Starting with version 6.6, Elipse E3 contains a series of permissions inherited when creating new users or groups, gathered in the Default Permissions item, shown on the next figure.
Options for default permissions of Elipse E3
NOTE |
The administrator user, who must always be created in a new application to perform user control, always have all permissions granted, regardless of the settings in the Default Permissions item. |
For each item on the Permissions tab, there is a series of permissions that can be configured for each user. The available options are described on the next tables.
Available options for Domains
Option |
Description |
|---|---|
Run Domain |
Enables the execution of a Domain. The default value of this option is Deny Command |
Stop Domain |
Stops a Domain. The default value of this option is Deny Command |
Edit Domain |
Enables editing a Domain. The default value of this option is Deny Command |
Run as a service |
Enables the execution of a Domain as a service. The default value of this option is Deny Command |
Allows configuring users and groups of users. The default value of this option is Deny Command |
|
Remote Domain access |
Enables remote access to a Domain. The default value of this option is Deny Command |
Remote Domain write access |
Enables remote writing access to a Domain. The default value of this option is Deny Command |
Write to runtime properties from Studio |
Enables writing to the column of property values on the WatchWindow window at run time. The default value of this option is Deny Command |
If the Disable permissions check option on the Security tab of the Domain configurations is enabled, that configuration directly affects the behavior of checking permissions for each user. In this specific case, a user with all Domain permissions not allowed still have the permission to execute those same actions, because the global configuration of the Domain is disabled. This situation is indicated on the Users and Groups window by a warning message on this window's footer, shown on the next figure.
Warning for Domain's permission check disabled
Available options for Viewers
Option |
Description |
Server write access |
Enables writing access to a server. The default value of this option is Allow Command |
Available options for Screens
Option |
Description |
Open Screen |
Enables opening Screens. The default value of this option is Allow Command |
Available options for Alarms
Option |
Description |
Alarm acknowledgment |
Enables acknowledging alarms. The default value of this option is Allow Command |
Delete unbound alarms |
Enables removing alarms unbound to Alarm Sources. The default value of this option is Allow Command |
Shelve/Unshelve alarms |
Enables shelving and unshelving alarms. The default value of this option is Allow Command |
Each item on the list of default permissions can be configured with one of the statuses on the next table.
Possible statuses for the Default Permissions item
Status |
Description |
|---|---|
Allow Command |
This option is allowed for all users or groups that automatically inherited the permissions defined in the Default Permissions item |
Deny Command |
This option is denied for any user or group that automatically inherits the permissions defined in the Default Permissions item |
In the specific case of Screens and Alarms, in addition to statuses Allow Command 
and Deny Command 
, there is also an option to use the default permission for those types of objects, regardless of the status selected for a parent object, such as for Alarm Areas, according to the next figures.
Option to use the default permission for Screens
Option to use the default permission for Alarms
NOTES |
•When opening an application created in version 6.5 in version 6.6, all options of the Default Permissions item are allowed. •When opening an application created in version 6.1 or earlier in version 6.6, the options of the Default Permissions item are allowed, except the Configure users/groups, which is always denied. •Converting an application created in version 6.5 or earlier and opened in version 6.6 is only effective when any option of the Default Permissions item is changed and saved. |