Access Control

From HSYCO
Jump to navigation Jump to search

This plugin lets you manage an access control installation with Iono Pi (with any Wiegand keypad/card-reader) and/or HID modules.

Before using the plugin, configure all the needed I/O Servers and make sure they all communicate correctly with HSYCO. No user configuration will be needed on HID devices since the access rules are stored and managed by HSYCO.

To view the access control interface go to the URL of the "access" project on your server; for instance https://192.168.0.50/hsycoserver/access.

From the main page you can access the different sections:

Plugin access control hid menu.png


Configuration

To configure the installation go to the configuration page by clicking on the icon in the bottom-right corner.

Plugin access control hid config.png

This page lists all the defined areas and the detected modules.

Areas

An area represents a set of modules (doors) which share the same access rules.

To create a new area, press the "+" button and provide a unique name.

To edit, remove, disable or re-enable an area, click on the corresponding entry in the list. Disabling an area means temporarily blocking the access to all users to all the doors belonging to the area, until re-enabled. If an area is not enabled, the corresponding entry in the list will be grayed out.

Modules

All the detected modules are shown in this list. If an entry appears of red color, it means that HSYCO cannot connect to the module.

Clicking on an entry in the list it is possible to access and edit its configuration:

  • ID: the ID assigned to the corresponding I/O Server. Cannot be modified.
  • Enabled: if unchecked the module is disabled.
  • Stand-alone: (only Iono Pi modules) check this option to save the access rules on the module itself so that it will continue working even if not connected to HSYCO.
  • Type:
    • Single: This module controls a single door with a single keypad.
    • Entrance/Exit: This module controls a single door with 2 keypads, one for entrance and one for exit.
    • Two doors: This module has two keypads controlling two different doors.
    • Programmer: This module will not be used to control an entrance; instead, it will be used by the application as card reader to assign cards to users.
    • Two Programmers: This module is connected to 2 readers used as programmers

Depending on the type, for each door assign a descriptive name and an area the door belongs to and for each reader specify its mode:

  • Card: users only use cards to access from this reader.
  • Pin: users only use pin codes to access from this reader.
  • Card and Pin: users use cards in combination with pin codes to access from this reader.
  • Card or Pin: users use cards or pin codes to access from this reader.

System access

The System Users and Permissions buttons allow to manage the system users who will use the access control application and specify which functionalities to allow/deny to each user.

Installation settings

The Facility code can be set to the facility code of the used cards or to 0 to disable facility code checking; useful in case cards with different facility codes are used in the same installation.

The Max delay between card and pin option allows to specify how much time can elapse between the reading of a card and the inputting of the pin code for readers with typology "Card and Pin".

The Camera recording time option allows to specify the recording time (in seconds) of all cameras . This value can't be less than 5 seconds, by default it is 10 seconds.

Backup

The Backup button gives access to the list of previously saved backups and allows to create a backup of the current configuration.

User Groups

Plugin access control hid groups.png

This page lists all defined user groups and their access rules.

To create a new group click on the "+" button at the bottom of the list. Set a descriptive name, select the areas accessible by this group and specify the daily schedules.

The "Enabled" option, if unchecked, disables the access for all the users belonging to this group.

The "Special dates" link takes you to a page where you can define exceptional dates on which the access rules are different from the daily schedules set in the user groups page. Each rule will be applied only to the groups selected in the corresponding field, for the groups not selected the normal daily schedule will apply.

Plugin access control hid spec dates.png

Users

Plugin access control hid users.png

This page lists the users of the facility divided by groups. Select a user group to see the users belonging to it.

To add a user, select the user group to add it to and click on the "+" button. Then, enter the user name, optionally add a start and/or end date for the user to be active and specify the corresponding card number and/or pin code. If programmer modules are available it will be possible to use them to read the card numbers.

Unchecking the "Enabled" option will deny the access of the user to all areas until re-enabled.

To permanently remove a user, select the corresponding entry in the list, click on the "-" button and confirm the operation.

Doors status

Plugin access control hid doors.png

This section lists all the detected doors connected to the system. Select an entry to check its status or to send commands.

An open door will be of yellow color in the list, while doors with active alarms will be of red color.

Logs

Plugin access control hid log.png

In this page the last 1000 system events are reported.

It is possible to filter the entries clicking on the magnifier icon end setting the desired criteria.

Plugin access control hid log search.png

The result entries can be exported via e-mail.

Log entries are also permanently saved in CSV format in files contained in the directory "access_ctrl/logs" in the HSYCO root on the server.

Events

The application generates USER events that can be used to add custom logic to access events.

When a user is granted access the following USER events are triggered:

access.granted.door.<module_id> = <group_name>
access.granted.area.<area_name> = <group_name>

When a user is denied access the following USER events are triggered:

access.denied.door.<module_id> = <group_name_if_available_or_empty_string>
access.denied.area.<area_name> = <group_name_if_available_or_empty_string>

Control variables

You can use variables to programmatically disable groups. To this end set the corresponding variable to '0':

$access.group.<group_name>.enabled = 0

In the above code <group_name> must be set to the name of the group (case insensitive) with spaces replaced by '_'.

For instance, to disable "My Group":

$access.group.my_group.enabled = 0

Any value other than '0' assigned to the variable will be ignored.