Issue
Examples of Permissions for specific actions needed for Access Expert
Product Line
EcoStruxure Access Expert
Environment
Access Expert V3 Hosted
Cause
How to configure permissions in Access Expert for specific actions
Resolution
Overview
The Permission model in Keep is based on granular permissions at the API level. To review the Permissions basics, visit the User Group page. This article will break down permissions by the desired action within the Keep by Feenics application.
*Note: The API level permissions mean that once permissions are set up in the windows client, they apply to the web client and mobile client.
Permissions Options
The 5 options on individual permissions are listed below.
|
Create |
Read |
Update |
Delete |
Publish |
|
To ‘save’ a new object. |
To view existing objects. |
Once the object is created, changes can be made. |
To remove objects. |
Allows events related to the object to be published in the system. Example: publishing a pulse reader command requires the ability to Publish on that reader. |
Examples
The examples listed below are showing the minimum requirements to do the action listed. To be able to do multiple actions, combine the listed permissions.
How to log in to Instance
- Instance – Read
View Event History
- Event Message - Read
View Live Monitoring
- Event Message - Read
Acknowledge Events
This permission group allows a user to view Live Monitor and Event History, open the Alarm, Acknowledge the Alarm, view the Person image associated with the alarm, and attach images to the alarm.
- Instance - Read
- Event Message – Read and Update
- Image - Read
- Person - Read
Unlock Door
- Instance - Read
- User - Publish
- Controller - Read and Publish
- Downstream - Read and Publish
- Reader - Read and Publish
- Event Types: Mercury Commands - Unlock
*Note: To Change the action allowed, simply change the Mercury Command allowed.
Update Reader Modes
This permission group allows a user to view Live Monitor and Event History, open and modify reader modes.
- Instance - Read
- Event Message – Read
- Reader - Read, Update, Publish
- Add and Remove Linking
- Schedule - Read and Publish
- Add and Remove Linking
- Trigger - Read, Update, and Publish
- Add and Remove Linking on all object types.
- Procedure - Read, Update, and Publish
- Add and Remove Linking
- Downstream - Read and Publish
- Controller - Read and Publish
- Add and Remove Linking
To Add and Remove Favourites
- All Types - Add and Remove in Linking Column
Add Widgets
- Keep Object - Read and Update
Print Badges
- Badge type - Read
- Badge type field - Read (Note:If you are only allowing tagged badges, the badge type field must not have a tag associated).
- Image - Read
- Person - Read
*Note: If the user needs to assign the badge type, then the "Add" column in the Linking section for Badge types must be selected on the Person permission.
To Play Sounds
- Image - Read
- Generic - Read
Run "Access Request Report"
(Reports on a persons access granted and denied events that day on ALL or specified readers.)
- Instance - Read
- Person - Read
- Reader - Read
- Event Message - Read
Access Rights for Person Report" or "Reader"
- Instance - Read
- Person - Read
- Reader - Read
- Event Message - Read
- Access levels - Read
To view "Local Area's"
- Instance - Read
- Area - Read
- Controller - Read
- Person - Read
To Add Admin HID Origo Mobile Credentials
- Advanced Actions "OrigoAdmin"
Other permissions required will be dependent on other actions required for the user
To View Elevator Floor Status
- Reader - Read
- Floor - Read
To Assign Elevator Floors to a Reader
- Reader - Read
- Floor - Read, Link Elevator Reader (add to add and remove to remove)
Allow modifying objects with a specific Tag
- All Types – Read, Linking - Add, remove
- All Types - Read, Update, Delete, Publish, Linking - Add and Remove, Tags - specific desired tag
- Events - Desires Mercury/Bosch Commands
Specify the desired tag in the Tags column. This permission group does not allow the group to ADD new objects simply modify or delete existing objecting with the specific tag.
Related articles:
Group Permissions
Event History and Live Monitoring Site Permissions
