Documentation for C-Werk 2.0.

Previous page Cyclical macros  Creating and configuring roles Next page

On this page:


General information about Roles, Users, and Permissions

In C-Werk, every user has permissions based on his role.

TermDescription
Role

Defines a set of permissions for users in C-Werk. Several users can have the same role in C-Werk.

User

An account in C-Werk. Each user can be assigned to one or more roles. In this case, the user’s permissions are summed up from all the roles which the user has, i.e., the permissions with the widest access to configuring the components of C-Werk are selected from all user roles.

The user logs into the system using a unique username and password.

Permissions

Determine what actions a user can perform in the system. These actions may include administering, managing and monitoring the components of a video surveillance system. Permissions are configured along with roles and are granted to users assigned to the corresponding roles.

For example, three Manager users are assigned the Supervisor role. Users have permissions to monitor and manage video surveillance system components. User permissions are configured when creating a role.

By default, there is one role (admin) and one user (root). The root user belongs to the admin role and has rights to configure all components of the video surveillance system. To add a user with individual permissions, create a new role with the necessary permissions and then create a new user account.

Note

Only admin users can create other admin role users.

Common algorithm for setting permissions

To register users with individual permissions, it is necessary to create a new role with these permissions and a new user account. To do this:

  1. Create a new role on the Users tab (see Creating and configuring roles).
  2. Configure permissions for the new role.
  3. Register new users for the role (see Creating local users).
  4. Enter additional information about users.

There are two types of users: local (stored in the Server database) and LDAP (see Connecting LDAP users).

To enable LDAP users, you must configure access to LDAP catalogs.

The actions of all system users are recorded in the system log (see The System Log).

Note

The following user actions are logged:

  • login and log out of the Client;
  • unsuccessful login attempt;
  • adding, editing and removing hardware settings, archive or detectors;
  • creating, editing and removing macros;
  • adding, editing and removing user permissions;
  • alarm initiation triggered by video camera;
  • arming and disarming the video camera;
  • controlling a PTZ camera;
  • creating and editing comments;
  • exporting frames and video recordings.

In all user-specific events, the user IP address is indicated.

Types of permissions to access hardware, archives and macros

In C-Werk, it is possible to set user permissions both for a specific device (object) and for a group of devices. Specifics of object and group permission types are described in the table below.

User permission typeUsagePriority
Object

Configuring access to a specific device, archive or macro in the system

Highest
Group

Configuring access to all cameras added to a group (see Creating a Group object).

Priority below Object permissions

Note

  • If the camera belongs to several groups with different access levels assigned to them, the user permissions with the highest access level are used.
  • If the camera belongs to a child group, then the permissions defined for the child group will take precedence when determining access to the camera
Default

Configuring access to all devices, archives or macros that will be created in the system.

If Group or Object rights are not assigned to the device after its creation, then the default permissions are applied.

Priority below Group permissions
  • No labels