ERP 2.50:Functional Documentation/General Setup/zh
English | Deutsch | Français | Italiano | 日本語 | Nederlands | 中文 | Translate this article...
这一章节介绍如何建立一个能运转的数据模型，你能看到系统内设置很多，但是如何正确的顺序来做，我会介绍给你。首先，你应该有一个已经安装好的Openbravo了，如果没有，去安装后，再来看这个。使用OB（openbrave）要按照下列顺序。 （图片简单翻译如下，请对照看。） 客户初始化设置——导入数据——生产设置——业务伙伴设置——会计设置——通用设置——应用、客户=实体、安全、组织机构。
本章致力于通用设置。This module improves and increases the performance of OB and allows to setup multiple things.
Openbravo 是个多公司系统.每个客户-实体都被作为一个公司管理。这种管理是各自独立的，每个实体互不相干。 每个实体包括一个或多个组织机构。（实体是集团公司，组织机构是分公司） Openbravo 正常运行至少会有两个实体。一个管理模型数据和原始数据（系统实体），另一个管理实例/交易数据（你建立的公司实体）。
- 1号实体是系统实体。想看这个实体的所有数据都必须用系统管理员的身份登录。初始的系统管理员：Openbravo 密码：openbravo。（请注意大小写） 这个实体有所有的模型数据，包括表、列、窗体、区域、菜单等等。其他实体虽然各自独立，但是它们使用同样的窗体、区域，这些都设置就在这个系统实体。同样，各个实体都需要用到的公共原始数据、通用数据也在这个系统实体内。
- 这个新客户-实体是必须用 客户初始化设置 才能建立的。所有的用户的交易数据都在这个实体中，只有隶属于这个实体的用户才能访问这些数据。
Create a client/建立新客户-实体
要建立一个新客户-实体只有一个办法，那就是使用 Initial client setup/客户初始化设置。因为这个建立客户-实体的过程需要进行大量的后台操作，所以不提供第二种方式，以避免错误发生。
These four tasks are independent so if one of them fails, the process keeps going. But the fact is if data client or financial data fails OB won't work correctly.
1. Data client
This task is in charge of:
- Creates all the trees for the application: Organization, business partner, product, accounting report, taxes report, etc.
- Creates two user and two roles in order to be able to use the application with the new client and adds these two roles to user Openbravo
- Creates an organization
As an example and filling the fields in the Initial client setup window as this way:
- Client: OBSoftware
- Organization: Pamplona
- Client Username: Sirof
- Organization Username: Amedio
The process creates:
- Role1: OBSoftware Admin (Client name + Admin)
- Role2: OBSoftware User (Client name + User)
And relates the users → roles → organization having at the end this structure:
The reason why the process relates the new roles with user Openbravo is because Openbravo is the super user of the application so that user can manage all the entities and the application dictionary.
The difference between Sirof and Amedio users comes from the roles so with the organizations as well. Having access to organization * means that you can see everything in the application independently from the organization. However having access only to organization Pamplona means that you can only see the data related to this organization.
2. Accounting data
This task is in charge of:
- Creates the calendar year
- Creates the accounting schema
- Creates the account element
- Creates the accounting dimension
This task can be avoided if the chart of accounts is not selected. This has sense when OB is not used for accounting purposes just for management.
3. Financial data
This task is in charge of:
- Creates all the document types and their sequence. This is something mandatory to be able to create transactional documents.
From 2.50 MP19 version onwards, this is an optional step. In the initial client setup window, a new dataset is created belonging to core, with all the information about document types, sequences, etc., so core will appear as a module to be applied. If chosen, then all this data will be created for the new Client. If not, nothing will be created, and user will be able to apply this dataset later on through Enterprise Module Management window.
4. Master data
This task is in charge of:
- Creates a sample data (all the data is created with the name standard) to be able to start doing things with the application. It would be like a little configuration. All this data is created under this new entity and with organization * so it can be used by any other organization that belongs to this entity.
Going to General setup → Application → Client → Client other things that can be configured:
- Mailing: Allows you to send emails from the ERP using some functionalities as Alerts, Interest areas. Fields to configure:
- Mail host: The host name of the Mail Server for this client with SMTP services to send mail.
- SMTP authentication: Some email servers require authentication before sending emails. If is your case, define the user name and password. If authentication is required and no user name and password is required, delivery will fail.
- Request Email: Emails for requests, alerts and escalation are sent from this email address as well as delivery information if the sales rep does not have an email account. The address must be fully qualified (e.g. firstname.lastname@example.org) and has to be a valid address.
- Request User: Email user name for requests, alerts and escalation are sent from this email address as well as delivery information if the sales rep does not have an email account. Required, if your mail server requires authentication as well as for processing incoming mails.
- Request User Password: Password of the user name (ID) for mail processing.
- Multi-Schema: Allows you to configure different accounting schemas for the same entity in order to show the account in different ways. For example when a company has to show its income account in different countries so in different accounting schemas.
- Other configurations:
- Allow negative stock. This is very useful when stock control is not required.
- Control the order (PO/SO) organization and the business partner organization and makes sure both are the same.
- Control the shipment organization (MR/SG) and the business partner organization and makes sure both are the same.
- Group invoice lines in accounting in order not having too many entries in the books. This is very useful when the invoices have lots of lines (i.e 200 lines for each Invoice) so instead of having 200 entries for the journal, just have entries grouping by product.
An organization is a business unit within an entity. Each entity can have more than one business unit, to reflect different departments or divisions of the parent entity. Organizations can be structured geographically, by region or by function. Every organization is managed independently, but it is possible to share information between them for example business partners and products.
Organizations are set up using a tree structure so an organization can have access to specific documents and those of the child organization but not to documents of the sibiling or parent organizations.
All the organizations always depends on the super organization called '*', which is created automatically during the Initial Client Setup process. A hypothetical tree could be:
Organizations can be independent of each other in terms of account structures, and reporting, but every organization has the following characteristics:
- It is either a parent, a child or both a parent and a child within a hierarchy.
- It has an organization type.
Organization types enable organizations to work together in a coherent way, by controlling how each organization behaves in relation to other organizations. There are four default organization types, which are sufficient for most business scenarios.
- Organization: when you create a client, the system automatically creates the super-organization (called * or organization 0). In most cases, only the super-organization has an organization type of Organization. The Organization type is not a legal entity and transactions are not allowed.
- Legal with accounting: use where an organization exists legally as a corporation, and needs its accounts transactions to be managed by Openbravo ERP.
- Legal without accounting: use where an organization exists legally as a corporation but does not require accounting functionality from Openbravo ERP.
- Generic: an organization which is not a legal entity but where transactions are allowed.
The default organization types have the following characteristics:
|Organization Type||Legal Entity||Legal Entity with Accounting||Business Unit||Transactions Allowed|
|Legal with accounting||Y||Y||N||Y|
|Legal without accounting||Y||N||N||Y|
If an organization belongs to an organization type where the Legal Entity option is selected, you can specify whether that organization is or is not allowed to open or close its own accounting periods. If period control is enabled for an organization, any user with access to that organization can open and close an accounting period.
When opening a period, the user can opt to also open the selected period(s) for child organizations. However, when closing a period, the selected period is closed for all dependent organizations.
If an organization has multiple accounting schemas, the opened / closed period will also be opened / closed in all associated schemas.
It is not mandatory that each organization has a financial calendar, but where an organization is a Legal Entity, any sub-organizations that require financial calendars must use the same calendar as the parent organization.
You can restrict reports so that they can only be generated for organizations whose organization types have the Business Unit or Legal Entity option selected. In Financial Management > Accounting > Analysis Tools > User Defined Accounting Report Setup if the Balanced option is selected, the Organization field displays only those organizations with a Business Unit or Legal Entity status.
Organization Type Parameters
For most enterprises, the default organization types are enough to enable you to model your organization. However, understanding the underlying settings of organization types will help you decide which organization types you require. Some enterprises may also need to create custom organization types.
In General Setup > Enterprise > Organization Type, there are four options that govern how organizations of each organization type behave.
If an organization type has the Legal Entity option selected:
- Any organization belonging to the organization type is a legally recognized corporation.
Legal Entity with accounting
If an organization type includes the With Accounting option:
- Any organization belonging to the organization type is a legal entity (the With accounting option only becomes available if the Legal Entity option is already selected).
- Any organization belonging to the organization type allows its accounts to be managed by Openbravo ERP. Organizations that do not have accounting enabled are allowed to post financial transactions, if the Transactions Allowed option is selected, but the transactions are not used for financial reporting.
- You can specify whether organizations belonging to that type are allowed to open or close their own accounting periods.
If an organization type includes the Transactions Allowed option, organizations belonging to the organization type are allowed to post transactions for accounting purposes. If an organization is of a type where transactions are not allowed, you cannot include that organization on an accounting document, for example an invoice.
If an organization type includes the Business Unit option:
- Organizations belonging to that organization type are discrete sub-organizations of the client but have no legal status.
- You can specify whether organizations belonging to that type are allowed to open or close their own accounting periods.
Organization type rules
If your enterprise has more than one organization, you must observe the following rules when setting up the organizational structure:
- Each organization must have an organization type.
- Each organization where transactions are allowed must have one, but only one ancestor (including itself) that is a legal entity.
- If an organization belongs to an organization type where the business unit option is enabled, it must have one, and only one ancestor that is a legal entity.
- Only one organization of a type where the business unit option is enabled can be placed in each branch of the organization tree.
- If a legal entity has accounting enabled, it must have either:
- Its own account schema and its own financial calendar, or,
- An ancestor with its own accounts schema and financial calendar.
- If an organization is of an organization type where the Business Unit setting is enabled, it must have an ancestor that is a legal entity.
- If an organization belongs to an organization type where the legal entity or business unit option is selected, you can specify whether that organization is allowed to open or close its own accounting periods.
It is recommended that you enable period controls on all organizations of legal entity with accounting and assign each legal entity organization its own calendar
- Once an organization has been made ready, you cannot change the organization type.
- You cannot use more than one financial calendar within the same branch of the organization tree, so a child organization cannot have a different financial calendar from its parent organization.
- If an organization is the descendant of a legal entity with accounting, when you try to complete an accounting document (for example a sales invoice), Openbravo ERP checks that the accounting period is open. If accounting is not enabled, no check takes place.
The security permissions in a multi-organization follow this schema:
- Allowed to create documents in any organization except Org *
- Allowed to see data related to any organization
- Allowed to create any master data in any organization including Org *
- Allowed to create documents in Main org and Org1
- Allowed to see data related to Main org and its child organizations (org1, org2). Also the possibility of only selecting the Org1
- Allowed to create any master data in any organization except in Org2
- Only allowed to create documents in Org2
- Only allowed to see the data related to Org2
- Only allowed to create master data in Org2 including Org *
See also Setting up an organization section of the Configuration Manual.
In this tab there are two very important fields that needs to be well configured:
The calculation of taxes depends on this because when a tax is configured there are four fields that must be correctly setup: Country from/Country to, Region from/Region to.
So in a procurement flow, OB takes the Country from and the Region from from the supplier location and the Country to and Region to from the Organization location.
In a sales flow, is the other way around.
- Business partner
This business partner is used for internal processes that needs a business partner. For example in internal transfers. Doing internal transfers (i.e from the cash journal to the bank account) means create two bills (one payment, one receivable) so a business partner is mandatory for this.
Not having this business partner setup the process Financial management → Receivables&Payables → Transactions → Funds transfers won't work.
The purpose of this section is to explain the current model for Openbravo security.
Security can be divided into functional and data. Functional Security defines access to different application elements while Data Security determines which data inside those elements is accessible or not.
Vertical security manages the definition of users, roles and permissions adding users to roles and making possible to decide if a user can access to a determinate element (for example to a window, form, process)
So the issues involve in vertical security are:
Users are the entities that can log into the application. The minimum requirements for a user to be able to log in is to have a password and at least one role associated. A user is supposed to be a representation of a person (each person should be a different user)
Roles are the connection between users and permissions, permissions are associated to roles and roles are linked to users. A role defines what information is allowed and which is forbidden. Despite of the fact that a single user can have multiple associated roles, only one role is effective at the same time: although the logged user has more than one role she or he will have to select one role or another one in order to have different access permissions.
Different permissions can be associated to a role. The effect of this is that the role will have access only to those elements having permission to.
Permissions are defined in the following levels: Organization Access, Element Access (windows, forms, processes...) and Table Access.
- Organization Access: Defines which organizations have the role access to.
- Element Access: A role can have access to these application elements Windows, Processes, Forms, Workflows and Tasks. For each of these elements to be allowed for a role it is necessary to explicitly give access to it. This means that, for example, only those windows with access linked to a role will be accessible for it.
- Table Access: This element grants access in a different way than the others. Here it is possible to revoke access to the selected tables. When permission is not allowed for a table the tabs associated to it will not be accessible.
Horizontal Security is managed by clients, organizations, access level and user level. Thus is decided which data is accessible and which is not.
Data access level
Access level defines from which client/organizations is data visible. Access level is set for tables, processes, forms, workflows and tasks, so any of this elements has one access level. There are five possible levels:
The access permissions for them is described in the table below, where:
- Client 0: Client which shares its data among every client
- Organization *: An organization within a client sharing information between all the organizations in the same client
- Non 0/Non *: Only data in a non-0 client or non-* organization is visible and Any denotes that any type of data is accessible:
|System||0||*||Only allow to see records with client 0 and Org *. For example the application dictionary records|
|System/client||Non 0||*||Only allow to see records in any client except 0 and see Org *. For example master data records|
|Organization||Non 0||Non *||Only allow to see records in any client except 0 and see any org except *. For example transactional documents|
|Client/Organization||Non 0||Any||Only allow to see records in any client except 0 and see any org. For example transactional documents, master data
|All||Any||Any||Allow to see anything|
Every role has a user level which is used in the vertical security way in order to allow or deny access not only to data but to the whole element (for example to a window). There are three possible user levels (and their combinations): Client, Organization and System. User level is used in conjunction with Data Access level, so only roles defined with a type of user level can access to some types of elements defined in some Data Access level, it's summarized in the table below:
|Data Access Level||User Level|
|System/Client||System or Client|
|Client/Organization||Client or Organization|
|All||System, Client or Organization|
Log in security
Log in security includes 2 features: User/Password check time delay after failed log in and Locking Users.
These 2 features are intended to prevent bots doing Brute force attacks to find out a user/password.
Both of them are configurable using the Openbravo.properties file. Note that Openbravo.properties is read for this purpose from sources directory, so it is not necessary to deploy the application nor restart Tomcat if they are changed.
User/Password check time delay
A time delay can be included for the log in user/password check after an invalid log in attempt. This delay is applied for a user in case the last time he/she tried to log in the application did not enter a valid password. This delay makes bots to spend much more time trying to guess a password for a user, making them virtually unusable.
The delay increments each time the user fails up to a maximum time. Once there is a correct log in for that user, the delay is reset and it will be applied again in case of new fails.
It is configured through 2 properties in Openbravo.properties file.
- login.trial.delay.increment: Number of seconds the delay increases after each log in fail. In case this property is not present, it is empty or it is 0, there will not be delay. It is defaulted to 5 seconds.
- login.trial.delay.max: Maximum delay time. Once this delay time is reached, the increment defined in the previous property is not added any more. In the same way as the one above, if it is not present, it is empty or it is 0, there will not be maximum delay time, so the increment will be always added. It is defaulted to 60 seconds.
Users can be locked after a number of failed log in trials. Once a user is locked he/she cannot log in the application until the user is unlocked. A message informing about this situation will be displayed.
The number of trails before the user is locked is configured by the login.trial.user.lock property. If it is not present, empty or 0, users will not be locked and locked users will have access to the application again. It is defaulted to 0.
Unlocking Locked Users
When a user is locked, it can be unlocked by an admin user. To do so log in as admin and go to General Setup || Security || User window. There uncheck the Locked field.
If admin is locked, it will be necessary to (temporary) disable the user locking mechanism by setting login.trial.user.lock property to 0 to allow access. Once the admin has logged in the application, this property can be restored to the previous value. Now you can proceed to unlock the user as explained in the paragraph above.
Setup background process
Any background process can be defined in OpenbravoERP. This processes can be developed as a PL or java file and they can be scheduled and automatically executed. Processes can be executed at whatever interval is required, daily or on the specific days of the week, as a recurrent event or a one-off at a particular time.
The steps to create and setup a process are:
- Create the process in the application dictionary
- Create a schedule for it
Also the background processes can be activated or deactivated and this is very useful because sometimes when the process can run manually first is mandatory to stop the background process (i.e:PeriodicAcctServer)
OpenbravoERP is a multilingual application which means it is possible to see the whole interface in different languages.
See the steps for import/export translations.
In Openbravo database exist some tables that have their own translation table. All these kind of tables must be filled in English and the translation ones in the language that user wants. Whenever you login in English you see the data from the original tables, but if you login in a different language you will see the data from the translation tables.
See the relation of the translations and tables.
Initially (from the installer) the translation tables comes in Spanish as a default language so means all the tables have their translation in Spanish.
The way to import/export translation work is:
Setup default values
In OpenbravoERP there are three ways of setting default values:
- Checking a record as a default value: In some windows you can define the default value of a list of values. These windows have a field "By default" so just checking the flag, the record will become a default value (i.e. Document type window)
- Through the application dictionary: Another way is going to the column that relates to that field and write the default value. So whenever you get to a window that contains that column it will be filled with that value. Please note it will only happen when creating a new record
- Using preferences: This is a more sophisticated way of configuring default values. It is possible to define a default value for a specific window, specific user and specific field
Whenever a user logs in, the application establish some session variables and within these are the default values. These all default values are managed in a hierarchy way.
A default value is set in Financial management->Accounting->Set up->Document type marking the record "POS Order"
Now as you are still logged in, if you go to the Sales order window and click New it won't show up the value "POS Order", but logging out and then logging in, the application will establish the new session variables and the "POS Order" value will show up
Maintaining the default value from example 1, the user may decide to set up another default value through the application dictionary in the same table as the window "Sales order" uses.
In this case the user must go to Application dictionary->Tables and columns-> and select the table C_Order. Then select the column C_Doctypetarget_id and fill the field "Default value" writing the ID for the corresponding document type. Let´s write for this example "Warehouse order".
This set up will have effect after the application is compiled
So now for the same window the OpenbravoERP has two default values, POS order and Warehouse Order, but this won't be a problem as the default values work in a hierarchy way.
The default value for the window will be "Warehouse order".
Finally the user decides to set up a new default value for the window "Sales order", but, in this case, using the preferences method.
The user should go to General set up->Application->Preferences and select the window, write C_Doctypetarget_id in the attribute field and the ID of the corresponding document type (e.g. Standard Order)
As before, only by logging out and logging in again will the new default value be established permanently.
So at this point OpenbravoERP will have three default values:
- By marking "By default" from the window Document type: POS Order
- By the application dictionary: Warehouse Order
- By the preferences menu: Standard Order
But the definitive default value will be "Standard Order" because the preferences method is the most restrictive way of setting up default values
Alerts are the way Openbravo ERP informs users about virtually any event that happens in the system and the administrator has defined a rule to show it.
The work flow for alerts is as follows:
- Administrator creates alert rules, which include a SQL clause defining the event that is going to be monitored and the recipients for the alerts.
- A background process is permanently checking if the conditions defined in each of the active alert rules return any line, in this case a new alert instance will be created for each of the returned lines.
- When a user logs in the application there is another process that constantly checks whether there are alert instances whose recipient is the current user and shows them to the user.
For more information click here
The way of configuring the menu in OpenbravoERP is easy and simple. The menu is organized in a hierarchy way as a tree node.
There can be two types of nodes:
- Folder: Group nodes
- Final node: Nodes that have an action related and can be
- External link
- Internal link
To add these actions in the menu and working:
- Create the element through the application dictionary: Windows, Reports, Process, etc.
- Compile the window, process, etc.
- Create node into the menu and add the action
- Finally move the node within the menu
When a node group different nodes, no actions can be related. For example when you create a new module or different sections inside a module (i.e. Reports, Set up)
See how to change the order in the menu.
Preferences can be manually set from General Setup || Application || Preference window. They can also be populated by modules.
The list of principal preferences defined in core is:
- Startpage of the user: The page to which the user is redirected after logging in. This is a relative url:
- if your startpage is a standard html page then you can point to it directly, for example: /web/org.openbravo.client.application/index.html
- if your startpage is a form defined in Openbravo then you should pass the form url as a parameter like this: /security/Menu.html?url=/myModule/newOpenbravoHome.html
- Note to workaround the startpage preference you can pass in the noprefs parameters. The url to use is then: http://localhost:8080/openbravo/security/Menu.html?noprefs=true
- Implements Customer Credit Used calculation:Avoid the C_BP_SOCREDITUSED_REFRESH function calculation.
- Implements an alternative Financial Management: Alternative Financial Management implementation within the module.
- Implements Payment Monitor management: Disables core's background process and button on invoice's header that manage the Payment Monitor
Upgrade from a previous MP
Preferences are loaded in session when logging in the application or changing the current role. The way they are loaded has slightly changed in 2.50MP16.
- Prior to 2.50MP16. All preferences defined for a concrete client/organization (different that System), where loaded in case the used role had explicitly granted access to those organizations, but organization tree was not taken into account. For example, assuming a organization tree like *, A, A1, B being A1 below A in the tree and B at the same level of A. If the same preference has values for A and B, and a role (role1) with access to A and B logged in the application the preference value was unpredictable because both (A and B) were loaded, for a role (role2) having only access to A1, no preference value was loaded.
- From 2.50MP16. Preferences are loaded for the currently used organization (not the granted ones) taking into account the organization tree. So for the previous example, role1 logging in organization A would load preference value for organization A, role1 logging in organization B would load preference value for organization B, role2 logging in organization A1 would load preference value for organization A.
Because of this change, When upgrading core from a version prior to 2.50MP16, depending the preferences defined in the instance, it is possible some changes in the behavior. These cases are detected during the upgrade process displaying a warning. Administrator should take care of these cases. Note that this warning only appears during the upgrade process from a version prior to 2.50MP16 to 2.50MP16 or higher, but it will not appear again.