GIS administrators can establish access and privileges to the Feature Server. If the feature server is secured, every user assigned to the feature server (i.e. granted access) inherits the privileges that are established on the feature server. If the feature server is NOT secured, then all users have access to it and inherit the feature server privileges.
When the feature server is secured, user access is established as shown in the screenshot below.
ArcGIS server Manager < Service < Security < Users tab
Privileges are established at the feature server level. In other words, the feature server privileges apply to ALL layers within a feature server.
Privileges are:
-
Ability to add new features (‘Create’ checkbox in screenshot below must be selected)
-
Ability to edit feature attributes (‘Update’ checkbox in screenshot below must be selected)
-
Ability to edit feature geometry (‘Allow Geometry Updates’ checkbox in screenshot below must be selected)
ArcGIS server Manager < Service < Capabilities tab
-
Privileges established for the feature server are honored regardless of whether it has been federated to a portal.
There is currently no ability to delete a feature in the Mobile Transit app, so the ‘Delete’ checkbox shown here does NOT serve a purpose within the app.
If the feature server is ‘per replica’ then any changes made to privileges on the feature server, after replicas have been downloaded to the mobile device, will NOT be honored when the mobile device copy is synced back to the GIS server replica.
-
This is because the server replica does NOT know about changes made on the feature server. The server replica privileges remain the same as the mobile device version; therefore, no discrepancy will be seen during mobile sync. However, during reconciliation to the default version these checks will be performed.
-
It is recommended that administrators first synchronize mobile versions to the server and then perform a reconciliation to the default version prior to making privilege changes to the feature server. Then upon sync to the mobile device the device will receive these privilege changes.
Touchpoints for access and privileges within the Mobile Transit app are as follows:
-
Synchronization:
-
Download - System verifies access to the map.
-
Upload – System verifies feature server privileges.
-
-
Map View:
-
Add Feature – System verifies permissions to create new features when this link is clicked.
-
Edit Geometry – System verifies privileges to edit feature geometry when this link is clicked.
-
Edit – System verifies privileges to edit feature attributes when this link is clicked.
-
-
Equipment < Highlight on Map icon:
-
System verifies access to the map when this icon is clicked.
-
-
Checklist tab for Work Order < Locate From Point/Locate To Point icons:
-
System verifies access to the map when either of these icons are clicked.
-
-
Work Order < Highlight on Map icon:
-
System verifies access to the map when this icon is clicked.
-
-
Equipment tab for Work Order < Highlight on Map icon:
-
System verifies access to the map when this icon is clicked.
Configuring for SAML authentication:
-
Go to GIS portal.
-
Select Content tab.
-
Click Add Item.
-
Select Mobile radio button.
-
Set SDK = Mobile.
-
Fill in remaining fields and click Add Item button.
-
After creating the app.
-
Select Settings | General tab.
-
Scroll down to App Registration section and click Register button.
-
Complete registration process to obtain the App ID necessary for the MOBGAPID installation parameter in EAM.
-
Redirect URL details:
-
iOS app redirect url should be app bundle id followed by text "://GISAuth" (example: com.infor.EAMTransit://GISAuth)
-
Android app redirect should be package name/Application Id followed by text "://GISAuth" (example: com.infor.eam.transitapp://GISAuth)
-
-
-
Log into EAM desktop application.
-
Go to Installation Parameters screen.
-
Set installation parameter GISAUTH = OAUTH2
-
Set installation parameter MOBGAPID = <App ID value>.
The Mobile Transit application feature service should be federated to GIS portal. This is a requirement for OAuth support.