Resource Pool Security

Access to a resource pool is controlled primarily through access grants set in the security group definitions. Additionally, the user who creates a resource pool can specify a list of users who can view it, edit its basic information, edit its lines, or edit its security.

Resource Pool Access Grants

Users are linked to access grants through the security groups to which they belong. The access grants related to resource pools are discussed in more detail in Table 4-3. Resource pool access grants. Without these access grants, a user cannot view or edit a resource pool regardless of whether or not they are specified in the list on the resource pool's Configure Access page. For more information on access grants and security groups, see the Security Model Guide and Reference.

Table 4-3. Resource pool access grants

Access Grant

Description

View Resource Pools

The user can view any resource pool for which they are on the Configure Access page list.

View All Resource Pools

The user can view any resource pool in the system, even if they are not listed in the View or Edit list.

Edit Resource Pools

The user can edit any resource pool for which they are on the specified Edit list.

Create Resource Pools

The user can create new resource pools. Supplemental to the Edit Resource Pools or Edit All Resource Pools access grant.

Edit All Resource Pools

The user can edit any resource pool in the system.

Edit All resources

The user can edit any resource in the system. This access grant is needed to modify resource participation across resource pools.

Edit only resources that I manage

The user can edit any resource they manage. This access grant is needed to modify resource participation across resource pools.

Resource Pool Configure Access Page

The Configure Access page for a resource pool is used to grant additional editing access to the resource pool to each user on the list individually. All users listed on the Configure Access page minimally have viewing access.

Note: Without the proper access grants, a user cannot view or edit a resource pool regardless of whether they are specified in the list on the resource pool's Configure Access page. See Resource Pool Access Grants for more detailed information.

The Configure Access page options are discussed in more detail in Table 4-4. Security Options for Resource Pool Configure Access page.

Table 4-4. Security Options for Resource Pool Configure Access page

Option

Description

View Access

The user can view the resource pool but not edit its information. Any user listed has View access.

Edit Header

The user can edit the resource pool's header information, but nothing else.

Edit Unnamed Headcount

The user can edit the lines in the resource pool that specify roles, but nothing else.

Edit Security

The user can use the Configure Access page to edit viewing or editing security for the resource pool.

Using Configure Access Page

To set up a list of users with View or Edit access to a resource pool:

  1. Open the Resource Pool page.

    If you have permission to modify the resource pool, the Configure Access selection is enabled.

  2. Click More > Configure Access.

    The Configure Access for Resource Pool page opens.

  3. Add a user to the list by click Add User and making a selection from the list.

  4. Configure each user's access individually by selecting the checkboxes under each category.

    Granting Edit access automatically grants the user View access. See Table 4-4. Security Options for Resource Pool Configure Access page for more detailed information on each option.

  5. Click Done.

If you have Edit Security access grant for the Configure Access for Resource Pool page, you can add a security group to or remove a security group from the resource pool.

To add a security group to a resource pool:

  1. Open the Configure Access for Resource Pool page.

  2. Click Add Security Group.
  3. Select the desired security group.
  4. Configure the security group's access by selecting the checkboxes under each category.

    The View access is automatically granted to the security group.

  5. Click Done.