In the Access Rights view of the device editor, define the device access rights of device users to objects in the controller.
In order for the Access Rights view to be available in the device editor of controllers, activate the Show access rights page option in the Tools > Options > Device Editor dialog box. Furthermore, Users and Groups management must be set up in the controller.
Access Rights view of the device editor
Modifying Access Rights to Controller Objects in the Users and Groups Management of the Controller
|
Step |
Action |
Comment |
|---|---|---|
|
1 |
Double-click the controller node in the Devices tree. |
Result: The device editor opens. |
|
2 |
Select the Access Rights view. |
– |
|
3 |
Click the Synchronization button |
If you are not logged in to the controller yet, then the dialog box Device User Login opens. It allows you to enter the user name and the password. Result: The Access Rights management configuration of the controller is displayed in the editor. |
|
4 |
In the Objects tree structure on the left-hand side, select the object. |
Result: In the Rights area on the right-hand side, the access rights of the selected object are displayed in a table for the configured user groups. |
|
5 |
In the Rights table, double-click the right you want to modify. |
If the selected object has child objects, a dialog box is displayed, prompting you whether you want to modify the rights for the child objects at the same time. |
|
6 |
Click Yes or No to modify the rights of the child objects and to close the dialog box. |
Result: The rights are switched from allowed to not allowed or vice versa. The symbol in the table cell is modified accordingly. Rights that are set explicitly are displayed in the table by green or red symbols. Rights that are inherited from a parent object are displayed in the table by gray symbols. |
Toolbar of the Access Rights View
The toolbar provides the following elements:
|
Element |
Description |
|---|---|
|
Synchronization |
Click the Synchronization button to switch on / off the synchronization between the editor and the Access Rights management in the controller. If Synchronization is not activated, then the editor contains an Access Rights management configuration that has been imported from disk, or it does not contain any configuration at all. If Synchronization is activated, the data displayed in the editor is continuously synchronized with the Access Rights management configuration on the connected controller. If you invoke Synchronization while the editor contains an Access Rights management configuration that is not synchronized with the device, you are prompted to decide what will be displayed in the editor: oUpload from the device and overwrite the editor content: The Access Rights configuration from the controller is loaded to the editor. The contents of the editor is overwritten. oDownload the editor content to the device and overwrite the user management there: The configuration from the editor is loaded to the controller. The contents of the controller is overwritten. |
|
Load from disk |
Click the Load from disk button to open a dialog box for selecting and importing a user access rights management configuration from the disk. When you click the button in the Access Rights view, the file type is by default set to Device rights management files (*.drm). |
|
Save to disk |
Click the Save to disk button to open a dialog box for saving a file to the disk. When you click the button in the Access Rights view, the file type is by default set to Device rights management files (*.drm). |
|
Device user |
Name of the user who is logged into the controller. |
In the Objects tree structure on the left-hand side, the objects are listed that allow actions to be executed in runtime mode. The objects are assigned by their object source. They are partially sorted in object groups. In the Rights area on the right-hand side, you can configure the access options of the selected object for a user group.
On the top level of the Objects tree structure there are two object categories grouped in folders:
oFile system objects
oRuntime system objects
Indented below the object categories, there are further subnodes. The subnode Device, for example, can, in turn, have the following subnodes:
oLogger
oPlcLogic
oSettings
oUserManagement
In the Rights area on the right-hand side, the access rights of the selected object are displayed in a table. For every user group, it displays the rights configured for the possible actions on the selected object.
The following actions can be configured for the object:
oAdd/Remove
oModify
oView
oExecute
The symbols represent the access rights:
|
Icon |
Description |
|---|---|
|
Access (action) is permitted explicitly. |
|
Access (action) is denied explicitly. |
|
The access right has been inherited from the parent object. |
|
Access has not been permitted or denied explicitly, even for the parent object. No access is possible |
|
No icon |
Several objects with different access rights are selected. |
To modify an access right, click the symbol.
Printing the Access Rights Definition
To print the settings of the Access Rights view, execute the command Print from the File menu or the command Document from the Project menu.
to load the