Defining User and Group Permissions for Equipment

At runtime, users have access to the asset tree that is defined in AnalytiX Catalog. You can limit users (or groups) a specific view of the asset tree by defining permissions for individual nodes in the asset tree. Doubtless there are so many levels in your asset tree that defining permissions for each and every equipment node in the asset tree would be difficult to do and impossible to maintain; for that reason we have built in inheritance permissions that you can set for an equipment node high in the asset tree and allow those permissions to default to child equipment nodes lower in the asset tree. In this way you can exploit the structure of the asset tree to facilitate access to nodes and commands in the tree.

When a node is visible to a user and group, you can also define user or group access to the types of commands that are available from the equipment nodes right-click menu at runtime. For example, you can allow users to Load Executed Reports but not Run Reports. Note that if there are multiple commands defined for a command type, then permission is allowed or denied for all runtime menu items that use that command. For example, if five menu items load reports using the Load Report command, permission to allow the Load Report command allows all five reports; you cannot give permission to only three of the five reports.

To define user and group permissions for equipment, follow these steps:

  1. Open the the Workbench and, in the Project Explorer, click the AssetWorX provider button to open AssetWorX.

  2. Then in the navigation tree expand localhost > AnalytiX Catalog configuration > Assets to access the asset tree. Expand the asset tree and click on the equipment you are defining runtime menu commands for. This displays the Equipment tab, with the Properties tab on top.

    (If you are defining permissions for an equipment class instead, expand localhost > AnalytiX Catalog configuration > Equipment Classes. Navigate to the equipment class you are defining runtime menu commands for and select it. This displays the Equipment Class tab, with the Properties tab on top.)

  3. Click the Permissions sub-tab. When you first use the Permissions sub-tab, it looks like this:

    Initial Appearance of the Permissions Sub-tab


    Such an appearance inherits all of its permissions from its parent equipment node. Before you continue, review the rules for how permissions are applied at runtime in the Permissions Tab for Equipment topic. (You can also refer to them in the Permissions Tab for Equipment Classes topic.)

  4. To override the default permissions for the equipment node, you must add the users and/or groups you are overriding them for. To add a user or group from the Security Server, click the Add button and select one. You may need to navigate to the Security Server. (Security Server, users, and groups are configured in the Classic Workbench for GENESIS64; refer to the online help for the Classic GENESIS64 Workbench for information.)

  5. To allow or deny access to types of commands, select the user or group to display the commands in the table at the bottom of the form. The table will look like this:

    Allow or Deny Command Types

  6. Clicking a check mark in the Allow or Deny check box on the All command types line adds a check mark to that box for all commands. You can change the setting for each command type.

  7. Click Apply at any time to save your changes, or Apply & Close to save your changes and close the Equipment form.  

 

See also:

Permissions Tab for Equipment

Permissions Tab for Equipment Classes