User Permissions at action level
Database owners can set user access permissions to a selected Group (i.e. Master Group, Model Group, etc) in the master database. These permissions are implemented at action level and are designed to prevent specific users from performing certain actions.
Permissions at action level can be implemented if user permissions have been enabled for the database.
Display the Edit Group Permissions dialog by right-clicking on a Group in the Explorer Window and selecting Advanced then Edit group permissions from the popup menu.
This menu option is only available if you are a Database Owner.
Action roles can be selected along with more general roles from the Roles dropdown list. Available action roles are:
- Live Owner
- Live Control Room Manager
- Live User
- Live Viewer
- TSDB Owner
- TSDB Editor
- TSDB User
- TSDB Viewer
See User Permissions for an overview on each of these action roles.
The table below summarises the actions that are permissionable as well as the roles that are required:
Action | InfoWorks ICM | ICMLive Operator Client | Role Required |
---|---|---|---|
Edit manifests and manifest deployments (excluding the five specific actions below) |
|
|
Live User, Live Control Room Manager or Live Owner |
|
|
|
Live Control Room Manager or Live Owner |
|
|
|
Live Control Room Manager or Live Owner |
|
|
|
Live Control Room Manager or Live Owner |
|
|
|
Live Control Room Manager or Live Owner |
|
|
|
Live Control Room Manager or Live Owner |
Edit TSDB objects (Add / delete time series streams) |
|
|
TSDB Owner or Live Owner |
Apply edits and update TSDB data |
|
|
TSDB Editor, TSDB Owner or Live Owner |
Time Series Database Grid editable |
|
|
TSDB Editor, TSDB User,TSDB Owner or Live Owner |
Refresh time series database(s) from external sources before starting run (option available from the TSDB Options dialog). |
|
|
TSDB Editor, TSDB Owner or Live Owner |
Permissioned dialogs or options will be read-only for users who have not been assigned the required roles. Alternatively, a warning message of the type of the screenshot shown below will be displayed if users attempt to perform an action for which they do not have the required permission:
The table summarises the differences between the various Live roles:
Action | Live Owner | Live Control Room Manager | Live User | Live Viewer |
---|---|---|---|---|
Full edit privileges over all items (such as manifests and manifest deployments) in a Live Group) |
|
|
|
|
Edit manifests and manifest deployments |
|
|
|
|
Edit manifest mode of operation |
|
|
|
|
Set / reset alert (full model run) trigger |
|
|
|
|
Generate manual runs in the Operator Client |
|
|
|
|
Deploy / undeploy manifest deployment |
|
|
|
|
Modify action status |
|
|
|
|