Users and Security

• Users and Security
• • Security of MineMarket Objects: Domain Security
  • • Domain Objects
    • Domain Security Rights
  • Security of MineMarket Functionality: User Group Security
  • • Administration User Group
    • User Group Security Rights
  • Menu Icons
  • Task Panes
  • Order to be Followed for Setting up the Security Model

Security rights ('permissions' that control user access to objects and functionality in MineMarket) can be assigned at two levels: the user group and a domain assigned to the user group.

Security of MineMarket Objects: Domain Security

A domain is a high-level structure that groups related system functionality and data. Domains can be used to manage user access to that functionality and data. A MineMarket implementation may be configured with one or multiple domains, depending on a company's structure and requirements.

Domains are assigned to user groups to control the access to and operability of MineMarket objects for each user in the user group. Domains need to be created prior to setting up accounts for users.

All MineMarket installations include a Global Domain, which cannot be deleted. Other domains can be defined to give users access to a subset of MineMarket objects.

Multiple domains can be assigned to a user group, and an individual domain can be assigned to multiple user groups.

Domain Objects

Solution Explorer nodes for objects are made viewable or non-viewable for a particular domain. Only those objects that are viewable in the domain can be seen by a user who is a member of a user group to which the domain is assigned.

Example: Specific organisations are made viewable, and all other organisations are made non-viewable for a particular domain. The domain is then assigned to a particular user group. When a user who is a member of that user group views contracts, despatch orders, invoices or payments, only those that belong to the viewable organisations can be seen.

Domain Security Rights

When a domain is assigned to a user group, functionality based on the objects can be made available or not available for that user group. For example, a user group may be configured to have access to two domains, but only be allowed to maintain billboards for the billboard categories assigned to one of the domains.

Example: A domain that includes all barge despatch template categories is assigned to a user group; however, for that user group, the Allow barge despatch template maintenance domain security right is disabled,. A user who is a member of that user group cannot create, edit, rename, duplicate or delete any barge despatch templates.

Security of MineMarket Functionality: User Group Security

A user group allows users who need the same MineMarket domain access and security rights to be grouped together.

You can create user groups to specify the common tasks that the group can do in MineMarket. For example, whether a user can view specific menu items; view a train or shipment in the relevant despatch explorer; or modify or create contracts, vessels or other objects.

Administration User Group

Users who are members of the Administration user group can:

• See all MineMarket objects (via the default Global Domain that is assigned to the Administration user group)
• Specify the domain and user group security for other user groups

User Group Security Rights

Functionality that is not specific to a domain can be controlled per user group. Whereas domains control access to objects in the Solution Explorer, user group security rights are more general; for example, for functionality or objects accessed via the ribbon menu or explorers.

You can also use security rights to simplify the MineMarket user interface for a user group. The visibility of many user interface elements can be controlled by user group security rights; for example, which ribbon icons display, or which tabs in the navigation pane.

Example: The Allow analyte maintenance security right is disabled for a user group. A user who is a member of that user group cannot create, edit, duplicate or delete any analyte definitions.

Menu Icons

The viewability of many icons on the ribbon menu can be controlled with the security rights for the Menu user group security rights group.

Task Panes

Task panes can be created to limit what the users in each user group see in their task panes.

Order to be Followed for Setting up the Security Model

The following order should be used when setting up security for users.

1. Domains
2. User groups
3. Users
4. Domain and user group security rights