Difference between revisions of "Access Control"

From HSYCO
Jump to navigation Jump to search
 
(11 intermediate revisions by 2 users not shown)
Line 1: Line 1:
This plugin lets you manage an access control installation with HID devices.
+
This plugin lets you manage an access control installation with [[IonoPi | Iono Pi]] (with any Wiegand keypad/card-reader) and/or [[Hidedgesolo | HID]] modules.
  
Before using the plugin, configure all the [[Hidedgesolo | HID I/O Servers]] needed and make sure they all communicate correctly with HSYCO. No user configuration will be needed on the HID devices since the access rules are stored and managed by HSYCO.
+
Before using the plugin, configure all the needed I/O Servers and make sure they all communicate correctly with HSYCO. No user configuration will be needed on HID devices since the access rules are stored and managed by HSYCO.
  
To view the access control interface go to the URL of the "access" project on your server; for instance https://192.168.0.50/hsycoserver/access.
+
To view the access control interface go to the URL of the "access" project on your server; for instance <nowiki>https://192.168.0.50/hsycoserver/access</nowiki>.
  
 
From the main page you can access the different sections:
 
From the main page you can access the different sections:
Line 15: Line 15:
 
[[File:plugin_access_control_hid_config.png|border|600px]]
 
[[File:plugin_access_control_hid_config.png|border|600px]]
  
This page list all the defined areas and the detected HID modules.
+
This page lists all the defined areas and the detected modules.
  
 
=== Areas ===
 
=== Areas ===
Line 22: Line 22:
 
To create a new area, press the "+" button and provide a unique name.
 
To create a new area, press the "+" button and provide a unique name.
  
To edit, remove, disable or re-enable an area, click on the corresponding entry in the list. Disabling an area means temporarily blocking the access to all users to all the doors belonging to the area, until re-enabled. If an area is not enabled, the corresponding entry in the list will have a lowed opacity.
+
To edit, remove, disable or re-enable an area, click on the corresponding entry in the list. Disabling an area means temporarily blocking the access to all users to all the doors belonging to the area, until re-enabled. If an area is not enabled, the corresponding entry in the list will be grayed out.
  
 
=== Modules ===
 
=== Modules ===
  
The list of modules show all the HID Solo IO servers defined in HSYCO's settings and their corresponding names as defined in the modules' configuration.
+
All the detected modules are shown in this list. If an entry appears of red color, it means that HSYCO cannot connect to the module.
If an entry appears of red color, it means that HSYCO cannot connect to the module.
 
  
Clicking on an entry in the module's list it is possible to access and edit its configuration:
+
Clicking on an entry in the list it is possible to access and edit its configuration:
 +
 
 +
* '''ID''': the ID assigned to the corresponding I/O Server. Cannot be modified.
 +
* '''Enabled''': if unchecked the module is disabled.
 +
* '''Stand-alone''': (only Iono Pi modules) check this option to save the access rules on the module itself so that it will continue working even if not connected to HSYCO.
  
* '''ID''': the ID assigned to the corresponding IO server. Cannot be modified.
 
* '''Name''': by default is the name set in the HID module's configuration. It can be changed to any other unique name.
 
* '''Enabled''': if unchecked no user will be allowed to access to door.
 
 
* '''Type''':  
 
* '''Type''':  
** '''One reade'''r: Only one reader is connected to this module.
+
** '''Single''': This module controls a single door with a single keypad.
** '''Two reader''': Two readers are connected to this module: entrance and exit readers.
+
** '''Entrance/Exit''': This module controls a single door with 2 keypads, one for entrance and one for exit.
 +
** '''Two doors''': This module has two keypads controlling two different doors.
 
** '''Programmer''': This module will not be used to control an entrance; instead, it will be used by the application as card reader to assign cards to users.
 
** '''Programmer''': This module will not be used to control an entrance; instead, it will be used by the application as card reader to assign cards to users.
* '''Area''': area this module belongs to.
+
** '''Two Programmers''': This module is connected to 2 readers used as programmers
* '''Entrance/Exit reader''':
+
 
** '''Card''': users only use cards to access from this reader.
+
Depending on the type, for each door assign a descriptive name and an area the door belongs to and for each reader specify its mode:
** '''Pin''': users only use pin codes to access from this reader.
+
* '''Card''': users only use cards to access from this reader.
** '''Card and Pin''': users use cards in combination with pin codes to access from this reader.
+
* '''Pin''': users only use pin codes to access from this reader.
**'''Card or Pin''': users use cards or pin codes to access from this reader.
+
* '''Card and Pin''': users use cards in combination with pin codes to access from this reader.
* '''Invert entrance/exit''': in the case of a "Two readers" module, checking this option will cause the application to invert the default transit directions.
+
* '''Card or Pin''': users use cards or pin codes to access from this reader.
  
 
=== System access ===
 
=== System access ===
Line 50: Line 51:
  
 
=== Installation settings ===
 
=== Installation settings ===
The '''Facility code''' must be set to the value assigned by HID to your installation when purchasing the system.
+
The '''Facility code''' can be set to the facility code of the used cards or to 0 to disable facility code checking; useful in case cards with different facility codes are used in the same installation.
  
The '''Max delay between card and pin''' option allows to specify how much time can elapse between the reading of a card and the inputing of the pin code for readers with typology "Card and Pin".
+
The '''Max delay between card and pin''' option allows to specify how much time can elapse between the reading of a card and the inputting of the pin code for readers with typology "Card and Pin".
  
 
=== Backup ===
 
=== Backup ===
Line 76: Line 77:
 
This page lists the users of the facility divided by groups. Select a user group to see the users belonging to it.
 
This page lists the users of the facility divided by groups. Select a user group to see the users belonging to it.
  
To add a user, select the user group to add it to and click on the "+" button. Then, enter the user name, optionally add a due date after which the user won't be granted any access and specify the corresponding card number and/or pin code.     
+
To add a user, select the user group to add it to and click on the "+" button. Then, enter the user name, optionally add a start and/or end date for the user to be active and specify the corresponding card number and/or pin code.     
 
If programmer modules are available it will be possible to use them to read the card numbers.
 
If programmer modules are available it will be possible to use them to read the card numbers.
  
Line 84: Line 85:
  
 
== Doors status  ==
 
== Doors status  ==
 +
[[File:plugin_access_control_hid_doors.png|border|600px]]
 +
 +
This section lists all the detected doors connected to the system. Select an entry to check its status or to send commands.
 +
 +
An open door will be of yellow color in the list, while doors with active alarms will be of red color.
  
 
== Logs  ==
 
== Logs  ==
 +
[[File:plugin_access_control_hid_log.png|border|600px]]
 +
 +
In this page the last 1000 system events are reported.
 +
 +
It is possible to filter the entries clicking on the magnifier icon end setting the desired criteria.
 +
 +
[[File:plugin_access_control_hid_log_search.png|border|600px]]
 +
 +
The result entries can be exported via e-mail.
 +
 +
Log entries are also permanently saved in CSV format in files contained in the directory "access_ctrl/logs" in the HSYCO root on the server.
  
 
== Events  ==
 
== Events  ==
 +
The application generates USER events that can be used to add custom logic to access events.
 +
 +
When a user is granted access the following USER events are triggered:
 +
<pre>
 +
access.granted.door.<module_id> = <group_name>
 +
access.granted.area.<area_name> = <group_name>
 +
</pre>
 +
 +
When a user is denied access the following USER events are triggered:
 +
<pre>
 +
access.denied.door.<module_id> = <group_name_if_available_or_empty_string>
 +
access.denied.area.<area_name> = <group_name_if_available_or_empty_string>
 +
</pre>
 +
 +
== Control variables  ==
 +
You can use variables to programmatically disable groups. To this end set the corresponding variable to '0':
 +
<pre>
 +
$access.group.<group_name>.enabled = 0
 +
</pre>
 +
In the above code <group_name> must be set to the name of the group (case insensitive) with spaces replaced by '_'.
 +
 +
For instance, to disable "My Group":
 +
<pre>
 +
$access.group.my_group.enabled = 0
 +
</pre>
 +
 +
Any value other than '0' assigned to the variable will be ignored.

Latest revision as of 16:56, 24 January 2018

This plugin lets you manage an access control installation with Iono Pi (with any Wiegand keypad/card-reader) and/or HID modules.

Before using the plugin, configure all the needed I/O Servers and make sure they all communicate correctly with HSYCO. No user configuration will be needed on HID devices since the access rules are stored and managed by HSYCO.

To view the access control interface go to the URL of the "access" project on your server; for instance https://192.168.0.50/hsycoserver/access.

From the main page you can access the different sections:

Plugin access control hid menu.png


Configuration

To configure the installation go to the configuration page by clicking on the icon in the bottom-right corner.

Plugin access control hid config.png

This page lists all the defined areas and the detected modules.

Areas

An area represents a set of modules (doors) which share the same access rules.

To create a new area, press the "+" button and provide a unique name.

To edit, remove, disable or re-enable an area, click on the corresponding entry in the list. Disabling an area means temporarily blocking the access to all users to all the doors belonging to the area, until re-enabled. If an area is not enabled, the corresponding entry in the list will be grayed out.

Modules

All the detected modules are shown in this list. If an entry appears of red color, it means that HSYCO cannot connect to the module.

Clicking on an entry in the list it is possible to access and edit its configuration:

  • ID: the ID assigned to the corresponding I/O Server. Cannot be modified.
  • Enabled: if unchecked the module is disabled.
  • Stand-alone: (only Iono Pi modules) check this option to save the access rules on the module itself so that it will continue working even if not connected to HSYCO.
  • Type:
    • Single: This module controls a single door with a single keypad.
    • Entrance/Exit: This module controls a single door with 2 keypads, one for entrance and one for exit.
    • Two doors: This module has two keypads controlling two different doors.
    • Programmer: This module will not be used to control an entrance; instead, it will be used by the application as card reader to assign cards to users.
    • Two Programmers: This module is connected to 2 readers used as programmers

Depending on the type, for each door assign a descriptive name and an area the door belongs to and for each reader specify its mode:

  • Card: users only use cards to access from this reader.
  • Pin: users only use pin codes to access from this reader.
  • Card and Pin: users use cards in combination with pin codes to access from this reader.
  • Card or Pin: users use cards or pin codes to access from this reader.

System access

The System Users and Permissions buttons allow to manage the system users who will use the access control application and specify which functionalities to allow/deny to each user.

Installation settings

The Facility code can be set to the facility code of the used cards or to 0 to disable facility code checking; useful in case cards with different facility codes are used in the same installation.

The Max delay between card and pin option allows to specify how much time can elapse between the reading of a card and the inputting of the pin code for readers with typology "Card and Pin".

Backup

The Backup button gives access to the list of previously saved backups and allows to create a backup of the current configuration.

User Groups

Plugin access control hid groups.png

This page lists all defined user groups and their access rules.

To create a new group click on the "+" button at the bottom of the list. Set a descriptive name, select the areas accessible by this group and specify the daily schedules.

The "Enabled" option, if unchecked, disables the access for all the users belonging to this group.

The "Special dates" link takes you to a page where you can define exceptional dates on which the access rules are different from the daily schedules set in the user groups page. Each rule will be applied only to the groups selected in the corresponding field, for the groups not selected the normal daily schedule will apply.

Plugin access control hid spec dates.png

Users

Plugin access control hid users.png

This page lists the users of the facility divided by groups. Select a user group to see the users belonging to it.

To add a user, select the user group to add it to and click on the "+" button. Then, enter the user name, optionally add a start and/or end date for the user to be active and specify the corresponding card number and/or pin code. If programmer modules are available it will be possible to use them to read the card numbers.

Unchecking the "Enabled" option will deny the access of the user to all areas until re-enabled.

To permanently remove a user, select the corresponding entry in the list, click on the "-" button and confirm the operation.

Doors status

Plugin access control hid doors.png

This section lists all the detected doors connected to the system. Select an entry to check its status or to send commands.

An open door will be of yellow color in the list, while doors with active alarms will be of red color.

Logs

Plugin access control hid log.png

In this page the last 1000 system events are reported.

It is possible to filter the entries clicking on the magnifier icon end setting the desired criteria.

Plugin access control hid log search.png

The result entries can be exported via e-mail.

Log entries are also permanently saved in CSV format in files contained in the directory "access_ctrl/logs" in the HSYCO root on the server.

Events

The application generates USER events that can be used to add custom logic to access events.

When a user is granted access the following USER events are triggered:

access.granted.door.<module_id> = <group_name>
access.granted.area.<area_name> = <group_name>

When a user is denied access the following USER events are triggered:

access.denied.door.<module_id> = <group_name_if_available_or_empty_string>
access.denied.area.<area_name> = <group_name_if_available_or_empty_string>

Control variables

You can use variables to programmatically disable groups. To this end set the corresponding variable to '0':

$access.group.<group_name>.enabled = 0

In the above code <group_name> must be set to the name of the group (case insensitive) with spaces replaced by '_'.

For instance, to disable "My Group":

$access.group.my_group.enabled = 0

Any value other than '0' assigned to the variable will be ignored.