A role is intended for assigning a group of users individual rights and permissions for administration, management and/or monitoring of individual components of Axxon Next.

To register a new role, perform the following:

  1. At the end of the list of the system roles, click the Create link.

    The new role is added to the system, with its properties displayed on the right side.
  2. Enter a name for the role in the corresponding field (1).

  3. Select the level of map access for users with the current role (2). 

    Access level

    Description

    View only

    You can only view maps

    View/move/scale

    You can move and scale maps

    Full access

    All options available


  4. If it is necessary to limit access of users of a given role to all system archives, you can specify the retention time (archive depth) limit in the Archive depth viewing restriction field (3). If no limit is set, users may access the entire Video Footage.

  5. Set access permissions for Axxon Next functions (4). Access can be restricted to such features as:
    1. Archive search (see Video surveillance in Archive Search mode).
    2. Adding a camera to a layout in live video mode (see Adding cameras to cells).
    3. Adding and editing presets for PTZ cameras (see Selecting a preset).
    4. Alarms Management (see Video surveillance in Alarm Management mode). 

      No access: users have no access to alarm videos. View only: users can view alarm videos but they can't evaluate alarms. Full access: users can view alarm videos and evaluate alarms.

    5. Creating comments (see Operator comments) and protected records in Video Footage (see Protecting video footage from FIFO overwriting).

      Access level

      Description

      No access

      No comments allowed

      Create

      Add comments to archives

      Create / Protect

      Add comments to archives, create protected records

      Create / Protect / Edit / Delete

      Add comments to archives, create and edit protected records


    6. Removing videos from the footage archive (see Delete a part of an archive).
    7. Allow unprotected export (see Frame export, Standard video export). Set No to require setting a password for exported images and video (see Exporting Frames and Video Recordings).
    8. Exporting frames and video recordings (see Exporting Frames and Video Recordings).

    9. Editing layouts (see Editing layouts).

    10. Minimizing the Client to the system tray (see Interface of the Axxon Next Software Package).
    11. Managing an Axxon domain (see Axxon Domain operations).

    12. Access to the Web server (see Working with Axxon Next Through the Web Client).

    13. Show captions (see Viewing titles from POS terminals).
    14. Show faces (see Masking faces).
    15. Viewing the system log (see The System Log).

    16. Context menu of a video camera in a viewing tile (see Viewing Tile Context Menu).

    17. View masked video (see Setting up privacy masking in Video Footage, Specific settings for people masking).

  6. Configure access rights to the following interfaces (5):

    1. to the Layouts tab. This parameter applies to both the main Client and the Web Client (see Web client's GUI).

    2. to video camera groups in the Hardware tab and to video camera groups in the layout interface;

    3. For Objects Panel (see Objects Panel) and Camera Search Panel (see Camera Search Panel).

  7. Configure access rights to the Settings tabs and to system error messages (6).

    If you set the User Permission Settings parameter to Device access rights only, all users of the given role will be permitted to change only access rights to connected devices.


    If the Programming Setup is not available for the user role, the user will not be able to use the created macros until the appropriate rights are granted.


    Error messages are displayed in real time in the Layouts interface.



  8. Set the parameters to apply the four-eyes principle (7):

    1. If the administrator has to confirm the launch of export for users of this role, select the appropriate role in the Supervisor for access to export list (see Exporting Frames and Video Recordings).

    2. If the administrator has to confirm the login of users of this role, select the corresponding role in the Supervisor for authorization in client list (see Starting an Axxon Next Client).

  9. If you need to grant the users in this role permissions only for a certain period of time, select a Time schedule (8) from the list. These users will not be able to use their permissions outside of the selected time schedule.

  10. Configure rights to manage connected Clients' monitors by setting permissions for each Server on an Axxon domain (9). A user who has management permissions for the monitors of a particular Server can manage monitors of any Client connected to that Server.

  11. Set permissions for access to hardware and archives on an Axxon domain (10).

    You can set permissions for all Server devices, for a specific device (the Devices tab) or a group of devices (the Groups tab, see Configuring video camera groups). You cannot switch tabs before you have saved the newly created role. You should save your changes while editing permissions in any tab and then you get access to another tab.

    If a camera belongs to different groups that have different access settings, then the last applied access permission is applied.


    Device

    Access permissions

    Description

    Video camera





    No access

    You cannot access the device

    Archive only

    You can only view video footage in archive

    Live in Armed mode

    You can view video from the camera only when the camera is armed

    Live

    You can view live video from the camera. Other functions and device configuration are not available

    Live/Archive

    You can view live and recorded video from the camera. You cannot arm/disarm/configure the camera

    Live/Archive/Control

    All functions available. You cannot configure the device

    Live/Archive/Control/Configure

    All functions and settings available

    Microphone



    No access

    The user is unable to listen to live sound from the video camera. The user is unable to listen to sound recordings from the archive

    Live Audio

    The user is able to listen to live sound from the video camera (the microphone should be turned on). The user is unable to listen to sound recordings from the archive

    Live Audio and Archive

    All functions are available

    PTZ


    No access

    The user cannot control the PTZ device

    Minimum level

    The user can control the PTZ device with the corresponding priority (see Controlling a PTZ Camera)

    Low level
    Medium level
    High level
    Maximum level
    ArchiveNo accessAccess is not provided to this archive
    Full accessArchive is available for all functions

    You can configure group rights for accessing devices and archives of a particular Server. To do so, select an access level for the Server object. Depending on the level that is chosen, particular access levels are automatically configured for the devices and archives of the relevant Server (see the table).

    Server access level

    Device/archive

    Device/archive access level

    Custom

    -

    Access levels for devices and archives are set manually

    No access

    -

    No access to devices and archives

    Archive OnlyVideo cameraArchive only
    MicrophoneLive Audio and Archive
    PTZMedium level
    ArchiveFull access

    Live in Armed Mode

    Video camera

    You can view armed cameras

    Microphone

    Live Audio

    PTZ

    Medium level

    Archive

    No access

    Live

    Video camera

    You can view live video

    Microphone

    Live Audio

    PTZ

    Medium level

    Archive

    No access

    Live/Archive

    Video camera

    You can view live and recorded video

    Microphone

    Live Audio and Archive

    PTZ

    Medium level

    Archive

    Full access

    Live/Archive/Control




    Video camera

    All functions. Settings not available.

    Microphone

    Live Audio and Archive

    PTZ

    Medium level

    Archive

    Full access

    Live/Archive/Control/ConfigureVideo camera All functions + settings available.
    Microphone Live Audio and Archive
    PTZ Maximum level
    Archive Full access

    In addition, you may select the level of access to one camera and extend it to other cameras. Please follow the steps below:

    1. Select the access level for a required camera

    2. Click the button and select cameras the same settings should be applied to.

      To quickly select multiple cameras, hold down the Shift key, select the first and last cameras the settings should be applied to. Selecting any camera from highlighted ones will result in selecting them all. 

  12. Select the appropriate access level to set the ability to manually run all or some macros (see Configuring Macros and Counters) from the Layouts interface:

    By default, created macros are available only to users from the admin group

    Users outside the admin group can create macros if they have the permissions to create them, but they cannot use them until they have the permissions to use them.


  13. Click the Apply button to save the role.

The new role has now been created.

You can copy Roles. To do it, follow the steps below:

  1. Select the role to copy.
  2. Click the Create button.

This creates a new identical role.

To create an empty user role with no parameters specified, select the Roles common group, and click the Create button.

To delete a role, do the following:

  1. Select the role to delete.

  2. Click the Delete button.


    You cannot delete a role if the user through which you logged into the system belongs to that role.


  3. Click the Apply button.

The role has now been deleted. All users under this role will also be deleted.