Security Groups

security menu Security Menu Item -> Operators -> Security Groups

SecurityGroup
Security Group allow you to configure highly customised access rights

Security Groups

Operators who have the same access level can be grouped together, eliminating the need to set each operator’s individual access clearance separately. After a Security Group has been set up, supervisors can then simply select the Security Group from the PopUp list when setting up a new Operator in the Operators Window.

Adding a New Security Group

Add new group button Click the Add button at the bottom left of the Security Groups window. A new list item will appear with an empty form to its right. Fill in the blank text boxes.

Blank new Operator Security group.

Add new security group

Supported Client Apps

This setting decides whether the security group has access to Windows Client (Patriot Client Programme) or Web/Mobile Client (ICA and Plink).

Operators always have access to Windows Client, even the security group he belongs to doesn't support Windows Client.

Group Type

The options could be different depending on the setting of Supported Client Apps. Different Group Types have access to different security rights.

The combination of Supported Client Apps and Group Type decides Web Client Access Level.

Security Rights

The security rights are categorised into a tree.

Each right may contain other related rights inside it which are related to that area or function.

The root of the tree is Main Program Access, which is required to log in.

The Edit Client right is required to make changes to a client record. The child rights contained within Edit Client allow operators to make changes to the specific areas of the client.

The rest of the rights follow the main menu structure. For example, the security right 'System Menu' -> 'System Settings Menu' -> 'System Wide Settings' allows access to the corresponding menu item 'System' -> 'System Settings' -> 'System Wide Settings'.

Some menu right items also have permissions for the screen opened via the menu. For example, under Monitoring Menu -> Current Activations are rights related to the current activations screen. These rights affect what operators can do once they open the Current Activations screen.

Some client security rights under Edit Client right have three way settings:

Edit - If the security right sets to Edit, it means the security right is assigned and the operator is allowed to edit the context.

View - If the security right sets to View, it means the security right is not assigned and the operator can view the context only.

Hide - If the security right sets to Hide, it means the security right is not assigned and the context is hidden from the operator.

Set the security rights for the new group by expanding the categories in the tree, and checking the box for each right required by your operator group. You must enable a right before enabling rights contained inside the right. For example, the 'Signal Browse Pause' right cannot be assigned unless the 'Signal Browse' right itself is also assigned. In general, the parent rights only give the minimum access possible, and one or more child rights must be added to allow the operator to use the features. When logging in, operators will not see a menu if they have no access to any of the items within it.

save Click the Save button on the form to save the new Security Group

Security Right Definitions

Most security rights are self-explanatory. The following additional information is provided:

Remote Action Plan Filtering

This setting is available if the security group ONLY supports Web/Mobile Client. It will only show signals/activations with action plans the security group has access to.


This setting only applies to:

It does not apply to operators.

Operator Note Access

This setting is available if the security group ONLY supports Web/Mobile Client. It decides what types of operator notes are accessible to the security group.

This setting applies to:

It does not apply to operators.

If you run a report as an operator, via either ICA or Patriot Client Programme, then only the System Wide Settings will apply.

If you run a report as a remote user via ICA, then both settings will apply. The report data will be filtered on security group settings AND system settings. Only notes satisfying both settings will be included in the report.

There is a similar note type filter in the Report Settings section of System Wide Settings to restrict the note types included in a report. It applies globally.

ICA Report Access

This setting is available if the security group supports Web/Mobile Client. It decides what reports are available via ICA.

Changing Security Group Records

Click to select the Security Group from the list Security Groups Window. Edit the desired fields and click the Save button

Deleting Security Group Records

delete Click to select the Security Group you wish to delete from the list in the Security Groups Window. Click the Delete button.

Note: the delete command cannot be undone so it is advised that you proceed with caution.