# Manage a user's database access and restrictions

{% hint style="info" %}

* This page outlines how to manage user access and restrictions for one or more databases via the [user's account page](/administration/users/add-update-user/user-account-page.md) and the [Database view](/administration/users.md#users-databaseview) of the **Users** page. To do this for an individual database via the **Databases** page, see [Manage user access and restrictions for a database](/administration/databases-administration.md#manage-user-access-and-restrictions-for-a-database). For other information, see the [Overview of access to data](/administration/overview-of-access-to-data.md) page.
* User permission: [Administration > Users](/administration/users/add-update-user/user-permissions.md#administrator-permissions)
  {% endhint %}

{% hint style="warning" %}
When you update database restrictions for users, you override any [default database restrictions](/administration/databases-administration.md#manage-default-database-restrictions) that might have been applied to the database.
{% endhint %}

{% hint style="success" %}
See this related page: [Update user settings, permissions and restrictions in bulk](/administration/users/add-update-user.md#update-users-in-bulk)
{% endhint %}

{% embed url="<https://phocassoftware.wistia.com/medias/hjafd03lky>" %}
Set user restrictions
{% endembed %}

You can determine a user’s database access when you initially [add the user](/administration/users/add-update-user.md) on the [**Databases** tab](/administration/users/add-update-user/user-account-page.md#usermaintenanceform-databasestab) on the user's account page. Alternatively, you can do it later, again on the user's account page or via the [**Database** view](/administration/users.md#users-databaseview) of the **Users** page.

From either location, firstly review the current access and restrictions:

* If a period is selected for a database, it means the user has access to the database. If no period displays (a red outline displays on the period box), it means the user does not have access to that database.
* If the lock icon (**Restrictions** button) next to the period is grey, it means no restrictions have been applied to the database. If a black button displays, it means one or more restrictions have been applied.

Then you can manage the access and restrictions as required:

**Give access to the database**

Select a period from the list of *defined* periods that have been set up for the database. This action grants the user access to the database and the period you select becomes the *default* period that is applied when the user opens the database. Learn more about [periods](/basics/getting-started/periods.md), a core concept in Phocas.

**Remove access to the database**

Select the *blank* option from the dropdown list.

**Add or update restrictions**:

1. Click the **Restrictions** button (lock icon) next to the period dropdown list.
2. On the restrictions form, click the **Dimensions**, **Streams** or **Measures** buttons to view a list of their respective data items (entities).
3. Set the access as required: Clear (deselect) the checkbox to restrict access to the item (remove it from the user's view) or select the checkbox to enable access to the item (the user can view it). Expand the sections below for more information and examples.
4. Click **Save** to close the restrictions form.

**Change the order in which the databases display for the user**

This action can only be done on the user's account page. Select the database row, then use the **Up** (promote) and **Down** (demote) buttons on the top left of the grid to move the database to the required position. &#x20;

If you're on the user's account page, click **Save**, then click **Close**. Any changes you make on the **Database** view of the **Users** page are automatically saved. The next query the user performs on that database will exclude/include the items as applicable.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.phocassoftware.com/administration/users/manage-a-users-database-access-and-restrictions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.