Security
Summary
The ADISRA SmartView Security Guide document clarifies how the ADISRA SmartView security system works internally and the steps needed to configure.
The document explains how to manage profiles and users, verify the logged-in users, how to import profiles from the LDAP service, and how to customize the application adding different access permissions to different profiles.
The Security Settings allows the user to create profiles and users to add a layer of security to the project. It is possible to add security to the Engineering and Runtime.
- If the Security System is enabled for the Engineering, it is possible to prevent unauthorized users from editing the application.
- If the Security System is enabled for the Runtime, it is possible to give different access permissions to different profiles, preventing a group of users to change tag’s values, opening screens, deleting information and so on.
When editing the profiles or users, the runtime application will need to be restarted for changes to take place.
Profile Permissions
When creating and editing profiles, there will be permissions settings for each profile, the permissions are:
- Can Do Action: Determines if the profile has permission to perform
actions inside a graphic or graphic object actions, mostly scripts. - Can Open Graphics: Determines if the profile has permission to open
Graphics, for example, if a button has an action that will open a graphic
or open a graphic through the Viewer icon in the system tray. - Can Close Graphics: Determines if the profile has permission to close
Graphics, for example, if a button has an action that will close a graphic
or close a graphic through the window icons. - Can Start App: Determines if the profile has permission to start the
Runtime of an application. - Can Shutdown App: Determines if the profile has permission to stop
the Runtime of an application. - Can Switch Tasks: Determines if the profile has permission to switch
between tasks of the system. - Can Open Task Manager: Determines if the profile has permission to
open the task manager of the system. - Is ReadOnly: A profile with ReadOnly permission can only see the
application, but cannot see or change the values of tags, and can execute
buttons with simple scripts like open a graphic.
These permissions will be the default permissions for the graphics and graphics objects, but the permissions can also be set for each graphic or object and if it will or will not use the default. Overriding the default permissions can be done in the properties grid in the security area as we will see an example later in this page.
Users & Profile Settings
To open the “Users & Profile” window, go to the security ribbon and click on “Users & Profiles”:
The “Users & Profile” window will open:
Create Profile
To create a profile, click the “new” button:
Edit Profile
To edit a profile, select the desired profile, then rename it and change the
permissions:
Delete Profile
To delete a profile, select the desired profile then click the “Delete” button:
Local Users Settings
The Local Users are managed by ADISRA SmartView.
To open the “Users & Profile” window, open the settings ribbon, then select
security, and click on “Users & Profiles”:
The “Users & Profile” window will open, then click the “Local Users” tab:
Create User
To create a Local User, click the “new” button, and then set the name, login
username, password, and the profile.
Edit User
To edit a Local User, select the desired user, then rename it and change the
login:
To change the password, click the “Change Password” button, it will open the
“Change Password” window, type in the new password, and confirm it, then
click “OK”:
To assign the local user to a profile created in the previous chapter, use the
Profile combobox to select an existing profile:
Delete User
To delete a Local User, select the desired user, then click the “Delete” button: