Asset Bank allows administrators to give a limited amount of admin permissions to users on a group-by-group basis. The permissions that can be granted: User Administration, Reports, and News Administration. When enabled an additional configuration area named Admin Roles will appear in the Admin > Groups page.
Users of groups that have been granted these permissions will see a smaller version of the Admin Panel containing the relevant areas:
Information on the three areas that can be delegated is below:
The left hand navigation admin menu will be visible with the 'Approve Users' and 'Users' sub items visible.
Within the 'Approve Users' area the user will be able to view all of the existing tabs. On the 'Approve User' tab they can process users awaiting approval, specifying the approval status and selecting any user permissions with the exception of the 'Admin User' checkbox which will be disabled. By disabling this checkbox users with the 'User Administer' permission will be prevented from giving any other users greater permissions than they have themselves. They will be also able to view the 'Recently Registered' users list. They can edit any users from the 'Recently Registered' with the exception of full admin users (see below). When editing users from the recently registered tab the 'Is Admin' check box will be disabled.
With the 'Users' area the user will be able to view all of the existing tabs. On the 'Manage Users' tab they can find users, delete users, message users, reset passwords, add new users and edit existing users, with the exception of full admin users (see below). When adding or editing a user all existing fields will be available except for the 'Admin User' checkbox which will be disabled. By disabling this checkbox users with the 'User Administer' permission will be prevented from giving any other users greater permissions than they have themselves. They will be able to use the 'log in as this user' functionality again with the exception of full admin users (see below).
Throughout the entire user management area the ability to perform edits on a user (including deletes or password resets) and the ability to log in as a user will not be available on full admin users. In this way users with the 'User Administration' role will only be able to administer users with permissions the same level or below them.
They will also be able to use the existing import and export user functionality, group message users and have full administrative control over the user field configuration.
The left hand navigation admin menu will be visible with the 'Reports' sub item visible.
Within the 'Reports' area the user will be able to view and run all exiting reports on all exiting report tabs. It is important to note that via the reports area the user will be able to access information on all assets in the Asset Bank regardless of the configured permissions the user has on assets/folders. Any links which take the user outside of the reports area (e.g to view/edit assets) will continue to respect the configured permissions but while within the reports area the user will be treated as though they were a full admin user and shown all the resulting report data.
The left hand navigation admin menu will be visible with the 'Content' sub item visible.
Within the 'Content' area, the 'News' tab will be visible. Users with the 'News Administration' permission, who are not full admin users, will not be able to see the other tabs in the 'Content' admin area and will be taken directly to the 'News' tab when they click on the 'Content' menu item. Full admin users will continue to see the other tabs in the 'Content' admin area and the 'Content' menu item will still take them to the existing 'Manage Content' page.
From within the manage news area users with the 'News Administration' permission will be able to add, edit, publish, un-publish and delete news items.
If you host Asset Bank on your own servers, your IT team will need to ensure use-group-roles=true in the ApplicationSettings.properties file, then restart apache tomcat to action the change.