

Walkthroughs

  • Create a new group
    1. Navigate to Administration → Security Profile → Groups.
    2. Click New.
    3. Enter a unique Group Name.
    4. Add users to the group:
      • Open the Users tab.
      • Select the user(s) who should belong to this group.
    5. Assign roles to the group (this is where access “takes effect”):
      • Open the Roles tab.
      • On Actions, assign the action roles this group should have.
      • If a Data Access tab is visible, configure it as required for your workflow.
        • Rule of thumb:
          • Internal groups typically see all records.
          • External groups are typically restricted to a customer/cargo agent/Sold-To scope (if enabled for your instance).
    6. Click Save & Close.
    7. Confirm the new group appears in the Groups grid and is Active.
  • Edit a group
    1. Navigate to Administration → Security Profile → Groups.
    2. Open the group from the grid.
    3. Update group membership:
      • In Users, add or remove users.
    4. Update permissions:
      • In Roles, adjust Actions.
      • If present, adjust Data Access.
    5. Click Save (to keep editing) or Save & Close (to exit).
  • Activate / Deactivate / Delete groups (from the grid)
    1. Navigate to Administration → Security Profile → Groups.
    2. Select one or more groups using the row checkbox.
    3. Choose Activate, Deactivate, or Delete.
    4. Confirm the prompt to save your changes.

COMMON QUESTIONS

    • Rule of thumb

      • Roles define permissions that can be reused by different users.

      • Groups grant those permissions to sets of users by assigning roles + users together.

    • Likely cause: The structured hierarchy (Bay/Row/Position/Level) does not match the intended location design, or the selection behavior is constrained by implementation rules.

    • Checks:

      • Validate the Bay/Row/Position/Level hierarchy with the Select Inventory Location behavior described in the Inventory Locations spec.

      • Capture the specific mismatch (what you expected vs what the system allows or displays).

    • Fix: Correct the structured location hierarchy to match the intended design. If the behavior is implementation-specific, align the configuration to the spec for your site.