Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

Version 1 Next »

In principle, the Web Manager uses a role-based authorization mechanism. There are four different roles: 

  • Super Administrator
  • Administrator
  • Manager
  • Viewer
  • None

For each role, app permissions are defined. These permission define the actions that a user is allowed to do within app.

For each user, the role for each app can be defined separately. To ease the configuration for system with lots of users, this assignment can also be done using groups. This means, for each group the roles for each app can be defined. Thus, users that belong to a group inherits the roles from the group.

Dashboard

  • Super Administrator:
    • A Super Administrator is allowed to do all settings for users, groups and roles.
      • Exceptions: 
        • He or she is not allowed to disable the role "Super Administrator" by his- or herself. In addition, it is not allowed to deactivate his- or herself.
        • A Super Administrator has no valid time range
  • Administrator, Manager, Viewer:
    • He or she only sees his- or herself
    • It is only allowed to change the following properties:
      • Full name
      • Description
      • Language
      • Date format
      • Password
  • Super Administrator:
    • Trending objects: full access
    • Chart objects: full access
  • Administrator: 
    • Trending objects: full access
    • Chart objects: full access
  • Manager:
    • Trending objects: read-only i.e. properties are shown. Values can be shown within charts and tables. It is not allowed to create, edit or delete objects.
    • Chart objects: full access
  • Viewer:
    • Trend objects: read-only i.e. properties are shown. Values can be shown within charts and tables. It is not allowed to create, edit or delete objects.
    • Chart objects: read-only i.e. properties are shown. Values can be shown within charts and tables. It is not allowed to create, edit or delete objects.

Alarme

  • Administrator
    • Config: Vollzugriff (anlegen, bearbeiten, löschen)
    • Liste: Vollzugriff 
  • Manager
    • Config: keine Berechtigungen (Menüpunkt komplett ausblenden)
    • Liste: Vollzugriff 
  • Viewer
    • Config: nichts
    • Liste: nur Anzeigen (Acknowledge, Suppress, Archive Buttons sollen ausgeblendet werden). Umschalten auf New, Old, History möglich. Detailansicht möglich

Scheduler

  • Administrator
    • Vollzugriff 
  • Manager
    • Vollzugriff
  • Viewer 
    • read-only

Visualization

  • Administrator
    • Vollzugriff
  • Manager
    • Vollzugriff
  • Viewer
    • read-only

Explorer

Union Permissions aus Scheduler, Alarms, Trending

Templates

  • Administrator
    • Vollzugriff
  • Manager
    • Vollzugriff
  • Viewer
    • read-only

Reporting

  • Administrator
    • Vollzugriff
  • Manager
    • Vollzugriff außer Designer
  • Viewer
    • ad-hoc Reports ausführen
    • bestehende Report Instanzen ausführen aber nicht ändern
    • Designer ausblenden
    • History

Metering

  • Administrator
    • Vollzugriff
  • Manager
    • TBD
  • Viewer
    • read-only

Shutter

TBD

  • No labels