The issue with access rights arises due to the need to limit the rights of a user in 1C (or a group of users), which implies a ban on performing any actions with certain objects, for example, viewing, recording, editing, etc. Or, on the contrary, due to the need to grant (expand) user rights in 1C, which in reality most often follows a system message about an access rights violation (for example, insufficient viewing rights) and the user’s request to administrators about this.
To make adjustments to the access rules and change the rights to view a particular section or for any other action, you need to go to “User and Rights Settings”, which can be done with user mode enabled on the “Administration” tab (provided, of course, that there are rights to this).
As already mentioned, access groups include specific users, and the groups themselves have access group profiles that combine roles. Essentially, a role is metadata, the variety and quantity of which depends on the configuration. As a rule, there are quite a lot of roles and it is easy to get confused in them. It is worth remembering that one extra assigned role can open access to objects to unwanted users.
A description of user rights is available on the “Description” tab.
Roles are viewed through the “Users” directory element, which can be accessed by clicking on a specific user.
A report on access rights is also generated here, which displays the status of access to specific system objects.
The far right column "Record Level Limits" is additional conditions, restricting actions with database objects. Essentially, this is a query that is executed at the time of operation and tells whether it is possible or not to work with the object.
The screenshot shows that the document “Entering opening balances” is available to the user, but access is only possible to certain warehouses.
Thus, you can establish access or change rights in 1C by adding a user to a particular group in user mode.
The group itself can also be changed, for example by adding a value to the access restriction.
Administrator rights allow you to manage rights in the configurator mode, where standard roles are already defined. For example, a role with a very explanatory name “Basic rights”, as a rule, provides the ability to only read or only view an object.
To manage rights to change objects, special roles for adding/changing data are provided.
If you know which object the user does not have enough rights to, you can:
- From the opposite: look at the “rights” tab for a specific object, at the top we will see all the roles available in the configuration, and in the lower window - the rights. The presence of certain rights to the object is marked with a tick. Rights for new objects are set in the same way.
- Open the role assigned to the user, and by selecting a specific object in the left window, see the list of rights in the right window, that is, the actions that a user with this role can do with this object - reading, adding, viewing, etc.
Thus, all possible rights in the system are predefined. Read, add, modify, view, edit and other rights can be turned on or off in any role for any object. It is impossible to assign rights separately without using roles. To differentiate user rights, you must assign the appropriate role. The “All roles” table, created in the configurator, becomes a convenient tool for analyzing rights and roles.
The screenshot shows that the “Full Rights” role has the maximum amount of rights. And if the task of limiting users’ rights is not worth it at all, you can safely assign this role to all users, forever getting rid of user questions.
In practice, as a rule, in most cases, “fool protection” is still necessary. More or less everyone needs to insure themselves against unwanted data changes. large companies. This is where the roles built into 1C come to the rescue. Understanding the diversity of roles is not easy and takes a lot of time. Therefore, creating your own role to solve practical problems can often be the only way out. Let's consider this point in more detail. You can add a role in the metadata tree.
In the new role, you can differentiate rights by simply checking the boxes next to the corresponding right.
The checkboxes at the bottom of the window indicate that rights will be automatically assigned to new metadata objects/details and tabular parts object for which rights are assigned, and also whether rights relative to the parent object will be inherited.
Access rights restrictions are set in the lower right window of the new role. This powerful tool, which allows you to restrict rights at the record level, i.e. provide access to exactly the necessary data. If a simple assignment of rights can only “straightforwardly” give or take away rights to act with an object, then the restriction mechanism allows you to flexibly configure access rights regarding data. For example, limit reading and viewing data for only one organization.
The data access restrictions designer allows you to create a condition by which access will be limited.
Restricting access rights is described in the form of language constructs. To facilitate their creation, the use of constraint templates is provided. It should be noted that the use of this mechanism directly affects performance, because the system, when accessing any object, needs to read and comply with these restrictions. This process takes up computer resources and slows down work.
In conclusion, I would like to note that 1C, as a developer, has taken care of the availability of ample opportunities for administrators in terms of editing rights in their software solutions. And if at first glance these tools may seem complex and redundant, then later, especially when trying to build an effective access scheme in the context of a multi-level, branched personnel structure in an enterprise or organization, it becomes clear that the functionality of the program fully corresponds to real needs.
Today we'll talk about setup user rights in standard configurations 1C.
As an example, we will use a demo version of the ZUP configuration version 3.1, in which several users have already been created and rights have been configured for them. As you know, to restrict access to configuration objects (directories, documents, etc.), roles are used that can be assigned to certain users. It's in the very simple version. But when the number of users in the information base reaches several tens, and sometimes hundreds, it is quite problematic to manually mark the necessary roles for each user. Therefore, in typical configurations, as a rule, a mechanism is implemented that allows you to organize users into groups and assign roles not to each user individually, but to an entire group. This allows you to save significant time.
So, to configure user rights in a typical configuration, the following reference books are used: Users, Access Groups And ProfilesGroupsAccess. The connection between these directories can be schematically represented as follows:
Thus, each user can be a member of one or more access groups. In turn, each access group is associated with its own profile. And the roles are already directly linked to the profiles, which are edited in the configurator.
When you first launch a configuration in enterprise mode, standard groups and profiles are automatically created.
Now let's take a closer look at these reference books. Access to them is available on the tab Administration In chapter User and rights settings
In the window that opens, all three directories are available to us.
Let's look at them briefly.
By default, when creating a database on the cloud from a template, you must select a user to enter the program Administrator, with empty passwords.
It is not recommended to use this account for everyday work.
To differentiate access rights and increase the level of security, it is recommended to create user accounts and specify certain permissions for working with the database.
Creating users for 1C 8.2 databases
To create a list of users, open the database in Configurator.
Go to the "Administration / Users" menu. To manage the list of users, you must have Full rights in the database. 
Click the "Add" button. 
In the window that opens, fill in the fields:
Name- the name that will be displayed in the user selection list.
Full name - the name that will appear in the database when performing operations.
flag Authentication 1C:Enterprise- allows you to set a password under which the user will log into this database.
flag Show in selection list- allows you to hide or show the user in the launch window. If the user is hidden in the selection list, then you can log in using his data by directly entering his name and password. 
flag Authentication operating system
allows you to link your 42 Cloud account to account in the 1C database.
When installing this option, you will need to select from the list your login on the 42 Clouds website(tip: start typing your username to search the list). 
On the "Other" tab, you need to specify for users the roles that they can perform in the database.
The list of roles depends on the user's responsibilities.
Note! To launch the database on the cloud, check the “Run thick client” and “Run thin client” flags. 
After the task necessary settings, click OK. Now the created user can work in the database.
Creating users for 1C 8.3 databases
Creation of new users in such configurations as Trade Management 11.1, Enterprise Accounting (edition 3.0) occurs in the mode of working with the database, in the Users directories. Created users will be included in the Configurator automatically after creation. 
Go to the menu “Administration / Setting up users and rights / Users”. Click the Add button. To manage the list of users, you must have Full rights in the database.
Enter a name, give permission to access the database (by checking the box) and select an authorization method (either entering a login and password, or logging into 1C under a domain account). Fields" Individual""Division" are optional, used for analytics.
To work with the database, you need to add rights to the user in the “Access Rights” section. The set of groups can be changed and edited in the User Group Profiles directory.
Disabling access to the database
To disable access to the 1C user database, simply uncheck the “Access to the infobase is allowed” flag or change the password.
When setting up a user through the Configurator (for 1C 8.2 databases), it is enough to remove the user from the list.
Creating users for 1C 8.3 databases (Taxi Interface)
To configure access rights, log into the database in 1C Enterprise mode on behalf of the Administrator and go to the User and rights settings / Access group profiles section, click Create group.
Enter the name of the group and check the boxes for the roles available to users in this group. Example of a group that will allow users to use external treatments includes the following roles:
- Interactive opening of external reports and processing
- Using additional reports and processing
Click Burn and Close
Return to menu Users and select an employee from the list, click Access rights. In the list of profiles, select the previously created profile. Click Record.
Hello dear blog readers. I had to delay the next article a little due to intensive reporting and big amount incoming questions regarding this matter. By the way, you can ask your questions in the chat or send messages directly to me by email. But enough advertising) Today we will talk about the new useful and interesting opportunities that it gives us new platform 1C Enterprise 8.3 and configurations built on its basis: Salary and HR Management 3.0 And Enterprise Accounting 3.0.
The article will talk about how to configure user access yourself only to those documents, directories and reports that he needs for work and limit access to the rest. This will help us command interface with flexible settings, which appeared in 1C programs version 3.0. Discuss features differentiation of access rights on program objects we will be based on the 1C ZUP 3.0 configuration, but the same mechanism can be successfully used for software product 1C Enterprise Accounting 3.0. Actually, I studied this issue when I assisted in setting up users in Bukh 3.0.
How to create a user in normal user mode of 1C edition 3.0
✅
✅
✅
I would like to immediately note that we will have to work with both the normal user mode of operating the program and the configurator mode. There’s nothing scary or complicated about this, you don’t have to program) I’ll also immediately note that the screenshots in this article will be presented from something new that recently appeared in programs 1C edition 3.0 of the Taxi interface. To switch to it, just open service menu and find the settings there. In the settings window, in the radio button group " Appearance“You should select the “Taxi” interface and restart the program. Although, for those who are comfortable staying in the normal interface, all documents, reference books and settings that I will discuss in the article are identical in these interfaces.
Let's look at a situation where you don't yet have the required user. You must create a user in normal user mode. Go to the “Administration” section of the main menu and there we find the “User and Rights Settings” item.
If required, you can immediately set a password.
Now, regarding the access rights for this new user. There is no need to install them. You can access the access rights settings directly from the form in which the user is configured. Just click on the “Access Rights” link at the top of the page. So, it is necessary that in the access rights (and on the tab "Access groups", and on the bookmark “Allowed actions (roles)”) everything was empty. We will configure rights not in user mode, but in the 1C configurator, a little later.
But there is an important feature in this regard. It is necessary that there is at least one user in the database who has administrative rights. My user is Administrator. He is a member of the access group "Administrator" and has roles "System Administrator" And "Full rights."
Now we should go to the configurator mode and continue configuration there. To do this, when starting 1C, select the desired database and click the “Configurator” button. Just don't log in as a new user. He does not yet have any rights, and work will be impossible. You must log in as a user with full rights, in my case it is “Administrator”.
 |
After opening the configurator window, let's make sure that the one we created is also displayed here. New user. The list of users in the configurator is stored in the main menu section “Administration” -> “Users”.
Please note that the user has a question mark. This means that no role is defined for it, i.e. in other words, no access rights are specified. "Roles" is a configuration object. Each role establishes a set of documents, directories, and reports that a user with this role has access to. We can see all available roles if we open the user and go to the “Other” tab.
Let me remind you that we need to configure an employee’s access to a random set of documents, reference books and reports. At the same time, I didn’t even specify which set we were talking about, it’s not that important. But the important thing is that for such cases there is not and cannot be a suitable role in the configuration. 1C developers are not able to provide for all possible options for restricting access to objects that are encountered in practice. And the end user’s requests can be very extravagant.
Editing mode for a standard configuration in 1c
✅ Seminar “Lifehacks for 1C ZUP 3.1”
Analysis of 15 life hacks for accounting in 1C ZUP 3.1:
✅ CHECKLIST for checking payroll calculations in 1C ZUP 3.1
VIDEO - monthly self-check of accounting:
✅ Payroll calculation in 1C ZUP 3.1
Step-by-step instruction for beginners:
As you probably already understood, I am leading to the fact that we will have to create your own role. In this case, one important detail should be discussed. Creating a new role means making a change to the standard configuration. For those whose configuration has already been finalized and is not standard, nothing will change. To begin with, I’ll tell you how to determine whether the configuration is standard or not.
First, you need to open the configuration. To do this, in the “Configuration” section of the main menu, click "Open configuration". After this, a window with a tree structure of all information base objects will appear on the left side of the configurator. Secondly, also in the “Configuration” section of the main menu, go to “Support” -> “Support Settings”. A window of the same name will open. If the window looks like in the screenshot, then your configuration is standard. By this I mean the presence of the inscription "Configuration is being supported" and the presence of a button.
So, if you have a standard configuration, then we will have to enable the ability to change it, otherwise we will not be able to create a new role. Separately, I would like to note that from the point of view of updating there will not be any special difficulties, since we will be creating a new role and not changing existing ones, therefore all standard configuration objects will remain standard. To enable the ability to edit the configuration, you need to in the window "Support Setup" press the button "Enable editability".
Perhaps in future publications I will write in more detail about this kind of update. So, in this window we need to answer “Yes”.
Next, the “Support Rules Settings” window will open, where you need to select the “Supplier object is edited while maintaining support” radio button. For our task this will be quite sufficient. Just keep in mind that after clicking “OK” you will have to wait a bit before continuing.
After this, the locks should disappear in the tree of configuration objects (remember, when we opened the configuration, it opened on the left side of the configurator), and the message “Support Settings” will appear "The configuration is being maintained with the possibility of change."
How to create a new role in the 1C configurator
✅ Seminar “Lifehacks for 1C ZUP 3.1”
Analysis of 15 life hacks for accounting in 1C ZUP 3.1:
✅ CHECKLIST for checking payroll calculations in 1C ZUP 3.1
VIDEO - monthly self-check of accounting:
✅ Payroll calculation in 1C ZUP 3.1
Step-by-step instructions for beginners:
Now we can start creating a new role. Let me explain once again what a “Role” is - this is a set of rights that determine the ability to view or edit directories, documents and other configuration objects. View and edit are the most understandable permission options, but there are many others. To make it clearer, let’s select the “Full rights” Role in the object tree (General -> Roles -> Full rights). The settings window will open. In this window, all program objects (directories, documents, reports, etc.) are listed on the left, and on the right are the rights that are defined in this role for each of the objects. You can see this in the screenshot.
Now let me remind you of the problem. We need to ensure that the user can work only with a limited range of documents, reports and reference books. The most obvious option is to create a new role and define access only to the necessary objects. However, the configuration has a large number of all kinds of service objects, such as constants, general forms, common modules, registers for various purposes and for normal operation The user needs to have access to these shared objects. There are quite a lot of them and it is very easy to miss some object. Therefore, I will propose a slightly different approach.
Let's create a new role by copying the default Full Rights role. Let's call this new role “Role_Frolov”. To edit the role name, you need to go to the properties and specify a new name without spaces.
Now let's set this role for the user “Frolova”. Before this, we need to save the information base so that the newly created role appears in the list of available user roles. Press the F7 key or click the corresponding button in the toolbar. After this, we can set this role for our user. Go to the list of users (Administration -> Users) and on the “Other” tab, check the box next to the “Frolov Role” role. Click "Ok".
For now, this role is completely identical to the original one (“Full rights”). We will leave it this way. Bye. And we will set up access to documents and reference books, using the flexible configuration capabilities of the 1C program command interface.
How to configure command interface elements in 1C
Now we have to return to normal user mode, i.e. as during normal work in 1C. We need to launch under our new user - Frolov S.M. This can be done from the configurator. However, you must first set the setting so that when you start the Enterprise from the configurator, you are prompted by the user under which it should be launched. To do this, in the main menu, select “Tools” -> “Options” and on the “Launch 1C:Enterprise” tab in the “user” section, set the “Name” switch, click OK and we can launch the user mode directly from the configurator. To do this, use the command from the main menu “Service” -> “1C:Enterprise”. And don’t forget that we must select the user Frolov.
When the program starts under the user Frolov, all objects will be available to him, since his role was created by copying full rights, and we did not change anything. Let's assume that this user only needs to retain the capabilities of personnel records, but not everything, but only admission, transfer and dismissal. First, you need to remove all unnecessary sections and leave only one - “Personnel”.
To do this, go to the service menu View -> Setting up the section panel. In the window that opens, move all unnecessary sections from the right column to the left.
Now note that we will only have 2 sections “Main” and “Personnel”. We cannot remove the “main thing”, so it is necessary to leave only the necessary links in this section. To do this, go to this section and in the right top corner click "Navigation settings". This window is similar to the one in which we removed unnecessary sections, and it has the same principle of operation. In the right column we leave only the necessary documents and reference books.
And as a result, in the “Main” section we will have only the set of documents, reports and reference books necessary for the personnel officer.
As for the “Personnel” section, it can be left in its original form or configured more finely if, for example, the personnel officer does not have to deal with sick leave, vacations and maternity leave. In the same way, these documents can be removed from the navigation panel. I will not dwell on this in detail, since it already depends on the specific task.
I’ll just point out one more element that also needs to be configured to prevent the user from accessing data that is closed to him. This element is « home page "or whatever they call it "Desktop". It automatically opens when you start user mode. To set up the home page, open the service menu View -> Set up home page. A window will open in which you can configure the composition of the left and right columns from the list of available forms. The choice of available forms is not so large. So, for example, for our situation, where an employee is engaged in personnel, we should not give him access to such a form as “Salary calculation: Form”. But I decided to remove all forms altogether, so as not to tempt the user again. The start page will be blank.
Final setup of the user role in the 1C configurator
So, let's assume that we have configured access to all necessary documents and reference books for our personnel officer, using the capabilities of the command interface. Now the main question is how to make it so that the user himself cannot open the interface settings and give himself access to prohibited documents. To do this, return to the configurator and select General -> Roles -> Frolov_Role in the configuration object tree. Let's open this role. Now in the window that opens, position the cursor on the inscription “Salary and Personnel Management”, and in the “Rights” column we look for the setting "Saving user data". Uncheck the box next to this setting. This means that the user himself will not be able to customize the contents of the section panels, navigation bar and desktop, and therefore will not have access to prohibited sections from the command interface.
To verify this, you can go to the database under the user Frolov and try to open the settings for sections or navigation. However, you will not find the “View” item in the service menu. It became unavailable because we removed the right to “Save user data” from the user role Frolov.
Thus, we limited the user's visibility of objects to only those directories, documents and reports that he really needs for work. At the same time, in the configurator mode, only one checkbox was edited in the rights of this employee.
However, that's not all. We have limited explicit access to prohibited objects. However, the user may end up in an unwanted directory or document from a document accessible to him. So our personnel officer Frolov can open the “Organizations” directory from the “Hiring” document and accidentally or purposefully change some data there. To prevent a similar situation from happening, you should review and analyze all objects that are associated with documents and reference books available to the user. And then in the configurator, open the role of our user and prohibit editing or even viewing unwanted objects. The specific option is up to you to choose, depending on the task at hand.
That's all! We didn’t solve a rather difficult problem very well. in a complicated way. Anyone who has read to the end can rightfully be proud of themselves) If I missed something and you have any comments, I will be glad to see it in the comments to the article.
New interesting materials will appear soon on.
To be the first to know about new publications, subscribe to my blog updates:
Every 1C:Enterprise administrator knows that the task of separating user rights and correspondingly changing the working interface is one of the main ones when implementing an accounting system or adding new users to it. Depends on how well it will be done this task depends on operational efficiency and data security. Therefore, today we will talk about the features of setting up user rights and interface in a managed application.
First of all, I would like to note the main aspects of this type of settings. Many approach this issue one-sidedly, considering them purely as a measure of protection against unauthorized access to data or unqualified modification. At the same time, they forget about the other side of the coin: creating a simple and convenient working environment for the user. In cases where the user's working interface is overloaded with unnecessary items, the meaning of which is not completely clear to him, a false impression arises about the excessive complexity of the program and there is a fear of making a mistake. It is clear that this does not contribute in any way to increasing employee productivity.
Ideally, each employee should see only those interface elements that he needs to perform his immediate duties. Then it will be easier to work, and there will be no temptation to climb where you shouldn’t. Moreover, it makes sense to perform such settings even when some subsystems are simply not used or restricting access to them is not required. This will make the interface simpler and more understandable, and, therefore, the user’s work will be easier and more comfortable.
If we go back a little, we can remember that in conventional configurations Roles And Interfaces were part of the configuration and for them fine tuning it was necessary to enable the ability to make changes, and in the basic versions it was impossible at all.
The disadvantages of this approach are obvious: this complicates the maintenance of information bases, and possible conflicts during subsequent updates, when changed configuration objects require changing access rights.
In the managed application, settings for rights and interfaces were finally moved to user mode and can be configured directly from the program interface. A user's rights are assigned based on their membership in access groups. Let's go to Administration - User and rights settings - Access groups - Access group profiles, where we will see pre-installed profiles for the main access groups.
A user can be a member of several access groups at once, in which case the resulting rights will be summed up. In general, everything is quite clear and familiar, except that the settings are now performed in user mode, and not in the configurator.
But if we try to find interface settings, we will fail. In a managed application, the workspace interface is generated automatically, based on access rights. For example, let’s compare the interfaces of the Administrator and Sales Manager section panels:
In general, the idea is sound, if there are access rights to the object, we show it in the interface, if not, we hide it. It's much better than popping in regular application messages about access violations when the latter do not correspond with the designated interface. If you add rights to an access group or, conversely, remove them, the interface elements associated with them will appear or disappear on their own. Comfortable? Yes.
The user can also independently configure his workspace within the limits of his access rights. At first glance, everything looks good, but there was a fly in the ointment. There is no mechanism that allows you to centrally configure and assign a “default” interface to users in a managed application.
If we look at Administration - User and rights settings - Personal user settings - User settings, we will see there a list of all objects whose settings have been changed by the user, but we cannot change them in any way.
Those. we are asked to log in directly to the user and configure the working interface on his behalf. A controversial decision, especially if there are not two or three users. Fortunately, the developers have provided the ability to copy user settings, which allows us to customize the interface of one user the way we need to quickly apply the settings to everyone else.
In order not to be unfounded, let's look at a practical example. In preparation for the transition to online cash registers, it was decided to automate the cash registers of a small network of dental clinics. The basis for clinic automation was industry-specific software not based on 1C and not providing connectivity fiscal registrar Therefore, it was decided to use the Enterprise Accounting 3.0 configuration, which contains all the necessary functions, to automate cash registers.
Here we are faced with two difficulties, although if we look more closely, we will find that these are two sides of the same coin. In short: the personnel had never worked with 1C before and therefore it was necessary to create a working environment that was as easy to learn as possible, while protecting the information base from possible unqualified influence of personnel. A managed application allows you to quite simply combine business with pleasure, making it so as to limit the user, and at the same time allow him to work comfortably, without noticing the restrictions.
Let's begin. First of all, you need to create a user group profile. If we open the standard profiles, we will see that there is no option to change them. This, in our opinion, is correct; history knows a lot of examples when, in a fit of official zeal, standard rights were shoveled to such a state that they had to be restored from the standard configuration. This can also mislead other users or administrators of this database, who expect to see standard sets of rights under standard profiles.
Therefore, we will find the most suitable profile for our tasks, in our case it is Sales Manager, and make a copy of it, which we will give the name Cashier. Now we can configure the rights at our own discretion. However, the flat list offered by default is not entirely convenient to work with, unless you need to quickly find an option you already know; in most cases, it is much more convenient to work with the list by enabling grouping by subsystems.
We will not dwell on this issue, since the assignment of rights depends on the specific tasks facing the user; we can only advise exercise prudence and not go to extremes. Remember that your task is to create a comfortable and safe working environment, and not to completely prohibit everything possible.
Having created a profile, assign an access group to the right users and run the program under one of them. Depending on the assigned rights, you will see an automatically generated interface.
In principle, this is already quite good, but in our case everything is just beginning. To our surprise, many users and administrators still have no idea how to configure the “Taxi” interface and continue to complain about its “inconveniences.”
Let's go to Main menu - View, where we will see a number of settings regarding the interface.
Let's start with section panel settings, in our case, the range was limited to a short list of services, so the warehouse section turned out to be superfluous, in order not to complicate or burden the interface, we’ll just remove it.
Then, in each section, by clicking on the gear in the upper right corner, we will sequentially configure the navigation and actions. Here we will also remove everything that is not necessary in everyday work, and, on the contrary, we will bring to the fore what is necessary.
You can even compare how it was and how it became:
Finally, let’s configure the panels. Since we have few partitions, it makes sense to move the partition panel up and the open panel down, thereby expanding the workspace horizontally, which is important for monitors with a small diagonal or 4:3 format.
After completion, you should check all the settings again; it is best to do this by simulating the real actions of a cashier, which will immediately help you evaluate the ease of working with the interface. In our case it turned out simple and convenient workplace cashier, in any case, there were no problems with the staff’s mastery of it:
Now let’s log into the program again as an administrator and go to Administration - User and rights settings - Personal user settings - Copy settings. Our task is to distribute the changes we have made to the remaining users of the Cashiers group. The operation itself is quite simple: select the user whose settings we are copying, indicate to whom and select what exactly.
And finally, you can prevent the user from customizing the interface on their own; to do this, go back to the group profile and uncheck the action Saving user data.
As you can see, setting up the interface and user rights in a managed application is quite simple and, despite some shortcomings, provides administrators with much greater flexibility and convenience, allowing them to quickly create convenient and secure working environments.
Tags: