iMaint Users, Groups and Permissions Overview

You first create individual User ID's, then assign them to one or more Groups and finally Permissions to the application are assigned at the group level. Each user must belong to at least one group, but can belong to as many groups as is appropriate.  The DPSI Professional Services Team has developed pre-defined groups with corresponding permissions for the most common types of end user. You may copy and edit these groups and the permissions to meet your individual needs.  In this section you will gain a basic understanding of the role these items, within the iMaint SQL database, play when assigning permissions to areas within iMaint.

For iMaint Online Users, this information may include terminology used to define parts of the iMaint SQL Database, to which you do not have access. iMaint Online customers may only create User ID's for the number of licensed users you purchase.  For example, if you purchase 10 user licenses, you may only create 10 User ID's.  If you try to add an 11th user an error message will display to prevent the addition. If you need to replace an existing user, remove the old user first and then add the new user.

The framework of security is based on permissions. You may take permission away from a group so they cannot access confidential salary information, or give permissions to a group to access the Work Order form.  Permissions are set at the database or site level. Each iMaint site that you create will have a separate database on the server. Therefore, a group or subset of users may have rights to access everything in one site, but may have no permission in another site, and thus, not even be able to log in. All permissions to enable access or deny access to a certain section of iMaint is granted and controlled at the group level using views.

iMaint databases consist of tables of data.  These tables may be linked together to build items called views. A view by definition is an alternate way of looking at data from one or more tables in the database.  A view is a virtual table, usually created as a subset of columns from one or more tables. Using views as building blocks to iMaint allows users to query, display and modify specific data. The rest of the table or data­base is neither visible nor accessible. Permission to access the subset of data in a view must be granted, denied, or revoked.  

iMaint functionality can be expanded into four general categories defined below. The Modules category repre­sents the main functional areas. The categories below correspond exactly with the default navigation tree in the iMaint application.

Modules

1. 1. • Work Orders (i.e.)

      • Work Requests

      • Scheduling

      • Procedures/Tasks

      • Asset

      • Resources

      • Customers

      • Inventory

      • Purchasing

      • Projects

      • General Ledger

      • Additional Information

      • Fuel

Reports/Graphs

Sites

Utilities

Admin

 

Each category and sub-category are linked to one or more Views. The views define how data moves between the application interface and the site database.

The Interface is part of the application you can see and use. The database is where information is stored.

The following describes the four defined levels of data views:

• Level One – Parent View: the most important view as it returns most of the data used to define a module.

• Level Two – Child View: this data cannot exist without a parent, and is treated the same way when setting security permissions. A child view should not allow more access than its parent view, unless there are spe­cial circumstances.

• Level Three – Search View: searches through the application for data related to the Parent. For Example, The Work Order Form has a Status field with a magnifying glass positioned to its right.  The user would click on the magnifying glass to begin a search for status data that can help define the work order. The status field is considered a Foreign Key to the Parent that allows access to status data if SELECT permission had been granted on the Status Parent View. Likewise, many Foreign Key Views have their own set of Child Views, so permissions must be applied to those as well.

• Level Four – Foreign Key Parent View: these views contain child related data and require levels of access to accommodate the functionality of the level one parent view.

Views follow a strict naming convention by using the imvw_ prefix recognizable from the system views of the SQL Server database.  In the following illustration, as the iMaint default navigation tree expands, it enables you to identify the functional areas you can secure.

Modules

Work Orders

Quick Work Orders

Batch Work Order Complete

Batch Work Order Cancel

Work Orders

Level 1: PARENT

imvw_work_order:

      Level 2: CHILDREN

imvw_work_order_attribute 

imvw_wo_attribute_data

imvw_work_order_comments

imvw_woap

imvw_woap_est_res

imvw_woap_act_res

imvw_woap_est_part

imvw_woap_act_prt

imvw_woap_est_misc_cst

imvw_woap_act_misc_cst

imvw_woap_downtime

imvw_woap_code

imvw_woap_task

imvw_woap_tool

imvw_woap_attach

imvw_woap_comments

imvw_woap_total

imvw_gl_split_info

          Level 3: FOREIGN KEY STRUCTURES (Parent)

imvw_work_order_status

imvw_work_order_status_change

imvw_schedule

imvw_work_type

imvw_priority

imvw_contact

imvw_project

imvw_general_ledger

imvw_shift

imvw_warehouse

imvw_reason

   Level 4: FOREIGN KEY STRUCTURES (Children)

imvw_asset

imvw_asset_group

imvw_procedure

imvw_procedure_type

imvw_asset_location

imvw_craft

imvw_pay_type

imvw_part

imvw_warehouse_location

imvw_misc_cost

imvw_downtime_type

imvw_meter_type

imvw_code

imvw_code_type         

imvw_task

imvw_tool

imvw_attachment

Time Cards

Level 1: PARENT

    imvw_time_card_detail

Level 2: CHILDREN

imvw_gl_split_info

Level 3: FOREIGN KEY STRUCTURES

imvw_contact

imvw_craft

imvw_pay_type

imvw_asset

imvw_shift

imvw_procedure

imvw_general_ledger

imvw_work_order

imvw_other_cost

Resource Allocation

 

Work Requests

Create Requests

Level 1: PARENT

imvw_work_request

Level 2: CHILDREN

(None)

Level 3: FOREIGN KEY STRUCTURES (parent)

imvw_asset

imvw_asset_location

imvw_priority

imvw_procedure

imvw_problem_level

imvw_work_type

Level 4: FOREIGN KEY STRUCTURES  (Children)

Request Alert

View/Process Requests

Level 1: PARENT

imvw_work_request

Display Requests

Problem Level

Level 1: PARENT

imvw_problem_level

Scheduling

Schedules

Level 1: PARENT

imvw_schedule

imvw_calender_lockout

Level 2: CHILDREN

imvw_schedule_asset_procedure

imvw_schedule_total

imvw_schedule_repeating_date

imvw_schedule_specific_date

imvw_schedule_meter

imvw_schedule_comments

Level 3: FOREIGN KEY STRUCTURES (parent)

imvw_work_type

imvw_schedule_status

imvw_shift

imvw_project

imvw_contact

imvw_warehouse

Level 4: FOREIGN KEY STRUCTURES (Children)

imvw_asset

imvw_asset_group

imvw_procedure

imvw_procedure_type

imvw_meter_type

SPECIAL: Schedule Proof Process

imvw_scheduling

imvw_schedule_proof

imvw_schedule_exception

imvw_warranty_coverage

imvw_part_exception

FK SPECIAL:

imvw_asset_type

imvw_asset_location

imvw_craft

imvw_contact

Generate Scheduled Work Orders

Generate Proof

Level 1: PARENT

imvw_scheduling

Level 3: FOREIGN KEY STRUCTURES (parent)

imvw_asset

imvw_asset_group

imvw_procedure

imvw_procedure_type

imvw_asset_location

imvw_craft

imvw_contact

imvw_work_type

Review Proof

Level 1: PARENT

imvw_schedule_proof

imvw_schedule_exception

imvw_warranty_coverage

imvw_part_exception

imvw_asset_type

imvw_asset_location

imvw_craft

imvw_contact

imvw_asset

imvw_asset_group

imvw_procedure

imvw_procedure_type

imvw_meter_type

Create Work Orders

Level 1: PARENT

imvw_scheduling

Print Work Orders

This requires simple access to a Network printer. Please refer to the User Manual for more information on Logic Server Security Configuration.

Clear Proof

Level 1: PARENT

imvw_scheduling

Calendar Lockout

imvw_calender_lockout

Procedures/Tasks

Procedure

Level 1: PARENT

imvw_procedure

imvw_task

Level 2: CHILDREN

imvw_procedure_type

imvw_procedure_craft

imvw_procedure_part

imvw_procedure_tool

imvw_procedure_misc_cost

imvw_procedure_code_type

imvw_procedure_attachment

imvw_procedure_comments

imvw_procedure_schedule

Level 3: FOREIGN KEY STRUCTURES (Parent)

imvw_procedure_type

imvw_procedure_status

imvw_warehouse

imvw_task_status

Level 4: FOREIGN KEY STRUCTURES (Children)

imvw_craft

imvw_contact

imvw_part

imvw_tool

imvw_misc_cost

imvw_code_type

imvw_code

imvw_attachment

imvw_schedule

imvw_asset

imvw_work_type

imvw_schedule_status

Tasks

imvw_task

Asset

Asset

Level 1: PARENT

imvw_asset

Level 2: CHILDREN

imvw_asset_attachment

imvw_asset_attribute

imvw_asset_attribute_data

imvw_asset_code

imvw_asset_comments

imvw_asset_general_ledger

imvw_asset_location_change

imvw_asset_meter

imvw_asset_meter_change

imvw_asset_other_cost

imvw_asset_part

imvw_asset_procedure

imvw_asset_schedule

imvw_asset_season

imvw_asset_total

imvw_asset_warranty

imvw_asset_work_order

Level 3: FOREIGN KEY STRUCTURES (parent)

imvw_asset_type

imvw_asset_status

imvw_building

imvw_contact

imvw_department

imvw_line

imvw_priority

imvw_asset_location

Level 4: FOREIGN KEY STRUCTURES (Children)

imvw_attachment

imvw_code

imvw_code_type

imvw_general_ledger

imvw_meter_type

imvw_other_cost

imvw_part

imvw_procedure

imvw_warranty_type

imvw_procedure_status

imvw_schedule

invw_schedule_status

imvw_work_order

imvw_work_type

imvw_work_order_status

Meter Update

imvw_line

imvw_meter_type

imvw_asset

imvw_asset_group

Meter Rollover

Asset Types

imvw_asset_type

Asset Locations

imvw_asset_location

Asset Groups

imvw_asset_group

Lines

imvw_line

Meter Types

imvw_meter_type

Other Costs

imvw_other_cost

Resources

Employees

Supervisors

Buyers

Contractors

Other Resources

Crafts

Work Groups

Shifts

Labor Grades

Pay Types

Other Costs

Customers

Internal

External

Inventory

Parts

Parts

imvw_part

imvw_part_component

imvw_part_warehouse

imvw_part_warehouse_location

imvw_part_comments

Quick Parts

Part Quantity Search

Warehouses

Part Class

Adjustments

Physical Inventory

Suppliers

Vendors

Manufacturers

Contractors

Common Carriers

Warranty Providers

Other Suppliers

Payment Terms

Purchasing

Create Purchase Requests

Purchase_request FKs:

imvw_work_order

imvw_asset

imvw_procedure

imvw_project

imvw_general_ledger

imvw_warehouse

Generate/Review Proof

imvw_purchase_proof

imvw_purchase_proof_blanket

imvw_purchase_proof_sub_part

imvw_purchase_request

Purchase proof Foreign Keys

imvw_part

imvw_contact

imvw_department

Purchase Orders

Level 1: PARENT

imvw_purchase_order

Level 2: CHILDREN

imvw_purchase_order_billing

imvw_purchase_order_total

imvw_po_attribute

imvw_po_attribute_data

imvw_po_code

imvw_po_attachment

imvw_po_comments         

imvw_po_order

imvw_po_receipt

imvw_gl_split_info

Level 3: FOREIGN KEY STRUCTURES (Parent)

imvw_purchase_order_status

imvw_warehouse

imvw_contact

imvw_project

imvw_general_ledger

imvw_currency

imvw_payment_term

imvw_state

imvw_country

Level 4: FOREIGN KEY STRUCTURES (Children)

imvw_part

imvw_craft

imvw_misc_cost

imvw_work_order

imvw_asset

imvw_procedure

imvw_warehouse_location

imvw_code

imvw_code_type         

imvw_attachment

SPECIAL: Purchase Process (Accommodates both manual/auto generate purchase proof)

imvw_purchase_proof

imvw_purchase_proof_blanket

imvw_purchase_proof_sub_part

imvw_purchase_request

Unique FK SPECIAL:

Purchase_request FKs:

**imvw_work_order

**imvw_asset

**imvw_procedure

**imvw_project

**imvw_general_ledger

**imvw_warehouse

Purchase proof Fks:

**imvw_part

**imvw_contact

imvw_department

Projects

Projects

Level 1: PARENT

imvw_project

General Ledger

General Ledger Accounts

Level 1: PARENT

imvw_general_ledger

Level 2: CHILDREN

imvw_budget

imvw_actual_cost

imvw_gl_split_info

View Cost Transactions

Additional Information

Attachments

imvw_attachment

Buildings

imvw_building

Code

imvw_code

imvw_code_type

Countries

imvw_country

Departments

imvw_department

Currency

imvw_currency

Misc. Costs

imvw_misc_costs

Other Costs

imvw_other_costs

imvw_general_ledger

Priority

imvw_priority

Reasons

imvw_reason

States

imvw_states

Status

Asset

imvw_asset_status

Components

imvw_component_status

Contact

imvw_contact_status

Parts

imvw_part_status

Procedure

imvw_procedure_status

Projects

imvw_project_status

Schedules

imvw_schedule_status

Tasks

imvw_task_status

Tools

imvw_tool_status

Work Orders

imvw_work_order_status

Purchase Orders

imvw_purchase_order_status

Tools

imvw_tool

imvw_tool_status

Types

Address

imvw_address_type

Asset

imvw_asset_type

Code

imvw_code_type

Contact

imvw_contact_type

Meters

imvw_meter

Pay

imvw_pay_type

Procedure

imvw_procedure_type

Warranty

Work

Fuel

Fuel Master

Manual

Import

Reports/Graphs

Reports

Categories

(Report Specific View Permissions are Defaulted to imaint_users Role)

imvw_report_server

imvw_rpt_type_category

imvw_rpt_type

imvw_rpt_category

Sites

Current Site

Level 1: PARENT

imvw_site

Level 2: CHILDREN

imvw_site_address

imvw_site_financial_period

Level 3: FOREIGN KEY STRUCTURES (parent)

imvw_warehouse

imvw_country

imvw_currency

imvw_general_ledger

Change Current Site

View Corporate Tree

imvw_corporate

Utilities

View Transaction Logs

Status Change

Asset Location Change

Meter Entry

Activity

Error Log

Management

User Configuration

User Defined Fields

Period End Processing

Forced Data Deletion

VMRS Import

 

Admin

Corporate Structure

Define

Import/Export

Security

Custom Navigation Tree

Form Designer

Labels/Translation

Configure Auto Scheduler

EOQ

 

The iMaint databases contain on average 300 distinct views that enable a high level of security. For each of these views you may select one or more of the following permission types to apply:

• Select

• Insert

• Update

• Delete

Permissions in iMaint are cumulative; a user will receive a union of all the permissions assigned to them.

To explain this further, let’s look at an example.

Let’s say you have three groups called Managers, Mechanics and Admin, and a user called Bob. Bob is a mem­ber of all three groups. If the Managers group contains permission to Scheduling, Mechanics contains permission to Work Requests and Admin contains permission to Pay Rates, then Bob will have permission to all three. Sim­ilarly, if Mechanics are not given permission to Pay Rates then Bob will still be able to access Pay Rates because he is a member of Admin. Permissions will always be taken as the maximum given or assigned to a user across groups.

Default Groups

iMaint comes with a number of pre-defined groups that DPSI has determined to fit the needs of a maintenance department.  Each of these default groups has a pre-defined set of permissions according to their functional needs. DPSI has defined 20 functional application areas to which we define the permissions for the default groups.

 

Group Name	Description
Admin	Access to everything in the system

 

Group Name

Description

Security Admin

Has Select, Update, Insert and Delete access to imvw_corporate_logins (Admin module) imvw_corporate_sites (Admin module) imvw_group (Admin module Groups) imvw_po_status_change_rules (Admin module user profile workflow form) imvw_profile_po_status (Admin module user profile workflow form) imvw_profile_postatus_results (Admin module user profile workflow form) imvw_profile_wo_status (Admin module user profile workflow form) imvw_profile_wostatus_results  (Admin module user profile workflow form) imvw_rpt_type (Admin module user profile form) imvw_tab_suppression (Admin module) imvw_user (Admin module Users) imvw_user_activity_log (Admin module user profile form) imvw_user_profile (Admin module user profile form) imvw_user_profile_form (Admin module user profile form) imvw_user_profile_status (Admin module user profile form) imvw_user_profile_status_chng (Admin module user profile form) imvw_user_status_list (Admin module user profile form) imvw_wo_status_change_rules  (Admin module user profile workflow form)

 

Group Name	Description
Report Admin	Select permission to  imvw_attachment Select, Insert, Update, Delete imvw_report_admin imvw_rpt_category imvw_rpt_layout imvw_rpt_type imvw_rpt_type_active imvw_rpt_type_category imvw_rpt_type_layout imvw_rptinfo_rmptadmin imvw_rptinfo_type imvw_rptinfo_typecat imvw_rptinfo_viewdef

 

Group Name

Description

Mechanic

Select, Update, Insert permissions to Work Orders Select, Update, Insert permissions to Time Cards Select, Update, Insert permissions to Work Request Select permissions to Procedures and Tasks Select permissions to Assets Select, Update permissions to Meter Update Select permissions to Resources Select permissions to Inventory Insert permissions to Create Purchase Requests Select, Update permissions to Projects Select, Update permissions to General Ledger Select permissions to Additional Information Select, Update permissions to iMaint Mobile (not including Inventory)

 

Group Name

Description

Maintenance Manager

Select, Update, Insert permissions to Work Orders Select, Update, Insert permissions to Time Cards Select, Update, Insert permissions to Work Request Select permissions to Scheduling Select, Insert, Update, Delete permissions to Procedures and Tasks Select, Insert, Update, Delete permissions to Assets Select, Insert, Update permissions to Meter Update Select, Insert, Update, Delete permissions to Resources Select permissions to Inventory Insert permissions to Create Purchase Requests Select, Insert, Update, Delete permissions to Projects Select, Update permissions to General Ledger Select, Insert, Update, Delete permissions to Additional Information Select, Update permissions to iMaint Mobile (not including Inventory) Select permissions to Reports Select permissions to Utilities | View Transaction Logs Select permissions to Utilities | Management

 

Group Name

Description

Planner

Select, Update, Insert permissions to Work Orders Select, Update, Insert permissions to Time Cards Select, Update, Insert permissions to Work Request Select, Update, Insert, Delete permissions to Scheduling Select, Insert, Update, Delete permissions to Procedures and Tasks Select, Insert, Update permissions to Assets Select, Insert, Update permissions to Meter Update Select permissions to Resources Select permissions to Inventory Insert permissions to Create Purchase Requests Select, Insert, Update, Delete permissions to Projects Select, Update permissions to General Ledger Select, Insert, Update permissions to Additional Information Select permissions to Reports Select permissions to Utilities | View Transaction Logs Select permissions to Utilities | Management | User Defined Fields

 

Group Name	Description
PO Requestor	Insert permissions to Purchase Requests

 

Group Name	Description
Purchasing Clerk	Select permissions to Work Orders Select permissions to Resources Select, Update permissions to Inventory Select, Insert, Update permissions to Purchasing

 

Group Name	Description
Purchasing Buyer	Select permissions to Work Orders Select, Update, Insert, Delete permissions to Suppliers Select, Update permissions to Inventory Select, Insert, Update permissions to Purchasing Select permissions to Projects Select permissions to General Ledger Select permissions to Reports Select, Update, Insert permissions to Additional Information (not Including Sta­tus)

 

Group Name	Description
Inventory Clerk	Select permissions to Work Orders Select permissions to Assets Select, Update permissions to Inventory

 

Group Name	Description
Inventory Manager	Select permissions to Work Orders Select permissions to Scheduling Select permissions to Assets Select, Update, Insert, Delete permissions to Inventory Select permissions to Projects Select permissions to Reports Select permissions to Utilities | Management | User Defined Fields

 

Group Name	Description
WO Requestor	Insert permissions to Work Requests

 

Group Name

Description

Management

Select permissions to Work Orders Select permissions to Work Requests Select permissions to Scheduling Select permissions to Procedures/Tasks Select permissions to Assets Select permissions to Resources Select permissions to Inventory Select permissions to Purchasing Select permissions to Projects Select permissions to General Ledger Select permissions to Additional Information Select permissions to iMaint Mobile Select permissions to Reports Select permissions to Sites

 

Group Name

Description

Public

Select, Update, Insert, Delete permissions to imvw_application_settings Select permissions to imvw_corporate_sites Select, Update, Insert, Delete permissions to imvw_rpt_type_layout Select permissions to imvw_site Select permissions to imvw_tab_suppression Select permissions to imvw_time_card_unit_cost Select permissions to imvw_time_card_woap Select permissions to imvw_uf_columns Select permissions to imvw_uf_views Select, Update, Insert, Delete permissions to imvw_user_profile Select, Update, Insert, Delete permissions to imvw_user_profile_form Select, Update, Insert, Delete permissions to imvw_user_profile_status_chng Select permissions to imvw_currency Select permissions to imvw_currency_exchange Select permissions to imvw_enums Select permissions to imvw_export_columns Select permissions to imvw_export_log Select permissions to imvw_export_processes Select permissions to imvw_export_views Select permissions to imvw_favorite Select, Update, Insert, Delete permissions to imvw_filter Select permissions to imvw_language Select permissions to imvw_lingual_files Select permissions to imvw_ls_details Select permissions to imvw_ls_languages Select permissions to imvw_messaging_contacts Select, Update, Insert, Delete permissions to imvw_mtree_data Select, Update, Insert, Delete permissions to imvw_mtree_list Select permissions to imvw_mtree_orig Select permissions to imvw_mtrees Select permissions to imvw_profile_po_status Select permissions to imvw_profile_wo_status Select permissions to imvw_query Select permissions to imvw_report_admin Select permissions to imvw_rpt_layout Select permissions to imvw_rpt_type_active

 

Related Topics