| |
User Types and Permissions |
|
|
|
|
Inventory considers 4 types of users:
- Hardware Owners - these users are referenced by the system but are not allowed to login to it or use it at all. They are there so computers and hardware can be assigned to them, or as reference information.
- Viewers - these are like hardware owners, however they have
permission to login to Inventory and view information stored within.
They do not have permission to change anything, and some information is
not shown to them, like information about user accounts.
- Editors - these users have all permissions that 'viewers'
have, but also have permissions to change records: add/edit/delete etc.
- Administrators - these users have the highest level of permissions, they can do everything in the system, including management of users and system settings.
All users except 'hardware owners' can login to the system, and have a username and password set. ('Hardware owners' do not require a login to be assigned).
When logging into the system, the left navigation bar will display information about the user's permissions: A different icon will be displayed for each permission level, and the permission level will also be typed in text beside the icon.
Throughout the help files explanation of functionality will be given as if the user is an administrator. Consider that an Editor will have less permissions, and the Viewer even less. The abilities are implied from the deifinitions of users as stated above, and will be detailed further only where appropriate.
Inventory applies an additional security measure to restrict access: each user has a 'Permission Span' setting defined. This setting can restrict a certain user to view information from a certain location and down. This is useful if we want to departmentalize information and allow a user to view info only from a certain location.
There are a few points to note about the permission span:
- The permission span setting does not effect view/edit/admin permissions, and is indepedent of them.
- The permission span is also singular, meaning that you cannot delegate permissions to more than one place in the locations tree. (This is by design for the current version of Inventory).
- Permission span can be defined for each user by editing his user accout. (Needs Admin permissions).
- Permission span is different and independent of the 'User Location' property. They both user locations as data, but it is possible to define a user that is located in location X and has a permission span assigned to location Y which is unrelated to X. In this case that user will only be able to access information in location Y and not user location X.
- Permission span setting is not effective (though possible) for administrator's accounts, since they admin can edit his own user account and change the permission span.
| |
User Types and Permissions |
|
|
|
|