Assigning User Security

This topic provides an overview of the security assignment process.

The VA module allows administrators to set up security by data, form, report, attachment type, query, and Work Center template. You must assign security type permissions for all users prior to allowing them access to the system. To ease administrative efforts, it is recommended that you assign security to groups of users, rather than individuals. You can then customize security settings for individual users if their group settings are too restrictive.

Important: If you do set up security, consider which individuals have access to the security forms. If you have restricted users from gaining access to specific forms, but do not also restrict access to the security forms, then any user can change the security setup for themselves.

The following list briefly discusses each security type.

Data – Use this security type to prevent unauthorized users from viewing and/or posting information to system fields or from accessing sensitive information through other sources.
Form – Use this security type to prevent users from accessing forms or specific form tabs.
Report – Use this security type to define which reports are available to users.
Attachment Type – Use this security to define what types of attachments users can access.
Inquiry – Use this security to define what queries users can access on the Dashboard Work Center in the Main Menu.
Work Center – Use this security to define the Work Center templates that users can access.
Security Administration – Use this security to restrict users who have security form access to administering only some company/module combinations in VA Form Security and VA Report Security. This feature is optional and should be used only if you want some users to administer security for only selected company/module combinations.

The rest of this topic outlines the process for assigning security permissions.

Step One: Creating Security Groups

Security groups provide a way of administering permissions over a group of users rather than by individual user. When creating security groups, you will assign a specific group type. Each group type corresponds with the security types discussed above. Because security groups are associated with a single group/security type, most users will belong to at least four security groups (one for each type). For larger and more complex operations, users may belong to more groups.

To create a security group, use the VA Security Groups form.

To assign users to a security group, use:

the Users tab inVA Security Groups or
the Security Groups tab in VA User Profile.

Step Two: Defining Group Permissions

Once you create a group, you can set specific permissions for that group's use of the application and/or ability to administering security. You do that using the appropriate security form (i.e., VA Form Security, VA Report Security, VA Attachment Type Security, VA Inquiry Security,VA Work Center Security, or VA Data Security Access) depending on the assigned group/security type. Once you define permissions for the group, all associated users have the same security settings.
Note: Before setting data security permissions in VA Data Security Access, use VA Data Security Setup to secure specific datatypes and tables. For more information, refer to VA Data Security Setup.

Step Three: Defining User-Specific Permissions

While security groups act as a “one-size-fits-all” solution, some user accounts require specific kinds of permissions settings that no one group provides.
Note: You can assign data-level security only to groups and not to individual users.
- To grant individual users permissions to use various parts of the application, use the appropriate security form(s). For more information, see VA Form Security, VA Report Security, VA Attachment Type Security, VA Inquiry Security, or VA Work Center Security. The user-level security settings in these forms interact with group-level security settings. For more information, see About the Interaction Between Group and User Level Security.
- To grant individual users access to security forms so they can administer security, use VA Form Security to give the user access to security forms: VA Form Security, VA Report Security, VA Attachment Type Security, VA Inquiry Security, or VA Work Center Security.
- To restrict specific users' ability to grant security permissions to only specific company/module combinations, Master Security Administrators can hide the unwanted modules from those users in VA Form Security and VA Form Security. For more information, see Creating a Master Security Administrator and Restricting Security Form Access to Specific Company/Module Combinations.
- To grant to a user full form, report, attachment type, inquiry, and work center template security, as well as membership in payroll and datatype security groups, for all companies, select the user in VA User Profile. On the Grant tab, click the Grant Full Access button. For more detailed information, see Granting Full Access to the Application. 
- To grant full database ownership to a user, select the user in VA User Profile. On the Grant tab, click the Grant DBO button. This button is available only if you have elevated SQL permissions to grant database ownership privileges. For more detailed information, see Granting DBO Privileges.
- See About User Permission Levels for more information.

Welcome to Help for all Trimble Viewpoint products.

Assigning User Security