Roles and Claims
The Brightly Assetic uses Roles to limit a user's access to various parts of the platform.
Roles
Roles apply on a platform and module level to limit a user’s ability to both view and change specific parts of the platform.
For example, an Accountant cannot assign work requests or a Maintenance Supervisor create assets without the appropriate user role.
However, as a user’s role within their organization can be multi-tasked, so too can roles be stacked up to provide greater access to the Assetic platform.
Example: Wendy has the Data Collector, Assessments Admin, and Assets Manager roles.
Based on the permissions diagram this gives her editing rights in both the Assets and Assessments modules as well as read access to all the other modules.
It is worth noting that her Data Collector roles are not needed as she already has higher permissions via the Assessments Admin Role. 
*Module read access is for embedded module content like work order history in the assets area. It does not give a user access to the module itself.
Claims
Each role has a series of permission claims. These are also cascading in that if a role has the Delete claim, it also has the Update, Create and Read claims.
