Every Windows account that opens the PKS Hardware View is automatically registered in IOSparesDb._pks_io_users with a role that controls what actions they may perform. Roles are assigned by a SuperAdmin via the User Administration dialog.
Role Definitions
Role
Who it is for
Permissions
Viewer
Read-only observers - management, QA, auditors.
View all reservation data. Cannot create, modify, or clear any reservation.
Engineer
Project engineers who earmark spare channels for upcoming work.
Reserve available channels. Modify or release reservations they personally created. Cannot touch another engineer's reservation.
Technician
Field technicians who need to claim channels during maintenance windows.
Identical reservation rights to Engineer. Cannot override another user's reservation.
SuperAdmin
Site administrators, lead engineers.
Unrestricted access. Can reserve, release, modify, or clear any channel regardless of who created the original reservation. Can promote or demote other users via User Administration.
Permission Matrix
Action
Viewer
Engineer
Technician
SuperAdmin
View reservation data
✓
✓
✓
✓
Reserve an available channel
✗
✓
✓
✓
Modify own reservation
✗
✓
✓
✓
Release own reservation
✗
✓
✓
✓
Override another user's reservation
✗
✗
✗
✓
Clear a stale reservation
✗
✗
✗
✓
Export to Excel
✓
✓
✓
✓
Run Reconcile
✓
✓
✓
✓
Manage user accounts and roles
✗
✗
✗
✓
Automatic Registration Rules
When a Windows user opens the PKS Hardware View for the first time, the application automatically creates their account record according to these rules:
1. Empty database - the very first user to open the view is granted SuperAdmin automatically, ensuring there is always at least one administrator who can manage the system.
2. Known user - if the Windows account already has a record, the stored role is used as-is.
3. Unknown new user - all subsequent new accounts are auto-registered as Viewer and must be promoted by a SuperAdmin before they can create reservations.
Note - Inactive accounts An account marked Inactive is treated as if it has no permissions regardless of its role. All permission checks return false for an inactive account. The Manage I/O Users ribbon button remains grayed out for inactive SuperAdmins.
Warning - Last SuperAdmin protection The application will block any save in User Administration that would leave zero active SuperAdmin accounts. If you need to deactivate or demote the last SuperAdmin, first promote another user to SuperAdmin, then make the change.
Where Roles Are Enforced
Role enforcement is centralized in the I/O Spare Management dialog. The Save and Clear buttons are disabled with an explanatory tooltip whenever the current user's role does not permit the action. No silent denials occur - the user always sees a human-readable reason.
