This article provides a brief description on how MET/TEAM's security works and how to configure it.
When searching MET/TEAM's help, you will find there is not really a single location that covers 'the big picture' for how to secure things within MET/TEAM, hopefully this article will help. You will also find useful information in these sections of MET/TEAM's built in help:
- Search for "Customizing Labels and Fields" and locate the section on "Edit Control Security"
- Search for "Securing Buttons"
- There is also useful info in "Menu Security"
- The section on "Assigning Groups (User Rights)" is also helpful
Setting up users...
From the User page you click the "Group" button to define what "Groups" a user belongs too.
MET/ TEAM is then configured to control what groups have access to various objects or controls in MET/TEAM. These controls can be data objects like buttons, text boxes, date controls, check boxes, anything that allows modifying or accessing data. For each control in MET/TEAM, if a user belongs to any group that has access to a control, then that user has access to the control. The process is always as generous as possible. Meaning, if a user belongs to 5 groups and 4 of them are denied access to a control, but the 5th group is granted access, then the user WILL have access to the control. Again, it is a generous as possible.
NOTE: Additional security groups can be added as needed via the Configure-->Groups menu item.
When first installed, MET/TEAM has very few controls secured meaning most users will have access to everything. This means that if any level of control is needed, you can and will need to add it to meet your requirements.
To configure access....
When logged in as a user belonging to either the "Administrator" or "Configuration" groups, you can right click on any control or button and select "Edit Control Security" and the page to configure access to that control opens up. In the example below, we right clicked on the Asset page's "Purchase Date" label.
The "Edit Control Security" page is broken into two columns, "Control is enabled for" and "Control is visible for". This means for most controls, you can configure them to be either invisible or disabled for various user groups. Most buttons in MET/TEAM cannot be made invisible, if this is the case, the column "Control is visible for" will be disabled, indicating the control can not be made invisible.
If you un-check "Everyone" at the top of either list, you can select only the Groups that will have access to that control. In the example below, only users belonging to either the Configuration or Administrator groups will be able to see the "Purchase Date" control on the Asset page.
After making your choices, click the Save button at the bottom of the page.
The security of the MET/TEAM menu is managed the same way but instead of right clicking, you use Configure-->Menu Security. (If the page doesn't draw correctly, click the refresh button and it will.) The entire MET/TEAM menu is displayed in a tree to the left, so you can click on any item and use the right side to configure access to the menu item. Here you have the choice to hide or disable the item for everyone or click the "Edit Control Security" button to manage the menu item by groups, just as described above.
The theory for MET/TEAM security is very simple, the configuration and testing is where the challenge is.
NOTE: With all the quick links in MET/TEAM it is almost impossible to prevent a user from getting to a screen so if you want to consider a screen secured, the number one thing to secure is the Save button. This way if a user gets to the screen, they will be able to edit data but will NOT be able to save and commit it to the data base.
We hope you found this article helpful, but if you have questions or need assistance, please send an email to firstname.lastname@example.org and we will get back to you as soon as possible.