# User Permissions

## Control Feature Access

System Administrators can determine who is allowed to add or edit equipment assets within MaintainIt.  Access to these features is controlled by Archibus Security Groups.  Security Groups are typically managed at the role level, but can be applied directly to individual users as well.

The ability to add and edit equipment are controlled by separate security groups.  By default, those groups are EQ-ADD and EQ-EDIT respectively.  There are settings to change which security group to use for controlling add and edit permissions. Those settings are *MaintainIt\_EquipmentAddSecurityGroup* and *MaintainIt\_EquipmentEditSecurityGroup*. See the [Settings ](/system-administration/settings.md)section for more information on how to change those.

<figure><img src="/files/BD7GeYzvij8kDqeVwtdq" alt=""><figcaption></figcaption></figure>

If a user does not have the edit Security Group, they can search and view equipment records in read-only format.  Users without the add Security Group will not see the + button to add new equipment records.

## Assigning Security Groups

Security Groups are typically assigned at the role level. To do that, navigate to System > Archibus Administrator - User and Security > Assign Security Groups to Roles. See also: [Archibus Help Article](https://knowledge.eptura.com/Archibus/Administration/3576-Archibus_Administrator_-_User_and_Security/3578_Security_Groups_and_Roles/4583-Assign_Security_Groups_to_Roles)

Security Groups can be assigned directly to users via one of the 10 Security Group fields in the user record.  This typically requires using Archibus Smart Client application to directly edit the User (afm\_users table) record.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://maintainit.imaginitfm.com/equipment/permissions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.