Security Roles

Last Updated On
Print
You are here:

A security role represents which system functionality is available to users assigned those roles. These roles control available functionality by module, how the user’s default dashboard is configured, and which reports they are able to use.

Add a new security role

Each person may only be assigned to one security role. Depending on your organization, it may make sense to create a security role for each level in the organization.

  1. Expand the “Configuration” menu on the sidebar navigation. 
  2. Select the “Security Roles” menu.
  3. Select “Add” to add a new security role.
  4. Populate the fields. Data fields with an asterisk (*) are required.
    • Name*: Enter the name of the security role.
    • Description: Enter a description of the security role.
  5. Select “Save” upon completion.

Set security functions

  1. Locate the security role and select the View/Edit button for the desired security role.
  2. Select the “Edit” button in the Details section.
  3. Populate the fields. Data fields with an asterisk (*) are required.
    • Description
      • Name*: Enter the name of the security role.
      • Description: Enter a description of the security role.
    • Account
      • Edit: Toggle on to allow this role to edit the account information.
    • Assets
      • View: Toggle on to allow this role to view the asset records.
      • Add: Toggle on to allow this role to add asset records.
      • Edit: Toggle on to allow this role to edit the asset records.
      • Edit Depreciation: Toggle on to allow this role to edit the asset depreciation information.
      • Delete: Toggle on to allow this role to delete asset records.
      • Restrict: Toggle on to only allow this role to only view, edit, or delete assets to which the role is directly associated.
        • Note, when this toggle is enabled, assets are filtered from selection lists and other dropdown menus.
      • Configure: Toggle on to allow this role to configure the custom attributes for asset records.
    • Contacts
      • View: Toggle on to allow this role to view the contact records.
      • Add: Toggle on to allow this role to add contact records.
      • Edit: Toggle on to allow this role to edit the contact records.
      • Delete: Toggle on to allow this role to delete contact records.
      • Configure: Toggle on to allow this role to configure the custom attributes for contact records.
    • Dashboard
      • View: Toggle on to allow this role to view their dashboard.
      • Configure: Toggle on to allow this role to change their dashboard.
    • Data Processing
      • Data Import: Toggle on to allow this role to bulk-import data records.
      • Administer: Toggle on to allow this role to administer the data imports (i.e., view imports from other users).
    • Document
      • View: Toggle on to allow this role to view the document records.
      • Add: Toggle on to allow this role to add document records.
      • Add in Bulk: Toggle on to allow this role to upload multiple documents at once.
      • Edit: Toggle on to allow this role to edit the document records.
      • Delete: Toggle on to allow this role to delete document records.
      • Configure: Toggle on to allow this role to configure the custom attributes for document records.
    • Evaluations
      • View: Toggle on to allow this role to view the evaluation records.
      • Add: Toggle on to allow this role to add new evaluation records.
      • Edit: Toggle on to allow this role to edit the evaluation records.
      • Delete: Toggle on to allow this role to delete evaluation records.
      • Review: Toggle on to allow this role to review and apply data changes to the completed evaluation records.
      • Administer: Toggle on to allow this role to administer (e.g., lock or unlock) evaluation records.
      • Configure: Toggle on to allow this role to configure the custom attributes and properties to collect for the evaluation records.
    • Explorer
      • View: Toggle on to allow this role to view the data explorer.
    • Forms
      • View: Toggle on to allow this role to view the form records.
      • Add: Toggle on to allow this role to add form records.
      • Edit: Toggle on to allow this role to edit the form records.
      • Delete: Toggle on to allow this role to delete form records.
      • Restrict: Toggle on to allow this role to only view, edit, or delete their forms.
    • Form Type Configuration
      • View: Toggle on to allow this role to view the form type records.
      • Add: Toggle on to allow this role to add form type records.
      • Edit: Toggle on to allow this role to edit the form type records.
      • Delete: Toggle on to allow this role to delete form type records.
    • Global Search
      • Enable: Toggle on to allow this role to use the global search.
    • Machine Learning (Asset Telemetry Anomaly Detection)
      • Use: Toggle on to allow this role to use univariate and multivariate machine learning models for asset anomaly detection.
      • Train: Toggle on to allow this role to train and manage machine learning models for use in asset anomaly detection.
    • Marketplace
      • Enable: Toggle on to allow this role to use the marketplace.
    • Notifications
      • View: Toggle on to allow this role to view the notifications.
      • Add: Toggle on to allow this role to add notifications.
      • Edit: Toggle on to allow this role to edit the notifications.
      • Delete: Toggle on to allow this role to delete the notifications.
    • Recycle Bin
      • View: Toggle on to allow this role to view the deleted items in the recycle bin.
      • Delete: Toggle on to allow this role to permanently delete the items in the recycle bin.
      • Restore: Toggle on to allow this role to restore the deleted items from the recycle bin.
    • Reports
      • View: Toggle on to allow this role to view the reports.
      • Add: Toggle on to allow this role to add reports.
      • Edit: Toggle on to allow this role to edit the reports.
      • Delete: Toggle on to allow this role to delete reports.
      • Administer: Toggle on to allow this role to administer (e.g., export or reassign) the reports.
    • Schedule Jobs
      • View: Toggle on to allow this role to view the scheduled jobs.
      • Add: Toggle on to allow this role to add scheduled jobs.
      • Edit: Toggle on to allow this role to edit the scheduled jobs.
      • Delete: Toggle on to allow this role to delete scheduled jobs.
    • Security Role
      • View: Toggle on to allow this role to view the security roles.
      • Add: Toggle on to allow this role to add security roles.
      • Edit: Toggle on to allow this role to edit the security roles.
      • Delete: Toggle on to allow this role to delete security roles.
    • System Tickets
      • View: Toggle on to allow this role to view the system tickets that they create.
      • Add: Toggle on to allow this role to add system tickets to log an issue or request.
      • Administer: Toggle on to allow this role to administer (view, edit, close, reassign, etc.) system tickets.
    • System Versions
      • View: Toggle on to allow this role to view the system versions and recent changes.
    • Task
      • View: Toggle on to allow this role to view the task records.
      • Add: Toggle on to allow this role to add task records.
      • Edit: Toggle on to allow this role to edit the task records.
      • Delete: Toggle on to allow this role to delete task records.
      • Restrict: Toggle on to allow this role to only view, edit, or delete their tasks.
      • Configure: Toggle on to allow this role to configure custom attributes to collect for the task records.
    • Telemetry
      • View: Toggle on to allow this role to view the telemetry.
      • Add: Toggle on to allow this role to add new telemetry.
      • Edit: Toggle on to allow this role to edit the telemetry.
      • Delete: Toggle on to allow this role to delete the telemetry.
      • Administer: Toggle on to allow this role to administer (lock or unlock) the telemetry.
      • Configure: Toggle on to allow this role to configure telemetry types.
    • Work
      • View: Toggle on to allow this role to view the work items.
      • Add: Toggle on to allow this role to add new work items.
      • Edit: Toggle on to allow this role to edit the work items.
      • Delete: Toggle on to allow this role to delete the work items.
      • Administer: Toggle on to allow this role to administer (lock or unlock) the work items.
      • Configure: Toggle on to allow this role to configure work types.
    • Workflow
      • View: Toggle on to allow this role to view the workflow records.
      • Add: Toggle on to allow this role to add workflow records.
      • Edit: Toggle on to allow this role to edit the workflow records.
      • Delete: Toggle on to allow this role to delete workflow records.
      • Administer: Toggle on to allow this role to administer (e.g., export or reassign) the workflow.
  4. Select “Save” upon completion.

Add report access

  1. Locate the security role and select the View/Edit button for the desired security role.
  2. There are two options for adding reports to a security role:
    • Add every report to this security role:
      1. Select the “Add All” button in the Accessible Reports section.
      2. Confirm your selection by selecting “Grant All” on the next page.
    • Add one report to this security role:
      1. Select the “Add” button in the Accessible Reports section. 
      2. Choose the report that users with this security role can access on the next page. 
  3. Select “Save” upon completion.

Revoke report access

  1. Locate the security role and select the View/Edit button for the desired security role.
  2. In the Accessible Reports section, locate the report you wish to revoke and select the “Delete” button at the right.
  3. Confirm your selection by selecting “Revoke” on the next page.

Manage dashboard templates

  1. Locate the security role and select the View/Edit button for the desired security role.
  2. In the Dashboard Templates section, select the appropriate option for managing the dashboard templates:
    • Default this dashboard template for new users with this security role.

      • This button will only be visible for security roles created by users.  System-defined security roles cannot be updated.

      • Assetas recommends having exactly one default dashboard template per security role. If a user has never logged into the system, and the security role provisioned has exactly one default dashboard template, this dashboard will be automatically applied to the user.

      • This button will be visible for dashboard templates that are not the default dashboard template.  The “Default” tag also indicates which dashboard template is the default template for new users.

    • View or edit the dashboard template.

Assign users to a security role

  1. Locate the security role and select the View/Edit button for the desired security role.
  2. Select the “Add” button in the “Users Granted this Security Role” section.
  3. Choose the contact to assign to this security role on the next page. 
  4. Select “Save” upon completion.

Manage users assigned to a security role

  1. Locate the security role and select the View/Edit button for the desired security role.
  2. In the Users Granted this Security Role section, select the appropriate option for managing the dashboard control:
    • View or edit the contact’s detailed information page. (For more information, see the Contacts page.)
    • Revoke this user’s access to the system through this security role.  Once confirmed, this user will no longer have access to the system.

Manage security roles

  1. Expand the “Configuration” menu on the sidebar navigation. 
  2. Select the “Security Roles” menu.
  3. If the In Use column displays “Yes”, click the “Yes” text to view a report of all contacts assigned to this security role.
  4. Select the appropriate option for managing your security roles:
    • View or edit the security roles.
    • Copy this security role as a new security role.
      • Copying a security role will also copy the Accessible Reports and Dashboard Templates.
    • Download the security role definition for importing into another database.
    • Delete the security role.  Once confirmed, users with this role will no longer have access to the system.
Table of Contents