Site user
Users of the type site user can be set up at site level. For such users the HOOC CompactApp is the only option for using the HOOC solution. Furthermore, they do not have any access to the HOOC ManagementPortal.
Role Based Access Control
Role-based Access Control Lists (ACL) allow to control site user’s access rights of to services and service elements. In addition to basic access authorisations, specific read and write permissions can be granted to individual elements, depending on the service. For example, when configuring a role, access can be granted to a single alarm rule or to a specific data point. Once a role has been created, it can be assigned to one or more site users. In the overview, the configured roles are are listed.
The following actions are available for existing roles:
| Action | Description |
|---|---|
| Edit role | |
| Copy role | |
| Display role’s permissions in detail | |
| Remove role |
Create role
By clicking on the symbol a new role is created.
The available settings are divided into the following sections:
1. general settings - General settings such as role name
2. system user authorisations - in-app user authorisations
3. service authorisations - Access authorisation to services and service elements
In addition to basic access authorisations to a service, dedicated read and write permissions can be granted to individual service elements. The service elements are defined by configuring the Labels property in the corresponding services:
| Service | Property Labels available |
|---|---|
| Secure Remote Control | Interfaces / Devices / Data points |
| Secure Proxy | DNS record / Mappings to end devices |
| Alarming | Alarm rules |
| Information Board | Items |
The following label types are also available when selecting the label:
- all items: This filter applies to all items. 2 Items excl. label: This filter applies to all items that do not have a label.
It can take up to 30 seconds for the settings to be applied after saving.
Site user
The overview lists the configured site users along with the most important corresponding information.
The following actions are available for existing site users:
| Action | Description |
|---|---|
| Edit user | |
| Copy user | |
| Invite user | |
| Remove user |
Create user
A new site user can be created by clicking on the symbol.
| Parameters | Description |
|---|---|
| User data | first name and last name must be specified. The user data can be edited by the respective user in the HOOC CompactApp. |
| Settings | If the option Site user uses his personal notification centre is set, the user automatically receives all messages from the site. If the option is not set, the notification center of the site can be used. |
| Access authorisations | Individually assign authorisations (either a role or specific settings) to site users. |
Invite users
The user requires an invitation in order to use the HOOC CompactApp. The invitation is available in the form of a QR code. Scanning the QR code with the HOOC CompactApp is required to log the user in.
The invitation can be sent in different ways:
- Email: An email with the QR code is sent to each selected user.
- PDF: A PDF file is generated for each selected user.
- QR codes: One image file is generated for each selected user.
By selecting E-mail, there is also the option to prevent an invitation to be sent a second time.
Site User Management Settings
Clicking on the icon provides additional settings for site user administration.
The QR-Code below can be used to create a new site user directly with the HOOC CompactApp. This user is granted the rights set here (specific ACLs / role-based ACLs).
- Limiting the validity of the QR code
- Activating the Service Discovery option allows the Admin QR code to be automatically integrated into the local network (where the HOOC Gateway is located) using the CompactApp. Please note that the HOOC gateway (firmware) must support this functionality.
When executing the “Replace QR-Code” action, the existing Site QR-Code is permanently removed.
In-app user management
Users created in the in-app user management receive the rights set here (specific ACLs / role-based ACLs).