Skip to main content
SecurityTrax

What are Permission Groups?

Introduction

Permission Groups are the heart of Permissions. A user is assigned to a Permission Group and it is that Permission Group which determines what they have access to do in your system. These Permission Groups allow for you to give the same permissions to the different groups of users you have in your system.

The following groups would be examples of Permission Groups in Securitytrax systems:

  • Sales Reps
  • Technicians
  • Lead Reps
  • Managers
  • Regionals
  • Office Admin
  • Accounting
  • Owner

Permission Group can be one person or one hundred people. You may have three different Sales Rep Permission Groups or multiple Admin Permission Groups. The size and scope is up to each individual company. 

Terms

Permissions

The feature that allows you to set and customize user access to pages, features and abilities within Securitytrax.

Permission Group

Permission Groups are used to define a set of Roles, Grants, and PoliciesPermission Groups are then assigned to users to give necessary access and responsibilities within the system.  A user can only be a member of one Group at a time.

Permission Category

Permission Category contains related Resources. The following Permission Categories exist in Securitytrax:

  • Content Management
  • Calendar Event
  • Tag
  • System Management
  • Equipment/Inventory
  • Customer
  • User
  • Dashboard Card
  • Reports
  • Leads

Resource

Resource represents an object and its associated properties in the system, such as a customer or user. A Resource can have related Resources. For example, a customer can have one or many customer_files. A Resource also has associated Attributes. Click here for a list of all current Resources in Securitytrax.

Attribute

Attributes are data points that exist on Resources. For example, these are a few of the Attributes on the customer Resource:

  • First name
  • City
  • Sale Date

Note: Not every Resource will have Attributes listed.

Grant

Grants describe the actions that are available on Resources. A Resource can have one or more applicable Grants. The most commonly used Grants in Securitytrax are as follows:

  • View 

Allows the User to view information on the Resource

  • Create

Allows the User to create information on the Resource

  • Modify    

Allows the User to modify information on the Resource

  • Delete

Allows the User to delete information on the Resource

Other Resource specific Grants do exist and will relate to the Resource they live on.

Policy

Policy allows you to limit a Permission Group or user's access to a particular Resource . The limitations available will vary from Resource to Resource. On the customer Resource you can apply Policies which limit based on assignments, creation, office location or even sale date. The Policy allows for customization of Grants on the Resource.

Example: 

I want to allow the sales rep that is assigned to the customer to view that customer. I do not want them to be able to view a customer they are not assigned to. The Grant allows us to give permission for a user to view the customer. The Policy limits the permission so they can only view the customer where they are the assigned sales rep.

Note: Not every Resource will have Policies you can use to limit the Grant.

Group Policy

Policy associated with a Permission Group that will apply to all Users within the Permission Group.

User Policy

Provides the ability to override (or append to) the Policies applied a user’s assigned Group.  User Policies are specific to the user and do not effect the Groups' Policies on a Resource.

Overview

The following section will provide a breakdown of Permission Groups and their associated ResourcesGrants and Policies.

Permission Groups

Permissions are applied to a user via a Permission Group

That Permission Group is made up of three sections:

  • Group Details

Group Details are just the name and description of the Permission Group.

  • Select Roles

Roles are the responsibilities a user is given in Securitytrax.

  • Click here to learn more about Roles.
  • Permission Categories

The Permission Categories contain related Resources, which allow for customizable Grants and Policies.

The Resources within the Permission Categories are the most important part of the Permission Group

Resources

Resources represent objects and their associated properties in Securitytrax. A resource is what you are building your permission around. A couple of examples of Resources are Customer and User.

Attributes

Most Resources in your system typically have Attributes, or data points, connected to them.

For Example, the following are the first five Attributes on the Resource of Customer:

  • First Name
    • Customer's first name.
  • Last Name
    • Customer's last name (surname).
  • Spouse
    • Name of the customer's spouse.
  • Address
    • Address line 1.
  • Apt/Suite
    • Address line 2 or the apartment / suite details.

As you can see, the Attributes are the data points that are on the Customer Resource. If you are trying to determine how to grant or restrict access to a specific data point in your system, then you will want to find the Resource, whose Attributes contain that data point.

Grants

Grants describe the actions that grant or restrict a user's access. A Resource can have one or more applicable Grants. The most commonly used Grants in Securitytrax are as follows:

  • View 

Allows the User to view information on the Resource

  • Create

Allows the User to create information on the Resource

  • Modify    

Allows the User to modify information on the Resource

  • Delete

Allows the User to delete information on the Resource

Other Resource specific Grants do exist and will relate to the Resource they live on. 

For Example, a few of the additional Grants on the Customer Resource are as follows:

  • Apply Tag
  • Modify Account Class
  • Manage Central Station Integration

These Grants are specific to the Customer Resource and would not apply on another Resource, such as Funding or User License.

Policies

Policy allows you to limit a Permission Group or user's access to a particular Resource . The limitations available will vary from Resource to Resource.

For Example, on the customer Resource you can apply Policies which limit based on user assignments, creation of customer, office location or even sale date.

The Policy works hand and hand with Grants on the Resource. The following example will help illustrate the relationship between a Grant and a Policy.

Example: 

I want to allow the sales rep that is assigned to the customer to view that customer. I do not want them to be able to view a customer they are not assigned to. The Grant allows us to give permission for a user to view the customer. The Policy limits the permission so they can only view the customer where they are the assigned sales rep.

Policies are not required in order to grant a user permissions within a Resource. In fact, not every Resource will have Policies you can use to limit the Grants

  • Was this article helpful?