Select your username from the list.
Enter your password. When this window opens, the focus is on the password field. This allows the user who last logged in to be able to quickly log in again.
If using the user 1(pass= user1) name, type user1
as the password.
Select the store you want to log in to from the drop-down list.
In a synchronisation system (29.01. Introduction to synchronisation) the user will see a list of all the active stores they have permission to log into in this datafile.
View any messages that might be displayed.
Finally, click OK to login. If login is successful you will be taken to the navigator screen.
As with all windows in mSupply, pressing the Enter key at any point produces the same result as clicking on the highlighted button, which, for this window, is the OK button. This facilitates fast keyboard control.
There are various options that can be set that cause a user to be taken to other screens or shown other information after logging in successfully. For example, Reminders or Invoices preferences.
If one has not already been set up and if you are using a single user copy of mSupply, after logging in you will be asked to select the location for the journal file. A good place is to put it in the same folder as the datafile. You will only be asked to do this once.
The journal file is a place that mSupply records every database transaction that occurs after the last backup. It is used for repairing a damaged datafile and for investigating some types of errors.
Previous: 3.01. The tutorial like no other | | Next: 3.03. Opening the example data file |
User permissions are per-store, so a user can have different permissions when logged into different stores.
If you have many users that need to have the same permissions (because they carry out the same role, for example), you can create a group and assign the users to the group. Once a group is set up and permissions for the group assigned, any users that are assigned to the group will inherit the group's permissions, rather than having to set permissions for each user individually. When you change a group's permissions, you change the permissions for all users who belong to that group.
If you want to change a user's permissions and find out that all their permissions are greyed out and uneditable then it means they are a member of a group. To edit their permissions separately from the group, they must first be removed from the group:
None
, click OK (see below for details).Refer to Using groups below for more details. If the user is to remain part of the group then you must change the group's permissions (see Editing a group below) but beware, this will change the permissions for all users who belong to the group, not just the user you're interested in.
If you want to disable a user, perhaps because the staff member has left the organisation, then they must be made 'inactive':
If the Active checkbox is greyed out, it is because they are a member of a group. You will need to first remove them from the group before you can make them 'inactive':
None
Of course, if the whole group of users needs to be made inactive then you can just uncheck the Active checkbox for the group.
mSupply has a comprehensive system of controlling user access, allowing you to manage in fine detail what each user can do and see in the system. You can manage users individually, in groups or a mixture of both - whichever is most suitable for your situation.
User access is managed by choosing File > Edit users from the menus, or by choosing Admin > Edit users in the Navigator. When clicking on this option you are presented with a list of current users:
The list shows you the following information:
To view groups rather than users, choose Groups from the Show Drop-down list at the top-right of the window. The list changes slightly to look like this:
Now the list shows you slightly different information:
To get a list of all current user permissions, click the Permission Report button. An Excel spreadsheet will be generated (see sample); it will have one worksheet for each store showing all the users and groups and what permissions they have in that store.
Double-click a user (or group) to edit their details or delete them. Click the New User button to add a new user (or the New group button to add a new group). Doing either will open the user details window (described below - for a new user or group all the tabs are empty, for an existing user or group the tabs are filled with their current settings)
Used to select the user group the user belongs to (see below). When the window loads, it displays the group the user currently belongs to. It will show “None” if they are not a member of any group.
This text box will always appear empty when the window is loaded. It must be set for a new user. It can be used here to change the password of an existing user.
If something is entered in the Password textbox, then the same text must be entered in this textbox. This step makes sure you set the password to what you think you're setting it to!
If this checkbox is checked, then that user has permission to use the system, and their name will appear in the login window. If this checkbox is unchecked the user will not be allowed to login to the system and their name will not appear in the login window.
If this checkbox is checked, the name of that user will appear for selection in the Responsible Officer selector on the Transport Details tab of a Customer invoice.
User initials should be entered in this field.
Allows you to select which language the user wants to use in mSupply. As of August 2020, supported languages are:
This section can be used to check a user's login credentials against an LDAP (Lightweight Directory Access Protocol) server. If you are going to use LDAP you must fill in the server details in the General Preferences, LDAP tab first.
The username the user logs into window systems with. Used to provide single-sign-on capability when the user is logging in remotely to an mSupply client running on a Windows server.
Used to select which user license category the user belongs to. This will contain a list of all user categories currently set up in the datafile. See License management for details.
Used to select the name category 1 that the user belongs to. Only used in some customised versions of mSupply.
Use to add or remove an image of a user's scanned signature for displaying on invoices for example
Use to apply 'tags' to a user. These tags can then be used to control access to various features for users according to the tag.
Used to give the following controls to users:
When a user is added to a group, the User can settings are set to those of the group i.e. they are inherited from the group. However, the User can section is still editable for an individual user - the settings are not controlled by the group after the user has been added to it.
These are where you can set access to the many features and functions on a store-by-store basis for each user or group. There are three Permissions tabs and each are shown in the screenshots below:
Most of the permissions are self explanatory. Those that need more explanation are given below:
Permission | Details |
---|---|
Permissions Tab | |
View stock | If not checked the user is not able to view the current stock list (see the 4.15. Show items with stock page), view the Stock tab of an item's details window (see the 4.01.05. Items - Stock tab page), not able to view stocktakes (see the 4.17. Stocktakes page) or view any reports in the Stock and items section on the Reports tab of the Navigator (see the 13.02. Stock and items reports page). If this permission is checked then they can do all these things unless they are prevented by not having other permissions e.g. if a user has this permission but they do not have the View stocktakes permission then they will still not be able to access Stocktakes. |
Update pack size, cost and sell price | If checked the user is able to edit the pack size, cost and sell price of supplier invoice lines that have already had stock issued from them, provided that the SI has not been finalised. See the 7.01. Supplier invoices page for details. |
Add/edit users | To prevent you being locked out of your datafile permanently, mSupply will not allow you to turn off this preference for the first 2 users which already exist when you open mSupply for the first time. You should always treat these users as admin users. |
Access server administration | If this is checked the user will be able to access the server administration windows, as described on the 25.13. mSupply server administration page. Only assign this permission to users who really know what they are doing! |
Add/edit sync sites | If checked the user is able to edit site settings in a synchronisation system (see the 29.02. Synchronisation Sites page for details). This includes being able to use the sync site wizard (29.03. Sync Site Wizard (Superseded)). |
Disallow adding an unordered item to a Goods Received note | If checked the user is not able to add items to a goods received note that are not included on a purchase order (see the 7.02. Goods receipts page for details). |
Permissions (2) Tab | |
Change transportation dates on finalised invoice | If checked, the user can edit the Order written date, Order received date, Expected arrival date, Actual arrival date and Ship date fields on the Transport details tab of finalised customer invoices |
Edit user fields on finalised invoices | The user fields are the 4 custom transaction fields that can be enabled in the preferences - see Invoices Preferences for details. If this is enabled the user can edit the contents of these fields on transactions that have already been finalised |
Change invoice category on finalised invoice | If checked the user can edit the transaction category of invoices (customer, supplier and inventory adjustments) |
Transfer goods between stores | If checked the user can create a customer invoice with a store as the customer (i.e create a stock transfer) |
Finalise stock transfers | If checked the user can finalise a customer invoice where the customer is another store (i.e. a stock transfer) |
Return stock from supplier invoices | If checked a Return selected lines button will appear for the user on finalised supplier invoices, allowing them to return the goods on the invoice. See the 9.01. Returning goods section for details |
Return stock from customer invoices | If checked a Return selected lines button will appear for the user on finalised customer invoices, allowing them to return the goods on the invoice. See the 9.02. Receiving goods back from a customer section for details |
Pack boxes | If checked the user is allowed to manage boxes and assign stock to boxes on a customer invoice, even if the user does not have the Edit customer invoices permission. See the 8.06. Box management page for details |
Permissions (3) Tab | |
Edit stocktake dates | If checked the user can edit the Stock take date field at the top of a stocktake and the confirmed date of inventory adjustments created from the stocktake (see Creating a new stocktake) for details |
Edit store details | If checked the user can edit the store details and preferences, including using the bulk store preferences editor. |
Edit visibility in stores | If checked the user can edit the visibility of names and items in different stores. If it is unchecked they can't - either in the Store tab of a name or item's details window or the Visibility tab of a store's details window (in fact, the Visibility tab won't even be visible for them) |
Add/import customer budgets | If this is checked the user can import or add budgets for a customer, if unchecked they cannot |
View temperature breach configurations | If checked, the user can view temperature breach configurations in the vaccine/cold chain module. See the 20.01. Vaccine Vial Monitoring (VVM) page for details. Temperature breach configurations can only be edited in the Cold chain app or in mSupply mobile. |
View and edit vaccine vial monitor status | If checked, the user can view and edit the statuses that vaccine vial monitors have. See the 20.01. Vaccine Vial Monitoring (VVM) page for details. |
View sensor details | If checked the user can view temperature sensor details. See the 20.03. Cold Chain App Notifications page for details. |
Edit sensor location | If checked the user can edit the warehouse location attached to a sensor. See the 20.03. Cold Chain App Notifications page for details. |
Edit/delete customer budgets | If this is checked the user can edit or delete budgets for a customer, if unchecked they cannot |
Create customer invoices from requisitions | If this is checked the user can create customer invoice from the Create customer invoice button on requisitions. You can use this in conjunction with the Create customer invoices permission on the Permissions (2) tab to force all distribution to be carried out from requisitions. |
View assets | If this is checked, the user is allowed to search the assets in the system and see their details |
Add/edit assets | If this is checked, the user can also change the details of assets |
Setup assets | If this is checked a user can manage the setup of assets e.g. add or edit asset statuses, conditions, properties etc. (see the assets setup page for details of the various setup options) |
Change asset status | If checked, the user can make an asset's proposed status its current status. |
On this tab, you determine what notifications (alerts) a user will see, and when they will see them:
To enable a partuclar alert type for a user simply check the checkbox in the Is enabled column. Any alert type that has its Is enabled checkbox unchecked will not be displayed for a user.
Show notifications window on login: If this is checked, as soon as a user logs in, the notifications window (displaying all the notifications they have selected in the table above), will be displayed for them. If this is unchecked, the notifications window will only be shown when the user click on the notifications icon on the Navigator:
The notifications displayed in the desktop interface will only be for the store that the user has logged in to.
This tab contains permissions that only affect Open mSupply users. Currently Open mSupply must connect to an existing mSupply server, which takes care of the authentication and synchronisation. Soon, when we've re-written the central synchronisation server in Open mSupply, there will be no need for this tab. Until then, permissions that only apply to users of Open mSupply will appear on this tab.
This tab is included in the permissions copying functionality of the Copy button at the bottom of the window (see the Buttons on the permissions tabs section for details).
Permission | Details |
---|---|
Can confirm internal order as sent | If checked then the user can Finalise an internal order in mSupply terms or Send it in Open mSupply terminology. |
Cold chain API access | If checked then the username and password of this user can be used to access the cold chain REST API built into Open mSupply. |
Can modify central data | If checked then the user can edit settings that are counted as central data in Open mSupply e.g. demographics indicators. |
Program permissions | This section is used to define which programs this user is allowed to view or edit data for. The table will contain a list of all the Open mSupply programs that have been setup in the datafile and there will be checkboxes for each in the View and Edit columns. Click on the appropriate checkboxes to check them and give the user the appropriate permissions. The Toggle view and Toggle edit buttons check or uncheck all the checkboxes in the View and Edit columns respectively. If the list of programs is long you can type something in the Search programs box to make the list display programs that contain what you typed only. |
On this tab you set which stores the user can login to:
If there are too many stores in the list, you can restrict the display by typing in the Search stores text box: only stores with names starting with what you type will be displayed.
If you need a more complex type of search then click on the Complex search button and this filter window will open (you will recognise it as very similar to the customer or supplier search window):
Make your filter selections as required, click on the Find button and only the stores which match the filters you have set will be displayed in the table.
The Toggle all in selection button turns on (checks) all the Can login checkboxes for all the stores shown in the list. Clicking it again will turn them off.
The Is disabled column indicates whether a store is disabled or not and can't be edited.
You can check one box in the Default store column - this will be the store the user is offered by default every time they login or switch stores.
In the Can login column you can check the box for each store the user is allowed to login to. All the stores in your mSupply datafile are displayed here in alphabetical order. Please note:
Here some personal details including job title, address and email address of the user can be recorded. The job title will appear in the Job title column in the list of users and the email address is used when using email functionality or other special functions in mSupply.
Other than that, these fields are for reference only, providing a handy place to record information about your system users.
On this tab you set which dashboard tabs will appear on the dashboard when the user logs into it. Of course, you have to set up the dashboard tabs before you can assign them to a user's dashboard. See Dashboard for instructions on doing that.
Once the dashboard tabs have been setup, they will appear in the Available column of this tab. You can see the “Test_tab” in the screenshot above. Anything in the Chosen column will be displayed on the user's dashboard. So, to make a dashboard tab appear on the user's dashboard, select it in the Available column and click on the >> icon to move the tab into the Chosen column. And to remove a dashboard tab from the user's dashboard, simply select it in the Chosen column and click on the << icon to move it back into the Available column.
To create a new user do this:
To delete a user do this:
Note that you won't be able to delete a group that has users belonging to it. If you really want to delete the group, remove all users from the group first by editing their Is a member of fields.
mSupply allows for a high granularity of user permission configuration. There are literally hundreds of user permissions possible for each store in an mSupply system. User groups assist with management of these user permissions.
A user can have permission to view or edit data while logged in to a particular store, either directly or through membership of a group. If you want the user to exercise these permissions then they will also need to have permission to log in to the store .
Show the list of groups by opening the “Edit user” window and then choosing “Groups” from the “Show” Drop-down menu
To add a group, click the Add Group button. You will be shown a window where you add the group name. You then set permissions for the group in the same way as you set permissions for a user (above):
You will only be able to set checkboxes which can have different settings in different stores. Anything that is not a checkbox and or any checkbox that applies across all stores cannot be set in a group's permissions (another way of saying this is that they cannot be controlled by a group). These items will all be disabled when creating or editing a group and are editable in the individual users' permissions only.
First, show the list of groups by opening the “Edit user” window and then choosing “Groups” from the “Show” Drop-down menu:
Then double click on a group in the list. The same window as for adding a group opens but it is populated with the group's current settings. Change these settings as described for a new group above and click on the OK button to save them.
All permissions and most checkbox settings in a user settings are controlled by the group. One exception is login rights to different stores (managed for each user individually). Another exception is whether a user is active or not (active means that they are allowed to login to mSupply). By default, the active status of a group does not set the active status of all users in the group to match. However, you can make all users in a group inactive by editing the group and clicking on the Update status for all members button:
When you click on the Active checkbox for a group it does nothing except changee the state of the checkbox. However, when you click on the Update status for all members button, all members of the group have their Active status set to that of the checkbox in this group.
Groups are a quick way of setting and managing permissions for many people at a time. Users belonging to a group take the permissions of that group: when a user is a member of a group you cannot edit their permissions directly, you must edit the group's permissions. And if you edit the group's permissions, you edit the permissions for every user in the group. To assign a user to a group, do the following:
A menu item on the Special menu of the navigator gives access to a form to view and edit user license categories, including the number of users belonging to them that can be logged in at any one time. A DDL on the user input form allows a user to be assigned to a category and a new permission covers the ability to edit these license categories and membership of them. Finally, a check on the OK button of the login form will check that there are less than the maximum users belonging to the license category the user belongs to already logged in.
Previous: 25.14. mSupply deployment | | Next: 25.16. Show connected users |
The log contains records of who did what and when in the system. It's a useful place to look to find out what happened to certain records and when certain things were done. Some events (lots!) are always logged by mSupply but some are optional and are chosen in the Log tab of the General preferences page.
To view the log, choose View log… from the Special menu. You will be shown all today's log entries when the window loads:
The columns contain this information:
Buttons in the window:
Double-clicking a log entry in the list will bring up a read-only window showing the full log details:
If you want to see log records that were generated over a different period then manually edit the dates in the From and To boxes as required or choose one of the many quick-select options in the drop down list to automatically set them (Today is selected by default):
Additionally, you can choose to show only certain types of event which occurred in the period you have selected. To do that, select one of the entries in the final drop down list on the right hand side (All is selected by default):
If you are looking for log records that are not in the list of common event types described above, you will need to create a custom query. For example, to find a report of all the finalized POs this year:
event_type
finalized_po
Previous: 25.18. Label printer hardware setup | | Next: 25.20. Server troubleshooting |