Documentation for C-Werk 2.0.
Previous page
Next page
On this page:
General information about Roles, Users, and Permissions
In C-Werk, every user has permissions based on his role.
| Term | Description |
|---|---|
| Role | Defines a set of permissions for users in C-Werk. Several users can have the same role in C-Werk. |
| User | An account in C-Werk. Each user can be assigned to one or more roles. In this case, the user’s permissions are summed up from all the roles which the user has, i.e., the permissions with the widest access to configuring the components of C-Werk are selected from all user roles. The user logs into the system using a unique username and password. |
| Permissions | Determine what actions a user can perform in the system. These actions may include administering, managing and monitoring the components of a video surveillance system. Permissions are configured along with roles and are granted to users assigned to the corresponding roles. |
For example, three Manager users are assigned the Supervisor role. Users have permissions to monitor and manage video surveillance system components. User permissions are configured when creating a role.
By default, there is one role (admin) and one user (root). The root user belongs to the admin role and has rights to configure all components of the video surveillance system. To add a user with individual permissions, create a new role with the necessary permissions and then create a new user account.
Note
Only admin users can create other admin role users.
Common algorithm for setting permissions
To register users with individual permissions, it is necessary to create a new role with these permissions and a new user account. To do this:
- Create a new role on the Users tab (see Creating and configuring roles).
- Configure permissions for the new role.
- Register new users for the role (see Creating local users).
- Enter additional information about users.
There are two types of users: local (stored in the Server database) and LDAP (see Connecting LDAP users).
To enable LDAP users, you must configure access to LDAP catalogs.
The actions of all system users are recorded in the system log (see The System Log).
Note
The following user actions are logged:
- login and log out of the Client;
- unsuccessful login attempt;
- adding, editing and removing hardware settings, archive or detectors;
- creating, editing and removing macros;
- adding, editing and removing user permissions;
- alarm initiation triggered by video camera;
- arming and disarming the video camera;
- controlling a PTZ camera;
- creating and editing comments;
- exporting frames and video recordings.
In all user-specific events, the user IP address is indicated.
Types of permissions to access hardware, archives and macros
In C-Werk, it is possible to set user permissions both for a specific device (object) and for a group of devices. Specifics of object and group permission types are described in the table below.
| User permission type | Usage | Priority |
|---|---|---|
| Object | Configuring access to a specific device, archive or macro in the system | Highest |
| Group | Configuring access to all cameras added to a group (see Creating a Group object). | Priority below Object permissions Note
|
| Default | Configuring access to all devices, archives or macros that will be created in the system. If Group or Object rights are not assigned to the device after its creation, then the default permissions are applied. | Priority below Group permissions |
Overview
Content Tools