User Management¶
In this chapter:
Predefined Roles¶
FindFace Security provides the following predefined roles:
Administrator has rights to manage cameras, events, FindFace Security users, the dossier database, and full access to all other functions.
Important
Whatever the role, the first administrator (Super Administrator) cannot be deprived of its rights.
Operator can create dossiers manually, receive and acknowledge events, and search for faces in the event list. The other data is available read-only. The batch dossier creation is unavailable.
User has a right to receive and acknowledge events, and to search for faces in the event list. The other data is available read-only.
You can change the predefined roles privileges, as well as create various custom roles.
Create Custom Role¶
To create a custom role, do the following:
Navigate to the Preferences tab. Click Roles.
Click +.
On the Information tab, specify the role name.
Click Save. You will see additional tabs appear next to the Information tab. You can use these tabs to assign the role privileges for specific watch lists (the Watch Lists tab) and camera groups (Camera Groups), as well as for entire system functions and entities (Permissions).
Note
For example, if you set
Nonefor a certain camera group on the Camera Groups tab, users with this role won’t be able to work with this very group of cameras. SettingNoneforcameragroupon the Permissions tab will prevent users from viewing and working with all camera groups.The full list of the FindFace Security entities is as follows:
dossierlist: watch listdossier: dossierdossierface: photo in a dossiercameragroup: camera groupcamera: cameralistevent: event listuploadlist: list of photos in batch uploadupload: item (photo) in batch photo uploaduser: usergroup: user rolehook: webhookvideosource: face identification in offline video
You can also enable and disable rights for the following functionality:
configure_genetec: configuration of Genetec integrationconfigure_ntls: configuration of thefindface-ntlslicense serverbatchupload_dossier: batch photo uploadview_runtimesetting: viewing the FindFace Security general preferenceschange_runtimesetting: changing the FindFace Security general preferences
Primary and Additional User Privileges¶
You assign privileges to a user by using roles:
- Primary role: main user role, mandatory for assignment. You can assign only one primary role to a user.
- Role: additional user role, optional for assignment. You can assign several roles to one user. The rights associated with the additional roles will be added to the primary privileges.
The different between a primary and additional roles is the following. If a user is assigned a certain primary role, this role will be automatically granted the Change permissions for all objects newly created by this user (cameras, watch lists, dossiers, etc.). This doesn’t happen when you assign an additional role. For example, if a user is assigned a primary role Manager, all users with the Manager role will be able to change the objects newly created by this user. On the contrary, if you assign Manager as an additional role, other users with the Manager role will need a relevant permission to change the objects created by the user.
See also
Create User¶
To create a user, do the following:
Navigate to the Preferences tab. Click Users.
Click +.
Specify such user data as name, login and password. If necessary, add a comment.
From the Primary role drop-down menu, select the user primary role. If necessary, add one or several additional roles by selecting them from the Role drop-down menu. The rights associated with the additional roles will be added to the primary privileges. The user’s primary role will be automatically added with
writepermissions to Access Control List for all objects newly created by this user.
Check Active.
Click Create.
Deactivate or Delete User¶
In order to deactivate a user, simply uncheck Active in the user list ().
To delete a user from FindFace Security, click on the user login in the list. Click Delete.