IDE USER MANAGEMENT
- Perla Madrigal (Unlicensed)
Codesys has fully featured User Management in the Integrated Development Environment (IDE). This allows control over the execution of commands, creation of objects, modification of programs and viewing of programs in the IDE.
It is important not to confuse IDE User Management with the user management used in the Visualization programming of Codesys. IDE User Management is used to control access to the project while programming only, not during runtime.
IDE User Management is useful in a situation where multiple programmers are working on a project and each programmer should only be allowed to modify the portion of the project they are responsible for.
The first part of this example will show the basic tools used to manage users in the IDE. Start a new project with the controller and base language of your choice.
The structure of IDE User Management contains Groups and Users. Groups are used to control access to the project, and Users are added to Groups. This allows Users to be part of different Groups and therefore have structured access.
User Management for the IDE can be found in the Menu bar under:
“Project->Project Settings->Users and Groups”
By default, there is one user titled “Owner” and two groups titled “Everyone” and “Owner”.
The access control for Groups is set up under “Project->User Management->Permissions”
Note here that that Groups are listed on the right hand side. Only one Group is shown: “Everyone”. This is because the Group “Owner” is granted full access rights as noted near the bottom of the window.
For the next portion of the example a new Group and User will be setup and access will be configured.
Navigate to “Project->Project Settings->Users and Groups” and select “Add” on the Groups tab.
Add a new Group titled “Programming Group 1” and select OK. A dialog will appear asking you to log in as a member of the Group “Owner”. This is because by default a project is not logged in as a User.
The default login is “Owner” for User name and the password is blank. It is highly recommended to add a password to the “Owner” user as this will protect access to User Management.
Navigate to the “Users” tab and select “Add”. Type in the details as shown below. Add a password of your choice. Make sure to check the box next to “Programming Group 1” under memberships.
Note: If you have logged out as “Owner” of the project the login dialog will appear when making this change. Login as Owner if required
Now there is a User Group “Programming Group 1” with the user “Programmer A” in the group. The next step is to control “Programming Group 1” access to the programming. “Programming Group 1” access to edit the main program “PLC_PRG” will be removed.
Navigate to “Project->User Management->Permissions”. The new group “Programming Group 1” is available for selection in the right-hand pane. By default full permission is granted to new groups. Navigate to “Project Objects -> Modify -> Device -> PLC Logic ->Application->PLC_PRG” and then select “Programming Group 1” AND “Everyone” from the Permissions window and select “Deny”.
This selection has prevented any member of the “Programming Group 1” AND Users that are not logged in from modifying “PLC_PRG”.
Next, the behavior of the IDE with the new User Management will be demonstrated.
First, login to the “Programmer A” user by selecting “Project->User Management->User Login”.
The current User in the IDE can be seen in the lower right-hand portion of the IDE.
Attempt to modify “PLC_PRG” while logged in. A login prompt will appear asking for a User Account that has permission make the changes. If a User attempts to login that does not have permission an error box will appear.
Next, login as “Owner” and attempt to make the change. Full editing permission is restored. As a final test, logout from all users and attempt to modify "PLC_PRG". Because the Group "Everyone" was also blocked from editing "PLC_PRG", when there is no user logged in edits to "PLC_PRG" will not be allowed.
-VL