Skip to end of metadata
Go to start of metadata

ARCHITECTURE

Business applications change over time. They need to utilize new technology and always need to provide additional and smarter functionality. Packaged applications must also support additional customer specific functionality, although it is often not suitable for integration in the core functionality (e.g., customizations and certain extensions).

Even though it is known that requirements for packaged applications are constantly changing over time, very few applications are designed to sustain change and additions.

Business applications can have a long life expectancy and tend to provide more functionality over time due to enhancements, so it is important to provide a framework to manage this proliferation of complexity. If applications are not designed to sustain increasing complexity they will become unstable as extra functionality is grafted onto the base application.

Compiere uses the following design principles in order to create a sustainable architecture:

  • Small-talk's MVC architecture (decoupling of Model ­View Controller)
  • Asynchronous decoupling of processes via messages
  • Explicit Rule Engine for complex logic
  • Safe-­fail transactions and recovery

Compiere has an Object Architecture (compared with Object-Oriented, Object-like, or traditional Architectures). Every Object is as independent as possible from other Objects ­including transactional decoupling.

Early versions of the Compiere architecture were designed in the mid '80s using Smalltalk, one of the first truly object oriented languages and environments. Other early roots of the architecture are based on the 'Next Generation' project of ADV/Org, which was very similar to SAP's original R/3 project.

SMART USER INTERFACE

The Application User Interface and HTML screens are generated at runtime based on rules in the Application Dictionary. The result is a consistent User Interface, allowing users to navigate quickly in unfamiliar application areas. This method of generating a user interface enables rapid development and the resulting system is much more stable than comparable applications. This method also enables screen layouts to be modified or extended and new windows created by system administrators without the need to modify any code. Users automatically see the "new" window the next time that they select that menu item.

The "rich" Windows Application User Interface utilizes the computing power of today's PCs and is preferable in situations where fast reaction and navigation is important. The "reach" HTML User Interface allows to the use of the application wherever an Internet browser is accessible. Not every function of the rich window is available via the html window however, the majority are.

The Data Dictionary knows about structure and dependencies. This allows a user with the right access to zoom from any Pick List to the window where the data is maintained in order to update or enter new information. Users can enter a new customer or update existing customer information while entering an order without leaving the original window.

The Data Dictionary allows the user to quickly access information. If more entity information than, for instance, a company's name is required to be viewed, the 'Info' functionality can be invoked. For example, the Customer Info includes address and credit line information; the Product Info includes prices, margin and availability. Info is used if the user needs more information to make a choice and is always available. The selection can be sorted and where appropriate, multiple records can be selected.

Users can Query records. Queries reduce the number of records in a window by allowing the user to enter one or more selection criteria in an enhanced 'query by example' style window tab accessible throughout the application.

SYSTEM SECURITY

Compiere provides comprehensive, yet flexible security to meet the users' needs. Function security is based on User Roles, which control access to Windows, Reports, and Processes.

Data security for Client and Organization information is maintained at database level through the security context. This is an additional level of security after the normal database user login. Before accessing any data, the user must login via a stored procedure with application username, password, role, and optionally the user's language preference. All passwords are stored in encrypted form.

It is difficult to talk in general terms about the security in applications and the following is intended to provide a brief overview of the flexibility and power of the security functionality in Compiere.

Roles

The first level of Security in Compiere is defined by Roles. Users are able to logon to Compiere with a specific Role. A User may have many roles but is granted access to Compiere based on the single Role selected at login.

Roles define the first level of Security, the Organizations, Windows, Processes, Forms, Workflows, and Tasks (hereafter "Entities") that the User can access. The User does not see menu items that they cannot access.

Roles also define the actions that a User can perform in the Entities they can access by Role Control.

Role Control

The Role definition allows a series of actions to be enabled or disabled for the particular Role.

The "Show Accounting" check box ­allows the Role to access the Accounting tabs on windows The Accounting tabs allow modification of the GL accounts, to which transactions generated by Documents such as invoices, goods receipts, and payments post. The "Show Accounting" check box also controls the display of the Posted/Not Posted button on Documents, which allows the user to force immediate transaction posting rather than batch processing of transactions. It also controls access to the Account Info window, which allows the display of accounting information, which would usually be restricted.

Additional actions to be enabled or disabled for a particular are as follows:

  • The "Can Report" check box ­allows the Role to have the ability to execute reports.
  • The "Can Export" check box ­allows the Role to have the ability to export data.
    Note: A Role must have the ability to Report to be able to Export.
  • The "Personal Lock" check box ­allows the Role to "Lock" records so no other Role can access them.
  • The "Personal Access" check box ­allows the Role to access Locked records regardless of the Role that locked the record.
  • The "Read-Only" check box ­controls whether the Role is allowed to update records.
  • The "Dependent Entities" check box ­controls whether access should also be restricted for other screens and processes that use this record such as allowing someone dealing with Payments Terms to be able to see Orders, Invoices, etc. where any Payment Term is used.
  • The Overwrite Price Limit - Controls the ability to override any price limits when entering orders or invoices.
  • The Maintain Change Log - Determines whether or not the system will maintain a log of changes made by users of this role.
  • The Access all Orgs - Controls access to organizations. If this box is not checked it is possible to restrict access to the organizations assigned to the specific user.
  • The Preference Level - Controls the ability of users of this role to set preferences at the Client, Organization, Window or User level.

Role Data Access

The second level of Security in Compiere is Role Data Access. For a given Role and its privileges, the security can be further refined by defining access for specific tables, columns, or records. For example:

  • Specific Users may only create Sales Orders with Payment Terms of "Immediate"; they are not allowed to offer Credit payment Terms.
  • Users can be prevented from using specific accounts in GL Journal or to see the balances for these accounts.

This can all be accomplished using Role Access.

Personal Lock

If the Role has Personal Lock enabled a padlock icon appears on the toolbar: The lock in the open position indicates that this record is open to all users. The lock in the closed position indicates that this record is open to only the user who locked the record and those users whose role has Personal Access enabled.

Note: Personal Lock is currently only available in the Java Client.

HELP SYSTEM

Compiere has many levels and types of help and support functionality. Some is intended to help the user and other parts are intended to help the support person attempting to assist the user.

Help for the End-User

Compiere provides on­line, context ­sensitive help for each field on each screen. Hovering over the field name on a window displays the abbreviated help for that field. Users can also mouse click on the HELP button on the toolbar to be provided with access to more extensive help.

The abbreviated and longer help messages are stored in the Active Data Dictionary with the details of the field that the help relates to and the text can be changed or extended by any User with the necessary privilege.

In addition, clicking on the HELP button on the ribbon menu on the top of the screen in the Java Client, displays two further help options.

The first is on­line help, which opens an internet browser screen, which points to a website where additional help information may be stored in a web server managed by the User organization, which could contain procedural manuals and the like for the organization.

Help can be accessed in the Web UI by selecting the help tab in the upper right.

Help for Support Staff

The second help option button creates an email to the User organization's nominated support person or group from the user. The email contains the full information about the user's application/system environment and information about the task being performed when the query was created. This information provides the support person with the context of the user's action, which has caused the support request.

In addition to the above, in the user preferences there is a variable "trace level" indicator, which controls the granularity of logged information.

SCALABILITY

Compiere is highly scalable. Factors contributing to its scalability are as follows:

  • A very wide choice of hardware and operating systems.
  • The use of Oracle (or equivalent) as the underlying database.
  • The ability to deploy multiple application servers.

Scalability by Design

The design of Compiere provides for the de­coupling of document posting processes so that data which requires instantaneous update is posted separately from less urgent transactions such as, say, matching a payment and an open item invoice.

Compiere users are not required to "post" the financial consequences of transactions to the system since the application server periodically (under administrator control) sweeps and posts all non-posted transactions.

The de­coupling of time critical postings from less time critical postings allows background tasks to occur without affecting more urgent tasks. Transaction de­coupling is the basis for this capability.

Labels
  • None