swnd2:user_permissions_v2

User Permissions V2

This page describes how to create user accounts and configure their permissions in SIWENOID v2. User management is permission-based — every function in the system can be individually granted or denied per user. Only users with administrative access can create or modify accounts.

SIWENOID v2 uses a two-layer access control model:

  • User-level permissions — control which application functions a specific user can access (e.g. acknowledging alarms, editing maps, managing other users).
  • Object-level permissions — control which datapoints, zones, or devices a user can see and interact with. These are configured separately on the Object Permissions page.

Prev ← SIWENOID v2 — First Run After Installation Next → The Starting Screen of SIWENOID v2

Creating a User Account

To open the user management interface, navigate to the main menu and select the Users menu item.

Users menu item

From the submenu, select Users & Groups.

Users and Groups submenu

The Users & Groups management screen will open. This screen lists all existing user accounts on the system. Only users who have been granted user creation rights will be able to see and use this screen. If you do not see this screen after selecting the menu item, your account does not have sufficient permissions — contact your system administrator.

Users and Groups management screen

To add a new user, click the Add button (plus icon) in the toolbar.

Add button

From the dropdown that appears, select Add new user.

Add new user option

The user account editor screen will open.

User account editor

Fill in the following fields for the new user account:

  • Username — the login name the user will type at the login screen. Must be unique on the system. It is recommended to use lowercase letters without spaces or special characters.
  • Name — the user's full display name. This appears in event logs and audit trails to identify who performed each action.
  • Password — the initial password for the account. The user can change this after first login if permitted.
  • Admin access — if enabled, this user has full administrative rights, including the ability to create and modify other user accounts, change system settings, and access all configuration screens. Grant this only to trusted engineering staff.
  • E-mail — the user's email address. Used for notification features if email alerting is configured.
  • Telephone — the user's phone number. Stored for reference purposes.
  • Language — the interface language for this user. SIWENOID v2 supports multiple interface languages. The selected language applies only to this user's client session.
  • Automatic logout — defines the inactivity timeout in minutes after which the user is automatically logged out. Set this to enforce security on unattended workstations. Setting this to 0 disables automatic logout.

After filling in all required fields, save the account before configuring permissions.

Configuring User Permissions

After creating the user account, open the permissions editor to control which functions this user can access. Navigate to the permissions configuration screen from the main menu.

Permissions menu

The permissions editor displays a list of all available system functions. Each function can be individually set for the selected user.

Permissions editor screen

Each permission entry can be set to one of three states:

  • engedely.jpg Granted — the user has explicit permission to use this function. This overrides any group-level setting.
  • megvont.jpg Denied — the user is explicitly blocked from using this function, even if their group would otherwise allow it.
  • csoport.jpg Inherit from group — the user's permission for this function is determined by the group they belong to. This is the recommended default for most permissions, as it allows managing permissions centrally through groups rather than per-user.

Using the group inheritance model is the recommended approach for installations with multiple users in similar roles (for example, all operators share the same operator group permissions). Individual overrides should only be used when a specific user needs to differ from the group standard.

To view a tooltip explaining what a specific permission controls, hover over the information icon next to the permission name.

Tooltip icon

Once all permissions are configured as required, click the Save button to apply the settings.

Save button

The user account is now active and the user can log in with the credentials set during account creation.

User Groups

SIWENOID v2 supports user groups, which allow the same permission profile to be applied to multiple users at once. Groups are managed from the same Users & Groups screen. Assigning users to a group and using the “Inherit from group” permission state is the most maintainable approach for larger installations with many operator accounts.

Important Notes

  • There must always be at least one active admin account on the system. Do not remove admin rights from all accounts simultaneously or you will lose access to user management.
  • User accounts and their permissions are stored in the SIWENOID v2 database. They are included in the regular database backup. After a restore operation, verify that user accounts are intact.
  • Password complexity and expiry policies are not enforced by the software itself. It is the responsibility of the system administrator to set appropriate passwords and rotate them periodically.

Prev ← SIWENOID v2 — First Run After Installation Next → The Starting Screen of SIWENOID v2