You are currently reviewing an older revision of this page.

Access Levels

Access levels in OpenGround are structured hierarchically as presented in the figure below

System Administrator Access
This is the highest level of access a user can have on the system. These users will have full unrestricted access to all the functions, controls and projects in OpenGround.  
This access level is typically reserved for the organisations Power users that need full control on the platform and setting up the system for the entire organisation.

System Level Access
This is the same “System Administrator Access” but allows access restrictions to be placed on the user via Security Groups. This Access level is not associated with any particular project but at the system level. Examples of this is the Project Creator Group which contains the Create Project role.

Project Level Access
This user access level is defined in reference to a project and controlled via Security Groups.
Example: User 1 could be assigned a “View Only” Security Group to Project 1, but also assigned “Project Manager" Security Group for Project 2.
The roles in this access level suitable for users that are working within a project.

Security Groups and Roles
Specific access within System Level Access and Project Level Access are controlled within via Security Groups, and is made up of individual Security Roles. This is designed to give granular control over user’s access within each Security Group.
The below figures presents creation of security groups in System level and Project level access, and assigning roles to Security Groups

Note: You can delete security groups, however OpenGround will not allow deletion of groups that have been already assigned to a user and will give an error message.

System Level Access Vs Project Level Access

  • System level Access Groups are assigned to users and is project independent
  • Project level Access Groups are assigned to a user and must reference a project
  • Security groups that are assigned to system level will have more roles available for assignment compared to Project level groups, refer the current available roles figure and default security group presented below
  • Users can hold both a System level access group and a Project level access group at the same time.
  • System level access group roles will take priority over Project level access group Meaning if you have a user assigned to a Project level group with only the View Data role but the user has also been assigned System level group with View data and Edit Data roles, the system level group will take precedence. As such it is recommended that when creating security groups, unless explicitly required, to minimise the overlapping roles between a system level and project level security group.

Full list of available roles in system level access and project level access is presented in figure below

Security Roles

Communities
Support and Services
Training and Learning
Social Media