Using CitectSCADA > Securing Projects > Securing a Top-level Project

Securing a Top-level Project

This section describes a "real-world" situation that might require read-only privileges to be applied to a top-level project.

Note: Before securing a top-level project, read the section Read-Only Privileges on Projects for details on operational constraints. Pay particular attention to the section Read-only on top-level projects.

In this scenario, several onsite engineers are responsible for maintaining a top-level project, ProjectXYZ. Consequently they require read-write privileges for every project folder.

The operators responsible for monitoring plant operations will use the project at runtime only; consequently operators only have read-only access to the project.

The system administrator on site first identifies those employees who will use the project, and then divides this pool of users into two user groups:

This is shown in the illustration below.

The administrator creates two user groups to make administering users easier: ProjectXYZEngineers and ProjectXYZOperators, and assigns engineers to the first group, operators to the second.

Note: Creating user groups is optional and makes it easier to handle privileges for multiple users. Creating user groups may be unnecessary if you only have a few users.

The administrator then assigns engineers read-write privileges to the top-level project folder, and operators read-only privileges, like this.

  1. Select the project folder of the top-level project and display its properties.
  2. Select the ProjectXYZEngineers user group and allow read-write privileges. (Remember that in order to use read-write projects, read, write, and delete privileges needs to be assigned.)
  3. Select the ProjectXYZOperators user group and deny write privileges. See the section Making a Project Read-Only for the specific privileges assign.
  4. Apply and save the changes.
  5. Review the changes to verify that engineers and operators have the correct privileges for their roles.

See Also