In addition to the general security provided for Users and Groups, Conquest has security for Asset Types, to permit certain Users or Groups to be able to Edit or not, specific Assets and Actions, based on their Asset Type, while continuing to have general permissions on Assets and Actions as a whole.
The above image shows the Asset Type security permissions information. The list on the left displays all Users within the Conquest system and the list on the right is all the User Groups, both of which are configured in the User Accounts Form.
Permissions assigned to an Asset Type apply to Assets and Actions of that Asset Type, in which case the general Group and User Object permissions, set in the User Accounts Form, are OVERRIDDEN.
The Asset Type, User and Group permissions can be:
• Edit
• Read-Only
• No Access
• Not Set. Which means; no permission but permits the inheritance of permission from the closest, ancestor Asset Type. Otherwise the standard Object permissions, set in the User Accounts Form, apply.
For an Asset or an Action, Conquest checks the Asset Type permission for the current User and Groups that they belong to, and when it finds ‘Not Set’, it searches “up” the Asset Type Hierarchy until it finds an Asset Type with a permission other than ‘Not Set’, from which it applies the LEAST RESTRICTIVE of its User and Group settings. If no Asset Type permission is found, Conquest falls back to the general User/Group, Data Object Permissions.
One circumstance that can cause issues is, if a User/Group does not have access to a Facility then, even with edit access for Asset Type’s within that facility, they will not be able to view the Assets of those Asset Types.