Skip to main content

i4connected Knowledge Base

Permissions

Abstract

Check out this article and learn more details about the permissions set introduced by the i4connected 5.6 version.

The list of permissions is a predefined set of rights, governing all aspects of the application. The user can either assign a role to an entire category of permissions or chose the effective permissions individually. The built-in permissions table provides information on the relevance of the permission when assigned either globally or at the hierarchy level.

Tip

The Assignment relevance column of below table indicates the level on which the permission takes effect, after the assignment to a role is done, as follows:

  • Permissions having a Global assignment relevance Global.jpg guard system-wide or administrative actions that require high authority rights.

  • Permissions having a Hierarchical assignment relevance hierarchical.jpg guard limited hierarchical entities actions that do not require advanced rights or system knowledge.

  • Permissions having a Privileged assignment relevance Privileged.jpg guard special actions that require super-user rights.

  • Permissions having both Global and Hierarchical assignment relevance guard system-wide actions concerning hierarchical entities.

  • Permissions having both Global and Privileged assignment relevance guard system-wide or administrative actions, that require the special rights of a super-user.

The permission list is composed of built-in permissions and extended permissions.

Built-in permissions

Category

Permission name

Description

Assignment Relevance

System

Manage configuration

Allows managing the system configuration and the global items, such as:

  • Signal types

  • Site types

  • Key Performance Indicators

  • Measure Aggregations

  • Measure Groups

  • Entity variables

  • Device Manufacturers / Models / Types / Versions

  • Translations

  • Weather normalization

  • i4connected global settings, processed under the Edit settings panel

  • Locking Sites, Areas, Organizational Units for delete

  • other general system settings

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Privileged Privileged.jpg

Manage shared filters

Allows saving filter settings as global (shared) filters, as described in The Object Filter article.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Manage shared tiles

Allows managing tiles that are shared by all system users, as described in the Tile management article.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Manage personal tiles

Allows managing tiles that are available only to the currently logged-in user, as described in the Tile management article.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Import (append)

Allows all import operations that offer an append or merge conflict resolution action. These resolution actions are generally non-destructive.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Import (overwrite)

Allows all import operations that offer an overwrite resolution action. These resolution actions are generally destructive (they overwrite existing data) so extra caution is advised.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Manage personal panels

Allows the currently logged-in user to manage his / her personal panels.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Pin shared panels

Allows pinning default panels that are shared by all the system users.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Close shared panels

Allows closing default panels which are shared by all the system users.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Security

Configure security

Allows configuring roles and permissions. Users having this permission enabled can add, edit, link, and delete roles. For more details, please also visit the User roles article.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Configure privileged security

Allows configuring privileged roles and permissions. Users having this permission enabled can add, edit, link, and delete Privileged roles. Without this permission, Privileged roles will not be visible for further modifications.

For more details, please also visit the User roles article.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Privileged Privileged.jpg

View users

Allows listing the users to which the current user has a relationship.

The user having this permission available will be allowed to view only the users having equal or inferior roles and permissions.

For more details about Users management, please also visit the dedicated article.

Having this permission set on a global level, allows the user to view all the users to which he/she has a relationship in all hierarchical contexts.

Having this permission set on a hierarchical level, allows the user to view all the users to which he/she has a relationship, only on the hierarchical level where the explicit assignment was done.

Global Global.jpg

Hierarchical hierarchical.jpg

View all users

Allows listing all the users in the system.

For more details about Users management, please also visit the dedicated article.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Privileged Privileged.jpg

Manage user accounts

Allows the following management rights:

  • create new user accounts

  • delete user accounts

  • activate / deactivate user accounts

  • reset other users passwords

This permission requires one of the View users / View all user's permissions.

For more details about Users management, please also visit the dedicated article.

Having this permission set on a global level, the user is allowed to view and manage all the users belonging to a shared hierarchical entity, if the View user's permission is also enabled. If the View all users permission is enabled, the user will be allowed to view all system users, but manage only those belonging to a shared hierarchical entity.

Having this permission set on a hierarchical level, the user is allowed to view and manage all the users belonging to a shared hierarchical entity, if the View user's permission is also enabled. If the View all users permission is enabled, the user will be allowed to view all system users, but manage only those belonging to a shared hierarchical entity.

Users having privileged rights assigned will be visible to the currently logged-in user, but can only be managed by another privileged user.

For more details about the Entity role assignments feature, please also visit the dedicated article.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage users

Allows the following management rights:

  • edit other user's details

  • assign roles (the list of roles depends on the rights of the currently logged in user)

  • assign reports (provided that the user also has report relevant permissions enabled)

  • copy other users rights (the list of displayed users, depends on the rights of the currently logged in user)

  • invite new users to hierarchical entities to which the currently logged-in user has both access and management rights.

This permission requires one of the View users / View all user's permissions.

For more details about Users management, please also visit the dedicated article.

Having this permission set on a global level the user is allowed to view and manage all the users belonging to a shared hierarchical entity if View users permission is also enabled. If the View all users permission is enabled, the user will be allowed to view all system users, but manage only those belonging to a shared hierarchical entity.

Having this permission set on a hierarchical level, the user is allowed to view and manage all the users belonging to a shared hierarchical entity, if the View user's permission is also enabled. If the View all users permission is enabled, the user will be allowed to view all system users, but manage only those belonging to a shared hierarchical entity.

Users having privileged rights assigned will be visible to the currently logged-in user, but can only be managed by another privileged user.

For more details about the Entity role assignments feature, please also visit the dedicated article.

Global Global.jpg

Hierarchical hierarchical.jpg

Change password

Allows a user to change his / her own password.

For more details about Users management, please also visit the dedicated article.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

View all user invitations

Allows listing all the invitations in the system.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Privileged Privileged.jpg

Manage role package

Allows creating, editing, and deleting role packages.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

Sites and areas

View sites and areas

Allows viewing sites and areas along with their corresponding calculations (from measure aggregations).

This permission needs to be assigned at the hierarchy level. Hence, the user receiving this permission will only be allowed to view the site/area to which he/she was explicitly assigned.

This permission has no effect on the user's rights when assigned only at a global level.

For more details about the Entity role assignments feature, please also visit the dedicated article.

Hierarchical hierarchical.jpg

Manage sites and areas

Allows the user to perform the following operations:

  • Create new Sites and Areas

  • Edit accessible Sites and Areas

  • Delete accessible Sites and Areas

  • Move Area function will check if the user performing the operation has management rights on the direct parent Site or Area, before allowing the change. Also, the Move function will check the move destination Site or Area for management permissions, before allowing the change.

  • Import Ewon / Netbiter configuration

Having this permission set at a global level, allows the user to manage all sites and areas, for which at least view rights are already available.

Having this permission at a hierarchical level, allows the user to manage only the respective sites/areas.

For more details about the Entity role assignments feature, please also visit the dedicated article.

Global Global.jpg

Hierarchical hierarchical.jpg

View all sites and areas

Allows viewing sites and areas in the system. This permission does not enable the sites or areas management features.

This is globally relevant permission, usually granted to users with high authority or privileged rights.

Assigning this permission at a hierarchical level will have no effect.

Global Global.jpg

Privileged Privileged.jpg

Manage site user

Enables display of the Users tile in Site details panel and allows management of the user role assignments, in context of the selected Site.

By clicking the Users tile the Site role assignments panel is opened, where all the users assigned to the current Site are listed, allowing the user to manage their role assignments.

The list of users will be adapted to the currently logged-in user's permissions, hence if View users / View all users permissions are missing, the user will only be allowed to see and manage himself/herself, in this view.

Warning

In order to be able to perform advanced management operations, the user should also have the Manage user permission.

Having this permission set at a global level, allows the user to manage the Users of all sites for which at least view rights are already available.

Having this permission at a hierarchical level, the user will only be allowed to manage the Users of the Site to which he/she was explicitly assigned.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage site applications

Enables display of the Manage Applications toolbar button in the Site details panel and allows Applications management in the context of the selected Site.

Warning

In order to change the current Site application(s) the user requires further permissions from the Applications section.

If the user has no further permissions from the Applications section, he/she will only be allowed to change the currently assigned Application(s) parameters, in the Manage Application Mappings panel.

Having this permission set at a global level, allows the user to manage the Applications of all sites for which at least view rights are already available.

Having this permission at the hierarchical level, the user will only be allowed to manage the Applications of the Sites to which he/she was explicitly assigned.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage site measure aggregations

Enables display of the Measure Aggregations tile in Site details panel and allows management of the assigned Measure Aggregations of the selected Site.

By clicking the Measure Aggregations tile, the list of all assigned Measure Aggregations is displayed, allowing the user to manage the list by adding or removing Measure Aggregations.

Having this permission set at the global level, allows the user to manage the Measure Aggregations of all Sites for which at least view rights are already available.

Having this permission at the hierarchical level, the user will only be allowed to manage the Measure Aggregations of the Site to which he/she was explicitly assigned.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage site public holidays

Enables display of the Public Holidays tile in Site details panel and allows management of Public holidays as follows:

  • See the list of already assigned Public Holidays

  • Add new Public Holidays

  • Edit exiting Public Holiday

  • Delete redundant Public Holidays

  • Import Public Holidays

  • Export Public Holidays

  • See Public Holidays in the Requisition Notes dashboard

Having this permission set at a global level, allows the user to manage the Public Holidays of all the Sites for which at least view rights are already available.

Having this permission at a hierarchical level, the user will only be allowed to manage the Public Holidays of the Site to which he/she was explicitly assigned.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage site response teams

Enables display of the Site Response Teams tile in Area details panel and allows management of the mapped Response Teams of the selected Site, as follows:

  • See the list of already mapped Response Teams

  • Add new Response Teams Mappings

  • Edit existing Response Teams Mappings

  • Delete redundant Response Teams Mappings

Warning

In order to be able to apply Response Teams Mapping with Event and Event Priority filters, the user is required to also have at least the View Events permission.

Having this permission set on a global level, allows the user to manage the Response Teams Mappings of all the Sites for which at least view rights are already available.

Having this permission set on a hierarchical level, the user will only be allowed to manage the Response Teams Mappings of the Site to which he/she was explicitly assigned.

Global Global.jpg

Hierarchical hierarchical.jpg

Publish manual events for sites

Enables display of the Publish Manual Event toolbar button in the Site details panel. Clicking the Publish Manual Event button opens the Select Manual Event panel. In this view, the user can choose a manual event in order to manually trigger an alarm, having the current Site as a source.

Important

In order to publish Manual events, the user should also have the View events permission enabled.

Tip

For more details about events, please also visit the dedicated articles here.

To learn more about publishing manual events for Sites please also read the Sites Management article.

Having this permission set at the global level allows the user to publish manual events in the context of all the Sites for which at least view rights are already available.

Having this permission set on a hierarchical level, the user will only be allowed to publish manual events only in the context of the Site to which he/she was explicitly assigned.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage area users

Enables display of the Users tile in Area details panel and allows management of the user role assignments, in context of the selected Area.

By clicking the Users tile the Area role assignments panel is opened, where all the users assigned to the current Area are listed, allowing the user to manage their role assignments.

The list of users will be adapted to the currently logged-in user's permissions, hence if View users / View all users permissions are missing, the user will only be allowed to see and manage himself/herself, in this view.

Warning

In order to be able to perform advanced management operations, the user should also have the Manage user permission.

Having this permission set at a global level, allows the user to manage the Users of all areas for which at least view rights are already available.

Having this permission at a hierarchical level, the user will only be allowed to manage the Users of the Area to which he/she was explicitly assigned or has a permissive inherited relationship.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage area applications

Enables display of the Manage Applications toolbar button in the Area details panel and allows Applications management in the context of the selected Area.

Warning

In order to change the current Area application(s) the user requires further permissions from the Applications section.

If the user has no further permissions from the Applications section, he/she will only be allowed to change the currently assigned Application(s) parameters, in the Manage Application Mappings panel.

Having this permission set at a global level, allows the user to manage the Applications of all areas for which at least view rights are already available.

Having this permission at the hierarchical level, the user will only be allowed to manage the Applications of the Areas to which he/she was explicitly assigned or has a permissive inherited relationship.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage area measure aggregations

Enables display of the Measure Aggregations tile in Area details panel and allows Measure Aggregations management in the context of the selected Area.

By clicking the Measure Aggregations tile, the list of all assigned Measure Aggregations is displayed, allowing the user to manage the list by adding or removing Measure Aggregations.

Having this permission set at the global level, allows the user to manage the Measure Aggregations of all Areas for which at least view rights are already available.

Having this permission at the hierarchical level, the user will only be allowed to manage the Measure Aggregations of the Area to which he/she was explicitly assigned, or has a permissive inherited relationship.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage area response teams

Enables display of the Area Response Teams tile in Area details panel and allows Response Team Mappings management in the context of the selected Area.

By clicking the Area Response Teams tile, the list of all Response Team Mappings is displayed, allowing the user to manage the list by adding or removing Response Teams Mappings.

Warning

In order to be able to apply Response Teams Mapping with Event and Event Priority filters, the user is required to also have at least the View Events permission.

Having this permission set at a global level, allows the user to manage the Response Teams Mappings of all Areas for which at least view rights are already available.

Having this permission at the hierarchical level, the user will only be allowed to manage the Response Teams Mappings of the Area to which he/she was explicitly assigned, or has a permissive inherited relationship.

Global Global.jpg

Hierarchical hierarchical.jpg

Publish manual events from areas

Enables display of the Publish Manual Event toolbar button in the Area details panel. Clicking the Publish Manual Event button opens the Select Manual Event panel. In this view, the user can choose a manual event in order to manually trigger an alarm, having the current Area as a source.

Important

In order to publish Manual events, the user should also have the View events permission enabled.

Tip

For more details about events, please also visit the dedicated articles here.

To learn more about publishing manual events from Areas, please also read the Areas Management article.

Having this permission set at the global level allows the user to publish manual events in the context of all the Areas for which at least view rights are already available.

Having this permission set on a hierarchical level, the user will only be allowed to publish manual events only in the context of the Area to which he/she was explicitly assigned.

Global Global.jpg

Hierarchical hierarchical.jpg

Organizational Units

View organizational units

Allows viewing organizational units along with their corresponding calculations (from measure aggregations).

This permission needs to be assigned at the hierarchy level. Hence, the user receiving this permission will only be allowed to view the organizational units to which he/she was explicitly assigned.

For more details about the Entity role assignments feature, please also visit the dedicated article.

This permission has no effect on the user's rights when assigned only at a global level.

Hierarchical hierarchical.jpg

Manage organizational units

Allows the user to perform the following operations:

  • Create new Organizational Units

  • Edit accessible Organizational Units

  • Delete accessible Organizational Units

  • Move Organizational Units

  • Import Ewon / Nebiter configuration

Having this permission set at a global level, allows the user to manage all organizational units, for which at least view rights are already available.

Having this permission at a hierarchical level, allows the user to manage only the respective organizational unit.

For more details about the Entity role assignments feature, please also visit the dedicated article.

Global Global.jpg

Hierarchical hierarchical.jpg

View all organizational units

Allows viewing all the organizational units in the system. This permission does not enable the organizational unit's management features.

This is globally relevant permission, usually granted to users with high authority or privileged rights.

Assigning this permission on a hierarchical level will have no effect.

Global Global.jpg

Privileged Privileged.jpg

Manage organizational unit users

Enables display of the Users tile in Organizational Unit details panel and allows User role assignments management, in context of the selected Organizational Unit.

By clicking the Users tile the Organizational Unit role assignments panel is opened, where all the users assigned to the current Organizational Unit are listed, allowing the user to manage their role assignments.

The list of users will be adapted to the currently logged-in user's permissions, hence if View users / View all users permissions are missing, the user will only be allowed to see and manage himself/herself, in this view.

Warning

In order to be able to perform advanced management operations, the user should also have the Manage user permission.

Having this permission set at a global level, allows the user to manage the Users of all Organizational Units for which at least view rights are already available.

Having this permission at a hierarchical level, the user will only be allowed to manage the Users of the Organizational Units to which he/she was explicitly assigned or has a permissive inherited relationship.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage organizational unit applications

Enables display of the Manage Applications toolbar button in the Organizational Unit details panel and allows Applications management in the context of the selected Organizational Unit.

Warning

In order to change the current Organizational Unit application(s) the user requires further permissions from the Applications section.

If the user has no further permissions from the Applications section, he/she will only be allowed to change the currently assigned Application(s) parameters, in the Manage Application Mappings panel.

Having this permission set at a global level, allows the user to manage the Applications of all Organizational Units for which at least view rights are already available.

Having this permission at a hierarchical level, the user will only be allowed to manage the Applications of the Organizational Units to which he/she was explicitly assigned or has a permissive inherited relationship.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage organizational unit measure aggregations

Enables display of the Measure Aggregations tile in Organizational Unit details panel and allows Measure Aggregations management in the context of the selected Organizational Unit.

By clicking the Measure Aggregations tile, the list of all assigned Organizational Units is displayed, allowing the user to manage the list by adding or removing Measure Aggregations.

Having this permission set at the global level, allows the user to manage the Measure Aggregations of all Organizational Units for which at least view rights are already available.

Having this permission at the hierarchical level, the user will only be allowed to manage the Measure Aggregations of the Organizational Units to which he/she was explicitly assigned, or has a permissive inherited relationship.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage organizational unit response teams

Enables display of the Organizational Units Response Teams tile in Organizational Unit details panel and allows Response Teams Mappings management in the context of the selected Organizational Unit.

By clicking the Organizational Unit Response Teams tile, the list of all Response Team Mappings is displayed, allowing the user to manage the list by adding or removing Response Teams Mappings.

Warning

In order to be able to apply Response Teams Mapping with Event and Event Priority filters, the user is required to also have at least the View Events permission.

Having this permission set at a global level, allows the user to manage the Response Teams Mappings of all Organizational Units for which at least view rights are already available.

Having this permission at the hierarchical level, the user will only be allowed to manage the Response Teams Mappings of the Organizational Units to which he/she was explicitly assigned, or has a permissive inherited relationship.

Global Global.jpg

Hierarchical hierarchical.jpg

Publish manual events from organizational units

Enables display of the Publish Manual Event toolbar button in the Organizational Unit details panel. Clicking the Publish Manual Event button opens the Select Manual Event panel. In this view, the user can choose a manual event in order to manually trigger an alarm, having the current Organizational Unit as a source.

Important

In order to publish Manual events, the user should also have the View events permission enabled.

Tip

For more details about events, please also visit the dedicated articles here.

To learn more details about publishing manual events from Organizational Units please read the Organizational Units Management article.

Having this permission set at the global level allows the user to publish manual events in the context of all the Organizational Units for which at least view rights are already available.

Having this permission set on a hierarchical level, the user will only be allowed to publish manual events only in the context of the Organizational Unit to which he/she was explicitly assigned.

Global Global.jpg

Hierarchical hierarchical.jpg

Devices

View devices

Allows viewing devices and their corresponding calculations, from measure aggregations.

The user receiving this permission will only be allowed to view the devices of the hierarchical entities to which he/she was explicitly assigned.

This permission should be assigned on a hierarchical level, otherwise, it will have no effect on the user's rights.

For more details about the Entity role assignments feature, please also visit the dedicated article.

Hierarchical hierarchical.jpg

Manage devices

Allows the user to perform the following operations:

  • Create new devices

  • Edit the accessible devices

  • Clone devices

  • Delete devices

Having this permission set at a global level, allows the user to manage all devices of the hierarchical entities, to which he/she was explicitly assigned.

Having this permission enabled at a hierarchical level, allows the user to manage only the devices to which he/she was explicitly assigned.

For more details about the Entity role assignments feature, please also visit the dedicated article.

Global Global.jpg

Hierarchical hierarchical.jpg

View adapters

Allows viewing and selecting adapters when adding and editing devices.

This is hierarchically relevant permission, hence assigning it at the global level will not lead to the expected results.

Hierarchical hierarchical.jpg

Manage adapters

Allows creating new adapters, editing and deleting existing adapters, managing user assignments and application mappings.

This permission can be assigned either on a global or hierarchical level. The obtained result will be the same.

For more details about the Entity role assignments feature, when assigning this permission on a hierarchical level, please also visit the dedicated article.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage email event scripts

Allows creating, editing, and deleting email event scripts, in the context of the Email Adapter / Device.

This is globally relevant permission. Assigning this permission on a hierarchical level will have no effect on the user's rights.

Global Global.jpg

View all adapters

Allows viewing and selecting all the adapters available in the system.

This is globally relevant permission, usually granted to users with high authority or privileged rights.

Assigning this permission on a hierarchical level will have no effect.

Global Global.jpg

Privileged Privileged.jpg

Manage device users

Allows viewing the Users tile in the Device details panel and manages the user role assignments, in the context of the selected Device.

By clicking the Users tile the Device role assignments panel is opened, where all the users assigned to the current Device are listed, allowing the user to manage their role assignments.

The list of users will be adapted to the currently logged-in user's permissions, hence if View users / View all users permissions are missing, the user will only be allowed to see and manage himself/herself, in this view.

Warning

In order to be able to perform advanced management operations, the user should also have the Manage user permission.

Having this permission set at a global level, allows the user to manage the Users of all Devices for which at least view rights are already available.

Having this permission at a hierarchical level, the user will only be allowed to manage the Users of the Devices to which he/she was explicitly assigned or has a permissive inherited relationship.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage device applications

Allows Devices Applications management.

Warning

In order to change the current Device application(s) the user requires further permissions from the Applications section.

If the user has no further permissions from the Applications section, he/she will only be allowed to change the currently assigned Application(s) parameters, in the Manage Application Mappings panel.

Having this permission set at a global level, allows the user to manage the Applications of all Devices for which at least view rights are already available.

Having this permission at a hierarchical level, the user will only be allowed to manage the Applications of the Devices to which he/she was explicitly assigned or has a permissive inherited relationship.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage device response teams

Allows viewing the Device Response Teams tile in Device details panel and manage the mapped Response Teams of the selected Device,

By clicking the Device Response Teams tile, the list of all Response Team Mappings is displayed, allowing the user to manage the list by adding or removing Response Teams Mappings.

Warning

In order to be able to apply Response Teams Mapping with Event and Event Priority filters, the user is required to also have at least the View Events permission.

Having this permission set at a global level, allows the user to manage the Response Teams Mappings of all Devices for which at least view rights are already available.

Having this permission at a hierarchical level, the user will only be allowed to manage the Response Teams Mappings of the Device to which he/she was explicitly assigned, or has a permissive inherited relationship.

Global Global.jpg

Hierarchical hierarchical.jpg

Publish manual events from devices

Enables display of the Publish Manual Event toolbar button in the Device details panel. Clicking the Publish Manual Event button opens the Select Manual Event panel. In this view, the user can choose a manual event in order to manually trigger an alarm, having the current Device as the source.

Important

In order to publish Manual events, the user should also have the View events permission enabled.

Tip

For more details about events, please also visit the dedicated articles here.

To learn more details about publishing manual events from Device please read the Devices Management article.

Having this permission set at the global level allows the user to publish manual events in the context of all the Devices for which at least view rights are already available.

Having this permission set on a hierarchical level, the user will only be allowed to publish manual events only in the context of the Device to which he/she was explicitly assigned.

Global Global.jpg

Hierarchical hierarchical.jpg

Signals

Read signals

Allows the user to open the Edit signal panel in order to read the signal value, but does not allow the user to change and save the signal settings.

This permission can be assigned on a global or hierarchical level.

Global Global.jpg

Hierarchical hierarchical.jpg

Write signals

Allows the user to open the Edit signal panel in order to read the signal value and make further changes to the signal settings.

Additionally, users having this permission enabled can add new signals or virtual signals and add/edit/remove signal compression settings.

This permission can be assigned on a global or hierarchical level, as follows:

  • Global level - grants the user permission to write all signals available for the hierarchical entities where he/she is explicitly assigned.

  • Hierarchical level - grants the user permission to write only the signals where the permission was explicitly assigned.

Having this permission assigned both globally and hierarchically will apply the global effects.

Global Global.jpg

Hierarchical hierarchical.jpg

Edit measurement history

Allows the user to input counter signal corrections, as described by the dedicated article here.

This is a globally relevant permission, hence assigning it on the hierarchical level will not lead to the expected results.

Global Global.jpg

Manage virtual signals

Allows the user to manage virtual signals, as described by the dedicated article here.

This is a globally relevant permission, usually granted to users with high authority or privileged rights.

Assigning this permission on a hierarchical level will have no effect.

Global Global.jpg

Privileged Privileged.jpg

Manage signals

Allows the user to open signals in edit mode and manage their configuration, as described by the dedicated article, here.

This is a globally relevant permission, usually granted to users with high authority or privileged rights.

Assigning this permission on a hierarchical level will have no effect.

Global Global.jpg

Privileged Privileged.jpg

Events

Manage events

Provides the user with the following rights:

  • Add, edit and delete Event Groups

  • Add, edit and delete Event Types

  • Add, edit and delete Event priorities

  • Add, edit and delete Events

  • Add, edit and delete Manual events

This permission is globally relevant and is usually associated with users with privileged rights.

Assigning this permission on a hierarchical level will not grant the user with the expected rights.

Global Global.jpg

Privileged Privileged.jpg

View event occurrences

The main scope of this permission is to allow users to view event occurrences, in the Online Alarms panel / the Historical Alarms panel and to enforce the i4messenger notifications flow of events.

Depending on a set of conditions, the rights enforced by this permission can vary, as follows:

  • If the View event occurrences permission is disabled, the Online Alarms icon will be visible, but the user will only be allowed to view owned events.

  • If the View event occurrences permission is disabled, the list of Historical Alarms will only list closed events owned by the currently logged-in user, including own audit events.

  • If the View event occurrences permission is disabled, no event notifications will be delivered for the user, not even in case the user is set as Response Team member of a related entity.

  • The View events occurrences permission, assigned on a global level, grants the user with the possibility to view all the alarms having as a source an entity with which the user has a relationship.

    If the alarm's owner is an equal or an inferior user, and the alarm source is a related entity, the currently logged-in user will be allowed to view that alarm, as well.

    If the Source of the Event is the Server, the user is required to have the View server events permission enabled, as well.

    Additionally, the user will receive event notifications via Email/SMS/Telegram, for events having as a source an entity where the user is explicitly assigned as a Response Team member.

  • The View events occurrences permission, assigned on a hierarchical level, grants the user with the possibility to view all the alarms having as a source an entity in the context of which this permission was explicitly assigned.

    If the alarm's owner is an equal or an inferior user, and the alarm source is a related entity, the currently logged-in user will be allowed to view that alarm, as well.

    The user will only receive event notifications via Email/SMS/Telegram, for events having as a source an entity in the context of which this permission was explicitly assigned and the user is a Response Team member.

Global Global.jpg

Hierarchical hierarchical.jpg

Close event occurrences

Allows or denies the right to close events, in the Online Alarms panel, as follows:

  • If the Close event occurrences permission is disabled, the users will not see the Close button, nor in the occurrences list view, neither in the event occurrence detailed view panel. This is applied to both the Online Alarms panel and the Historical Alarms panel.

  • If the Close event occurrences permission is enabled on a global level the Close button will be displayed in both the occurrences list view and the details of the occurrence view, for all the occurrences having as a source an entity with which the user has a relationship.

  • If the Close event occurrences permission is enabled on a hierarchical level the Close button will only be displayed in the occurrence details panel, for all the occurrences having as a source an entity in the context of which this permission was explicitly assigned.

Global Global.jpg

Hierarchical hierarchical.jpg

Acknowledge event occurrences

Allows or denies the right to acknowledge an event, in the Online Alarms/Historical Alarms panels, as follows:

  • If the Acknowledge event occurrences permission is disabled, the users will not see the Acknowledge button, nor in the occurrences list view, neither in the event occurrence detailed view panel. This is applied to both the Online Alarms panel and the Historical Alarms panel.

  • If the Acknowledge event occurrences permission is enabled on a global level the Acknowledge button will be displayed in both the occurrences list view and the details of the occurrence view, for all the occurrences having as a source an entity with which the user has a relationship.

  • If the Acknowledge event occurrences permission is enabled on a hierarchical level the Acknowledge button will only be displayed in the occurrence details panel, for all the occurrences having as a source an entity in the context of which this permission was explicitly assigned.

Global Global.jpg

Hierarchical hierarchical.jpg

Take event occurrence ownership

Allows or denies the right to take event ownership, in the Online Alarms/Historical Alarms panels, as follows:

  • If the Take event occurrence ownership permission is disabled, the users will not see the Take ownership button, nor in the occurrences list view, neither in the event occurrence detailed view panel. This is applied to both the Online Alarms panel and the Historical Alarms panel.

  • If the Take event occurrence ownership permission is enabled on a global level the Take ownership button will be displayed in both the occurrences list view and the details of the occurrence view, for all the occurrences having as a source an entity with which the user has a relationship.

  • If the Take event occurrence ownership permission is enabled on a hierarchical level the Take ownership button will only be displayed in the occurrence details panel, for all the occurrences having as a source an entity in the context of which this permission was explicitly assigned.

Global Global.jpg

Hierarchical hierarchical.jpg

Assign event occurrence ownership

Allows or denies the right to assign event ownership to another user, in the Online Alarms/Historical Alarms panels, as follows:

  • If the Assign event occurrence ownership permission is disabled, the users will not see the Assign ownership button, nor in the occurrences list view, neither in the event occurrence detailed view panel. This is applied to both the Online Alarms panel and the Historical Alarms panel.

  • If the Assign event occurrence ownership permission is enabled on a global level the Assign ownership button will be displayed in both the occurrences list view and the details of the occurrence view, for all the occurrences having as a source an entity with which the user has a relationship.

    Warning

    To assign an event's ownership to another user, at least the View users permission should be enabled, otherwise the list of users will only show the currently logged-in user.

  • If the Assign event occurrence ownership permission is enabled on a hierarchical level the Assign ownership button will only be displayed in the occurrence details panel, for all the occurrences having as a source an entity in the context of which this permission was explicitly assigned.

    Warning

    To assign an event's ownership to another user, at least the View users permission should be enabled, otherwise the list of users will only show the currently logged-in user.

Global Global.jpg

Hierarchical hierarchical.jpg

Change event occurrence priority

Allows or denies the right to change an event's priority, in the Online Alarms/Historical Alarms panels, as follows:

  • If the Change event occurrence priority permission is disabled, the users will not see the Prioritize button, nor in the occurrences list view, neither in the event occurrence detailed view panel. This is applied to both the Online Alarms panel and the Historical Alarms panel.

  • If the Change event occurrence priority permission is enabled on a global level the Prioritize button will be displayed in both the occurrences list view and the details of the occurrence view, for all the occurrences having as a source an entity with which the user has a relationship.

    Warning

    To change an event occurrence priority, the user is required to have the View permission, as well. Otherwise, the Priorities list will be empty.

  • If the Change event occurrence priority permission is enabled on a hierarchical level the Prioritize button will only be displayed in the occurrence details panel, for all the occurrences having as a source an entity in the context of which this permission was explicitly assigned.

    Warning

    To change an event occurrence priority, the user is required to have the View permission, as well. Otherwise, the Priorities list will be empty.

Global Global.jpg

Hierarchical hierarchical.jpg

Comment event occurrences

Allows or denies the right to comment on an event, in the Online Alarms/Historical Alarms panels, as follows:

  • If the Comment event occurrences permission is disabled, the users will not see the Comment button in the event occurrence details view panel. This is applied to both the Online Alarms panel and the Historical Alarms panel.

  • If the Comment event occurrence permission is enabled on a global level the Comment button will be displayed in the details of the occurrence view, for all the occurrences having as a source an entity with which the user has a relationship. This is applied to both the Online Alarms panel and the Historical Alarms panel.

  • If the Comment event occurrence permission is enabled on a hierarchical level the Comment button will be displayed in the occurrence details panel, for all the occurrences having as a source an entity in the context of which this permission was explicitly assigned. This is applied to both the Online Alarms panel and the Historical Alarms panel.

Global Global.jpg

Hierarchical hierarchical.jpg

View event occurrence comments

Allows or denies the right to view an event's comment, in the Online Alarms/Historical Alarms panels, as follows:

  • If the View event occurrence comments permission is disabled, the users will not see the contents of the Comment column in the Online Alarms panel, and the Comment section in the event occurrence details view panel will be hidden. This is applied to both the Online Alarms panel and the Historical Alarms panel.

  • If the View event occurrence comments permission is enabled on a global level the Comment column will be populated in the Online Alarms panel and the Comment section will be visible in the details of the occurrence view, for all the occurrences having as a source an entity with which the user has a relationship. This is applied to both the Online Alarms panel and the Historical Alarms panel.

  • If the View event occurrence comments permission is enabled on a hierarchical level the Comment column will be displayed in the Online Alarms panel, but only the comments of Alarms sourcing from entities where this permission was explicitly enabled will be visible. Also, the Comment section will be visible and populated in the occurrence details panel, for all the occurrences having as a source an entity in the context of which this permission was explicitly assigned.This is applied to both the Online Alarms panel and the Historical Alarms panel.

Global Global.jpg

Hierarchical hierarchical.jpg

View event occurrence history

Allows or denies the right to view an event's history, in the Online Alarms/Historical Alarms panels, as follows:

  • If the View event occurrence history permission is disabled, the users will not see the History section in the event occurrence details view panel. This is applied to both the Online Alarms panel and the Historical Alarms panel.

  • If the View event occurrence history permission is enabled on a global level the History section will be visible in the details of the occurrence view, for all the occurrences having as a source an entity with which the user has a relationship. This is applied to both the Online Alarms panel and the Historical Alarms panel.

  • If the View event occurrence history permission is enabled on a hierarchical level the History section will be visible in the occurrence details panel, for all the occurrences having as a source an entity in the context of which this permission was explicitly assigned. This is applied to both the Online Alarms panel and the Historical Alarms panel.

Global Global.jpg

Hierarchical hierarchical.jpg

View audit log

Allows auditing sensitive operations such as historical events performed by a user on an auditable action.

The following actions can be audited:

  • Login / Logout

  • Change password

  • Add / Edit / Delete user

  • Change user password

  • Change role assignments

  • Any CRUD operation performed in the system

For more details about Audit Events please also visit the dedicated article here.

Global Global.jpg

View server events

Allows viewing all events having the Server as the source of the event, in Online and Historical alarms panels.

If this permission is not enabled, the user can only see events sourcing from the Server, where he/she is Owner.

This is a globally relevant permission. Assigning this permission on a hierarchical level will not grant the user with the expected rights.

Global Global.jpg

Manage event scripts

Allows the user to add, edit and remove event scripts, as described by the dedicated article.

This is a globally relevant permission, usually attributed to users with privileged rights.

By enabling this permission on a hierarchical level won't lead to the expected results.

Global Global.jpg

Privileged Privileged.jpg

Reports

Manage report definitions

This permission enables the following rights:

  • View Report groups

  • Create Report groups

  • Edit Report groups

  • Delete Report groups

  • Create Report definitions

  • Edit Report definitions, that the user has rights to view (View reports permission is enabled and entity role assignments have been performed)

  • Delete Report definitions, that the user has rights to view (View reports permission is enabled and entity role assignments have been performed)

This is a globally relevant permission.

Assigning this permission on a hierarchical level only will have no effect on Report groups and definitions management.

Global Global.jpg

View report definitions

Allows users to view report definitions, to which they have been explicitly assigned, by means of Entity role assignments.

For more details about Entity role assignments please also visit the dedicated article here.

This permission will only work if the Manage report definitions permission is also available for the user.

This is a hierarchical permission, hence assigning it on a global level will lead to no results.

Hierarchical hierarchical.jpg

Schedule reports

Allows the user to schedule reports. The user will be allowed to schedule only the reports that have been explicitly assigned to the user profile, as described by this article.

Warning

Reports that were ONLY enabled for the user by means of the entity roles assignment feature, will not be available for scheduling.

This is a globally relevant permission, hence, assigning it on a hierarchical level does not lead to the expected results.

Global Global.jpg

Manage report schedules

Allows the user to create, edit and delete report schedules for the users to which the current user has a relationship.

This is a globally relevant permission, hence, assigning it on a hierarchical level does not lead to the expected results.

Global Global.jpg

User distribution lists

Allows sending scheduled reports to distribution lists (external email addresses).

This is a globally relevant permission, hence, assigning it on a hierarchical level does not lead to the expected results.

Global Global.jpg

Report archive

Allows the user to access the report archive list and add reports to archives.

Warning

The Report archive permission does not grant the user the rights to archive a report. Only users having the Report archiving setting enabled under the User profile, will be allowed to send reports to an archive.

This is a globally relevant permission, hence, assigning it on a hierarchical level does not lead to the expected results.

Global Global.jpg

View all report definitions

Allows users to view all report definitions in the system.

This permission will only work if the Manage report definitions permission is also available for the user.

This is a globally relevant permission, usually granted to users with high authority or privileged rights.

Global Global.jpg

Privileged Privileged.jpg

Measure action

Manage measure action

This permission enables the following rights:

  • view the measure actions, available for the hierarchical entities that the current user has access to, in the Measures panel.

  • open and view the measure actions overview, available for the hierarchical entities that the current user has access to.

  • view the Manage measure actions tile, in the hierarchical entity details panel, to which the current user has access.

  • add new measure actions, for the hierarchical entities that the current user has access to.

  • edit measure actions, for the hierarchical entities that the current user has access to.

  • delete measure actions, for the hierarchical entities that the current user has access to.

This is a globally relevant permission, hence enabling it on a hierarchical level won't lead to the expected results.

Global Global.jpg

Import measure action

This permission enables the following rights:

  • import measure actions, using the dedicated panel.

This is a globally relevant permission, hence enabling it on a hierarchical level won't lead to the expected results.

Global Global.jpg

View measure action

This permission enables the following rights:

  • view the measure actions, available for the hierarchical entities that the current user has access to, in the Measures panel.

  • open and view the measure actions overview, available for the hierarchical entities that the current user has access to.

  • view the Manage measure actions tile, in the hierarchical entity details panel, to which the current user has access.

This is a globally relevant permission, hence enabling it on a hierarchical level won't lead to the expected results.

Global Global.jpg

Manual counter

Manage manual counter

Allows managing the manual counters.

This is a globally relevant permission, hence enabling it on a hierarchical level won't lead to the expected results.

Global Global.jpg

Requisition note

Requisition note power plant user

This permission enables the following rights:

  • see Requisition Notes in his / her area(s)

  • confirm Requisition Notes

  • confirm deactivation Requisition Notes

Tip

Along with the Manage Site Public Holidays permission, the Requisition Notes calendar will also display the Public Holidays.

This is a globally relevant permission, hence enabling it on a hierarchical level won't lead to the expected results.

Global Global.jpg

Requisition note hall manager

This permission enables the following rights:

  • see Requisition Notes in his / her area(s)

  • add Requisition Notes for his / her area(s)

  • add deactivation Requisition Notes for his / her area(s)

  • copy Requisition Notes from his / her area(s)

  • edit Requisition Notes from his / her area(s)

  • delete Requisition Notes from his / her area(s)

Tip

Along with the Manage SIte Public Holidays permission, the Requisition Notes calendar will also display the Public Holidays.

This is a globally relevant permission, hence enabling it on a hierarchical level won't lead to the expected results.

Global Global.jpg

Applications

View applications

Allows the user to view i4designer listed application mappings, to which he/she is set as owner or assignee.

This is hierarchically relevant permission, hence assigning it at the global level will not lead to the expected results.

For more details about the i4designer Applications, please also visit the dedicated article here.

Hierarchical hierarchical.jpg

Manage applications

Allows creating, editing and deleting i4designer applications.

Further on, this permission enables the synchronization options, available for application mappings, as follows:

  • Synchronize Global Entities,

  • Synchronize Signals,

  • Synchronize Object Filters,

  • Synchronize Event Filters.

This is a globally relevant permission, hence enabling it on a hierarchical level won't lead to the expected results.

For more details about the i4designer Applications, please also visit the dedicated article here.

Global Global.jpg

View all applications

Allows viewing all i4designer applications.

For more details about the i4designer Applications, please also visit the dedicated article here.

This is a globally relevant permission, usually granted to users with high authority or privileged rights.

Global Global.jpg

Privileged Privileged.jpg

Manage own component configuration

Allows managing complex i4designer components (e.g. Trending components) by saving, loading, and removing own component configurations.

This permission can be assigned on a global or hierarchical level, as follows:

  • Global level - grants the user permission to manage the component configurations, of all accessible applications.

  • Hierarchical level - grants the user with permission to manage the component configurations, of application mappings, scoped to specific hierarchical entities.

Having this permission assigned both globally and hierarchically will apply the global effects.

Global Global.jpg

Hierarchical hierarchical.jpg

Manage shared component configuration

Allows managing complex i4designer components (e.g. Trending components) by saving, loading, and removing shared component configurations.

This permission can be assigned on a global or hierarchical level, as follows:

  • Global level - grants the user permission to manage the component configurations, of all accessible applications.

  • Hierarchical level - grants the user with permission to manage the component configurations, of application mappings, scoped to specific hierarchical entities.

Having this permission assigned both globally and hierarchically will apply the global effects.

Global Global.jpg

Hierarchical hierarchical.jpg

Messenger

View response teams

Allows the user to view Response Teams in the following contexts:

  • in the Response Teams list. Being a member of a Response Team does not provide the user with view rights. The user either needs to own the Response Team or have explicit view rights enabled for that Response Team.

  • in context of Sites / Areas / Organizational Units / Devices, when assigning Response Teams to one of these entities. In order to assign Response Teams to a hierarchical entity, the user is required to also have the Manage Response Teams permission enabled on a global level.

This is hierarchically relevant permission, hence assigning it at the global level will not lead to the expected results.

For more details about i4messenger Response Teams, please also visit the dedicated article here.

Hierarchical hierarchical.jpg

Manage response teams

Allows the user with the possibility to manage Response Teams, as follows:

  • Add new Response Teams

  • Edit listed Response Teams

  • Remove Response Teams

  • Assign Response Teams to Sites, Areas, Organizational Units, and Devices, if the necessary management permissions are also enabled, for these entities.

This is a globally relevant permission, hence enabling it on a hierarchical level won't lead to the expected results.

Note that having this permission enabled does not provide the user with the rights to change a Response Team's owner, assign new members

For more details about i4messenger Response Teams, please also visit the dedicated article here.

Global Global.jpg

View all response teams

Allows viewing all the i4connected Response Teams.

For more details about i4messenger Response Teams, please also visit the dedicated article here.

This is a globally relevant permission, usually granted to users with high authority or privileged rights.

Global Global.jpg

Privileged Privileged.jpg

View notification profiles

Allows the user to view Notification Profiles in the following contexts:

  • in the Notification Profiles list

  • in context of a Response Team, when assigning Notification Profiles.

This is hierarchically relevant permission, hence assigning it at the global level will not lead to the expected results.

For more details about i4messenger Notification Profiles, please also visit the dedicated article here.

Hierarchical hierarchical.jpg

Manage notification profiles

Allows the user with the possibility to manage Notification Profiles, as follows:

  • Add new Notification Profiles

  • Edit listed Notification Profiles

  • Remove Notification Profiles

  • Assign Notification Profiles to Response Teams, if the user also has permissions Response Teams management permissions.

This is a globally relevant permission, hence enabling it on a hierarchical level won't lead to the expected results.

For more details about i4messenger Notification Profiles, please also visit the dedicated article here.

Global Global.jpg

View all notification profiles

Allows viewing all the i4connected Notification Profiles.

For more details about i4messenger Notification Profiles, please also visit the dedicated article here.

This is a globally relevant permission, usually granted to users with high authority or privileged rights.

Global Global.jpg

Privileged Privileged.jpg

Extended permissions

Extended permissions require database and code changes, hence these cannot be organized in the administration user interface. Usually, such extended permissions can be introduced for the custom modules, at request.

In this section: