Asset Tree

The Asset Tree on the left of the screen lists all of the parent assets within the system as well as the asset views. Individual assets are not listed because user group security is assigned at the parent asset level to simplify the process. Individual asset level security can be established with supplemental security.

Use the +/– symbols on the Asset Tree to expand/minimize the list. When a parent asset is selected, the user group security is applied to all of the assets contained within the parent asset. So, selecting "All Assets" will apply the user group security to all assets in the system. Selecting a specific county will apply the user group security to all assets within the county.

Set Security: [Selected Parent Asset]

The right side of the user group security page shows the user groups that currently have access to the assets within the selected parent asset. If checked, the Read-Only column indicates that the user group can view the selected assets but cannot make changes or perform tasks for them.

Edit User Group Security

Selecting the Edit button will activate a pop-up window that allows the administrator to add/remove user group access to the selected assets.

• Full Access – Checking the box to the left of the User Group column will give the user group full access to the selected assets.
• Read-Only – Checking the Read-Only box will allow the user group to view the assets, but they will not be able to make any changes.
• Save/Cancel – When all of the desired changes have been made, click Save. To go back to the User Group Security screen without making changes, click Cancel.

Supplemental Security Override

If a user is listed here, their supplemental security is overriding the user group security. Supplemental security works in both ways, so the user could be granted permission that they would otherwise not have based on the user group, or permission could be taken away when the user group would otherwise grant permission. Supplemental security is discussed in greater detail in the next section of the user manual.

Assets with Exceptions – Lists the number of assets within the selected parent asset that the user's access has been changed for due to their supplemental security settings. When supplemental security is set up, access can be given down to the individual child asset level.

View – Clicking View activates a popup window that displays the user’s supplemental security for the selected assets. It reveals asset and report access levels, including the user’s permissions to create assets, create reports, review reports, and secure assets. These levels are determined by the user’s role or are established when setting up the supplemental security.

Remove – Clicking Remove will delete the user’s supplemental security for the selected assets. If the user has individual child asset access, a popup will ask if that access should be removed as well.

Supplemental Security

Supplemental security is asset-based security for individual users, not for user groups. Supplemental security overrides user group security to provide or take away user access to assets. User groups should be used to control most users’ asset access because they simplify the security process, but supplemental security is helpful for special cases outside of a user group.

• Example: A DOT has bridge inspectors for each county:
  • County A: Inspector 1
  • County B: Inspectors 2, 3
  • County C: Inspectors 4, 5

If there is a bridge on the edge of County B where County B and County A meet, the DOT may want/need an inspector from County A to inspect that bridge at some point. However, they may not want to give the County A inspector access to all of County B’s assets. So, rather than adding Inspector 1 to the County B user group, the administrator could give Inspector 1 access to that specific asset using supplemental security.