Operator groups in Space
Overview
Operator groups are defined according to two operator types:
- Administrator: This refers to the default operator group on the system.
- Standard: This refers to any operator group that you add to the system.
There are no limitations on the number of operator groups that can be added to the system.
Operators must always belong to a group, i.e.: you can't create an operator who doesn't belong to a group. Operators can create, delete, and edit operator groups within their own group depending on the operator group permissions set by the admin operator. An operator cannot give operator groups any permissions other than those that they have been granted themselves.
Salto Space displays all the operator groups that have been created in the system. However, the groups to which the operator does not belong are greyed out and cannot be accessed. See Operator group global permissions for more information.
If you delete an operator group, any operators associated with the operator group are also deleted. You cannot delete the default Administrator operator group on the system.
Creating operator groups
To add a new operator group:
- Select System > Operator groups. The Operator groups screen is displayed.
'Operator groups' screen
- Click Add. The Operator group information screen is displayed.
'Operator group' information screen
Type the name of the operator group in the Name field.
Type a description for the group in the Description field.
Select the appropriate options in the Settings panel. See Operator group settings for a description of the available options.
Select the appropriate permissions in the Global permissions panel. See Operator group global permissions for a description of the available options.
Select the appropriate partitions in the Partitions panel by selecting the checkboxes in the Access column. You can select partitions as required. See Partitions for more information about partitions. The Custom permissions option is unselected by default for each partition. This means that the operator group global permissions that you have selected in the Global permissions panel are automatically applied to the partition. See Operator group global permissions for more information. If you check the box in the Custom permissions column, a Permissions for panel is displayed. This allows you to adjust the operator group permissions for that particular partition. You can clear the checkboxes in the panel to remove certain permissions. However, you cannot grant a permission that has not already been selected in the Global permissions panel.
Note that the partitions functionality is license-dependent. See Registering and licensing Space for more information.
- Click Save.
Operator group settings
The admin operator can define the operator group settings by selecting specific options in the Settings panel.
The following table describes the different options available.
| Option | Description |
|---|---|
| Hotel interface | Selecting this option means that the quick-access tiles specific to hotels are displayed when the operator logs in. |
| Manages all doors with PPD | Selecting this option means that the operator can use the PPD to perform tasks (such as updating locks) on doors in all of the partitions on the system. See PPD for more information. |
| Show all partitions access points in audit trail | Selecting this option means that the operator can view audit trail data for all of the partitions on the system on the Audit trail information screen. |
| Limit visualization of audit trail events to the latest x days | Selecting this option means that the operator can view the audit trail events occurring only on the latest days selected from the Audit trail information screen. |
Operator group global permissions
The admin operator can specify the tasks that an operator group is allowed to perform by selecting specific permissions in the Global permissions panel.
If you select a top-level permission in the Global permissions panel, all of its sub-level options are automatically selected. You can clear the checkboxes for individual sub-level options if required. If you do not select a top-level permission or any of its sub-level options, the corresponding menu and drop-down options are not displayed when members of the operator group log in to Space. For example, if you do not select the top-level Monitoring checkbox or any of its sub-level options, then the Monitoring menu is not visible to the operators who belong that group.
The permission options are described in the tables below.
- Access points permissions
See Access points for more information about the various access point options described in the following table.
| Permission | Description |
|---|---|
| Doors | Selecting these permissions means that operator group members can: - View a list of doors applicable to their group - Modify door parameters (opening modes, etc.) - Modify who has access to the doors - Add and delete doors |
| Lockers | Selecting these permissions means that operator group members can: - View a list of lockers applicable to their group - Modify the locker configuration settings - Modify who has access to the lockers - Add and delete lockers |
| Rooms and suites | Selecting these permissions means that operator group members can: - View the hotel room and suite list applicable to their group - Modify the hotel room and suite configuration options - Add and delete hotel rooms and suites |
| Zones | Selecting these permissions means that operator group members can: - View a list of zones applicable to their group - Modify the zone configuration settings - Modify who has access to the zones - Add and delete zones |
| Locations/Functions | Selecting these permissions means that operator group members can: - View a list of locations and functions applicable to their group - Modify who has access to the locations and functions - Modify the location and function parameters - Add and delete locations and functions |
| Outputs | Selecting these permissions means that operator group members can: - View a list of outputs applicable to their group - Modify the output configuration options - Modify who has access to the outputs - Add and delete outputs |
| Roll-call areas | Selecting these permissions means that operator group members can: - View a list of roll-call areas applicable to their group - Modify the roll-call area configuration options - Add and delete roll-call areas |
| Limited occupancy areas | Selecting these permissions means that operator group members can: - View the limited occupancy list applicable to their group - Modify the limited occupancy area configuration options - Add and delete limited occupancy areas |
| Lockdown areas | Selecting these permissions means that operator group members can: - View a list of lockdown areas applicable to their group - Modify the lockdown area configuration options - Add and delete lockdown areas |
| Timed periods and Automatic changes | Selecting these permissions means that operator group members can: - View a list of timed periods and automatic changes applicable to their group - Modify the timed periods and automatic changes configuration settings |
- Cardholders permissions
See Cardholders for more information about the various cardholder options described in the following table.
| Permission | Description |
|---|---|
| Users | Selecting these permissions means that operator group members can: - View a list of users applicable to their group - Modify user configuration settings - Add and remove banned users - Add and delete users |
| Visitors | You need an additional license to use this feature. Selecting these permissions means that operator group members can: - View the list of visitors - Delete visitors from the system |
| User access levels | Selecting these permissions means that operator group members can: - View the user access level list applicable to their group - Modify the user access level configuration options - Add and delete user access levels |
| Visitor access levels | You need an additional license to use this feature. Selecting these permissions means that operator group members can: - View the visitor access level list applicable to their group - Modify the visitor access level configuration options - Add and delete visitor access levels |
| Guest access levels | You need an additional license to use this feature. Selecting these permissions means that operator group members can: - View the guest access level list applicable to their group - Modify the guest access level configuration options - Add and delete guest access levels. |
| Limited occupancy groups | You need an additional license to use this feature. Selecting these permissions means that operator group members can: - View the limited occupancy groups list applicable to their group - Modify the limited occupancy group configuration options - Add and delete limited occupancy groups |
| Timetables | Selecting these permissions means that operator group members can: - View the timetables applicable to their group - Modify the timetables configuration settings |
- Keys permissions
See Keys for more information about the various key options in the following table.
| Permission | Description |
|---|---|
| Read key | Selecting this permission means that operator group members can read the data on a key using an encoder. |
| Delete key | Selecting this permission means that operator group members can delete the data on a key using an encoder. |
| Automatic key update | Selecting this permission means that operator group members can update keys automatically |
| Reset locker data | Selecting this permission means that operator group members can reset locker data using an encoder |
| Users | Selecting these permissions means that operator group members can: - Assign user keys - Cancel user keys |
| Visitors | Selecting these permissions means that operator group members can: - Check in visitors - Check out visitors |
- Monitoring permissions
See Monitoring for more information about the various system monitoring options described in the following table.
| Permission | Description |
|---|---|
| Audit trail | Selecting these permissions means that operator group members can: - View the audit trail list of opening and closing events for each access point - Purge the list of audit trail events |
| Online monitoring | Selecting these permissions means that operator group members can: - View - Open online access points - Set/Remove emergency state |
| Lockdown | You need an additional license to use this feature |
| Limited occupancy | You need an additional license to use this feature |
| Roll-call | You need an additional license to use this feature |
| Alarm outputs | Selecting these permissions means that operator group members can activate alarm outputs |
| Graphical Mapping | Selecting this permission means that operator group members can access a graphical mapping application. This means they can: - Access in setup mode - Access in monitoring mode The graphical mapping functionality is license-dependent. See Registering and licensing Space for more information. The SALTO Graphical mapping manual contains more information about graphical mapping. If you don't already have this document, contact your Salto partner or tech support team to receive a copy of it. |
| Lockdown | Selecting this permission means that operator group members can change the emergency state in lockdown areas in Lockdown monitoring. |
| Roll-call | Selecting this permission means that operator group members can view the users that are in each roll-call area using Roll-call monitoring. |
| Limited occupancy | Selecting this permission means that operator group members can view and reset the number of people in each limited occupancy area in Limited occupancy monitoring. |
Hotels permissions
See Hotels for more information about the various hotel options described in the following table.
| Permission | Description |
|---|---|
| Room status | Selecting this permission means that operator group members can view the room status list. |
| Check-in | Selecting this permission means that operator group members can check in hotel guests. |
| Check-out | Selecting this permission means that operator group members can check out guests. |
| Copy guest key | Selecting this permission means that operator group members can copy guest keys. |
| Cancellation of guest lost keys | Selecting this permission means that operator group members can cancel lost guest keys. Canceling a guest's lost key adds that key to the denylist. |
| One shot key | Selecting this permission means that operator group members can edit a one-shot key. |
| Programming/spare key | Selecting this permission means that operator group members can edit a spare key kit. This kit consists of a programming key and spare keys. |
| Edit guest cancelling key | Selecting this permission means that operator group members can edit a guest canceling key. You can use these keys to invalidate guest keys so that guests can no longer access their room. |
| Edit room cleaner key | Selecting this permission means that operator group members can edit a room cleaner key. |
- Tools permissions
See Tools for more information about the various system tool options described in the following table.
| Permission | Description |
|---|---|
| Export | Selecting these permissions means that operator group members can export lists of the different existing entity types available in the installation. |
| Scheduled jobs | Selecting these permissions means that operator group members can view the scheduled jobs, that is, system tasks that are set up to be performed automatically on the system, such as purging audit trail data or making database backups. |
| Synchronization | You need an additional license to use this feature |
| DB Backup | Selecting this permission means that operator group members can make unscheduled database backups, for example, before updating your Space software version or before carrying out server maintenance. |
| Events stream | You need an additional license to use this feature |
| Card template list | You need an additional license to use this feature |
| Alarm events | You need an additional license to use this feature |
| Reports | Selecting this permission means that operator group members can generate specific reports that describe lock and user activity in Salto Space. |
System permissions
See System process for more information about the various system management and configuration options described in the following table.
| Permission | Description |
|---|---|
| System Auditor | Selecting these permissions means that operator group members can: - View the system auditor events list - Purge the system auditor events list |
| Operators | Selecting these permissions means that operator group members can: - View the operator list - Modify the operator list - Add and delete operators in the system |
| Operator groups | Selecting these permissions means that operator group members can: - View the operator group list - Modify the operator group list - Add and delete operator groups in the system |
| Partitions | Selecting these permissions means that operator group members can: - View the partitions list - Modify the partition configuration options |
| PPD | Selecting these permissions means that operator group members can: - Download data to a PPD - Allow emergency opening of access points using a PPD - Initialize and update access points using a PPD - Download firmware files to a PPD |
| Desktop reader | Selecting this permission means that operator group members can: - Configure a Salto NCoder device (a specific encoder model) to read data from keycards, and pass that data on to an external device. |
| Salto Network | Selecting these permissions means that operator group members can: - View peripherals within the Salto Network - Modify peripherals within the Salto Network - Add and delete peripherals within the Salto Network |
| Calendars | Selecting these permissions means that operator group members can: - View the system's calendars - Modify the system's calendars |
| Time zones | Selecting this permission means that operator group members can: - View the time zones list - Modify the system's DST settings - Add and delete time zones |
| Configuration | Selecting these permissions means that operator group members can perform the following types of configuration: - General - Attendance configuration - PMS Authorizations - Third party readers |
| System resources | Selecting these permissions means that operator group members can view the System resources screen, which shows: - Free codes - Denylisted codes - Occupied codes |
Associating operator groups
After you've created an operator group, you should associate operators with that group. You can only do this from the Operators section. This option is not available from the Operator groups section. See Adding operators for more information.
To associate an operator with a group, go to the Operator information screen and select the correct operator group from the Operator group drop-down list.
You can, however, view the operators associated with a specific operator group from the Operator groups screen. To view those operators, do the following:
Select System > Operator groups. The Operator groups screen is displayed.
Click on the operator group with the operator list you want to view. The Operator group information screen is displayed.
'Security operator group' information screen
- Click Operators in the sidebar. The Operators dialog box, showing a list of the associated operators, is displayed.
'Associated operators' dialog box
Back
