On the Permission tab for equipment (shown below), you can identify the runtime users and/or groups that can access the equipment node in the asset tree, and you can even limit the runtime menu commands that users and/or groups can access for the equipment node.
Tip: An equipment node's information may be preconfigured if it was created using an equipment class. Equipment classes can contain template information, including aliases that are identified as being surrounded by /? and ?/. For more information about equipment classes, refer to the Creating Equipment Classes for Use as Templates topic. |
Equipment Form - Showing the Permissions Tab
To open the Permissions sub-tab, in the Project Explorer, click the AssetWorX provider button to open AssetWorX. Then in the navigation tree, expand localhost > AnalytiX Catalog configuration > Assets to access the asset tree. Expand the asset tree and click on the equipment you are entering properties for. This displays the Equipment tab; click on its Permissions sub-tab. Use this tab to define the users and groups that can access the equipment node and commands. Each prompt on this sub-tab is described below.
Options on the Permissions sub-tab are described below:
User or Group table: Use this table to allow or deny visibility of the equipment node to specified users and/or user groups. Default identifies permissions for all users and groups that are not specifically included in the table. To override the default permissions for a specific user or group, you must first add the user or group to the table by clicking the Add button and then navigating the security server to find the user or group to be added. Permissions work as follows:
In order for the equipment to be visible to any user or group, all of the equipment's parent nodes must be visible to that user or group.
Initially, the Default user settings for the Allow Visibility and Deny Visibility check boxes are both empty. When BOTH check boxes are empty, the equipment node inherits the permissions defined for its parent equipment node.
By putting a check mark in the Default user's Allow Visibility or Deny Visibility check box you break the node's inheritance of permissions and define the settings for all users not listed in the table. A check mark in the Allow Visibility check box lets the Default user (all users and groups) see the node in the runtime asset tree, but a check mark in the Deny Visibility check box prevents the Default user (all users and groups) from seeing the node in the runtime asset tree.
Sequence for determining permissions: The following sequence determines whether a user does or doesn't have visibility to an equipment node:
Where a user is a member of a group, the Deny Visibility setting takes precedence over the Allow Visibility setting. This means that if permission is denied for a group, all users in the group are denied (even if settings for one of those users allows visibility).
If the permission cannot be determined, the permissions setting for the Default user (all users and groups) is used.
If there is neither a Deny nor an Allow for the Default user, the parent equipment node's permissions are used.
If there is no parent, the equipment node is visible.
Command Type table: This table is populated only when a user or group is selected in the User or Group table. Use this table to allow or deny access to the equipment node's runtime right-click menu items for the selected user. Runtime right-click menu items are defined for the equipment node using the Commands tab; for a description of each type of command, refer to the Commands tab for Equipment topic. Permissions for command types work like this:
By default, no command types are selected; this means that the user's or group's permissions for command types default as described above in the Sequence for determining permissions. If no permissions are in play, then all command types are allowed.
You can Allow or Deny access to All Command Types or individual command types. Note that if there are multiple commands defined for a command type, then permission is allowed or denied for all runtime menu items that use that command. For example, if five menu items load reports using the Load Report command, permission to allow the Load Report command allows all five reports; you cannot give permission to only three of the five reports.
See also: