Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.
Syntax for Read Permission = true in query
-
Hi, I've recently learned how to create dynamic watch lists and dashboards using parameters in a point query. In my application there are hundreds of sites reflected in a folder hierarchy where site and device name are the same. I have been successful in creating a device list which populates my watchlists, trend graphs and dashboards. However, I am trying to filter the device list so that only those the user has read permissions will show up since at the moment everyone can see everyone else's device names. I am pretty sure the way to do this is to add a 2nd query which selects devices who's read permissions are true. Since I am not that familiar yet with the coding syntax needed, I would appreciate some help with the correct Value to use in the Query Expression which goes like this:
Property Operation Value
Read Permission Equal true (where true is replaced with correct expression)
-
@Benoit
Read permissions are taken into account automatically. What you'd have to do is remove the user read permission and add custom permissions for every point then give those permissions to the respective user.
Alternatively, use a tag with something relating to a user and pass in your rql query
&eq(tags.mypermtag, permission)Fox
-
@Benoit Totally agree with Matt. You should use tags more for easy filtering. It may takes some time but you can optimise your code
-
Thanks guys for your initial feedback. Whether it makes any difference or not, what would be correct syntax be for making the statement I was trying to make? What's the best source of relevant information for learning the correct syntax or scripting to use within Mango 3.7?
I know that Mango has been working away from using Folders and that tags are the answer but have not had a chance to learn how to use them yet. To do what I want would I require one or two querys to generate a list of devices that the user had read permissions?
-
@Benoit You can post your devices structure here, we can give you some advise or suggestion.
About learning about script, you can see examples in people's posts -
@Benoit said in Syntax for Read Permission = true in query:
tags are the answer but have not had a chance to learn how to use them yet
Ah ha, this is where there's this fancy tool called a watchlist builder under administration. If you go to that and select query as your watchlist type, you can create the RQL needed to pull through the points as desired. You can also add your own parameters which can be used in a watchlist - or as a means to populate with the use of page params IIRC...
Feel free to give us an example set of parameters needed to pull the points for a given user and will be more than happy to point how to build a query and explain which part of it does whatFox
-
Our sites date back 14 years so they are understandably folder-centric. This particular Mango enterprise server hosts a few hundred datasources, each representing a customer site. For this residential application there is only one Modbus PLC per site so we're dealing with approximately 75 datapoints for each site using a naming convention where both the datasource and the device are the same. At this time we are still using good old fashioned "server-mode" polling so each site has a Modbus-TCP gateway, port forwarding and DDNS as the means of allowing Mango to communicate with them. Here would be an example:
Folder_Name=CName
Datasource=CName,
Device=CName, Slave_ID=100
Point=Buffer_Tank_Temp, analog R/O
Point=Outdoor_Temp, analog R/O
Power, Binary R/W
Point=Operating_Mode, Multi-State R/W
Target_Temp, analog R/O
Input_power, analog R/O
Output_Power, analog R/O
COP, analog R/OHope that explains our repetitive data structure. Like I mentioned in my original post, I have my watchlists, trend graphs and dashboards are working well using the dynamic point query except for the fact that all the device names are visible to each user - even though they can't actually see the datapoints for the other clients. I was really hoping I could use a 2nd query expression to reduce the list using the read permissions. I was using the watch list builder to do it but simply don't know the syntax to use. Below is a screen capture of my pseudo-code attempt to make the query:
-
I'm not sure if that image upload feature is working so here's what that screen would show:
RQL: eq(deviceName,{{dn.name}})&eq(readPermission,string:true)&sort(deviceName,name)&limit(200)
The part which doesn't work is the (readPermission,string:true) which was populated by the watch list builder using the value true.
-
@Benoit
Like i said, read permissions won't make any difference as from 3.7+ all users are granted with a user permission which generally means they can see each other's datapoints if the corresponding has the user permission attached to it.
As for your RQL, I remember showing other folks in the forum here the query like this:query="'eq(deviceName,'+dn.name+')&sort(deviceName,name)&limit(200)'" ></ma-point-query>I don't use the params a great deal as I am a bigger fan of using the JSON datastore for configs and settings - including page settings etc
EDIT: Just for the sake of good habits, use Xids in your lookups as they are far more unlikely to change than using names of datasources and datapoints, this means should a site get updated and customer has a name change, you're not scrambling to amend all of the names everywhere.
Fox
-
When it comes to permissions in versions <= 3.7, there is still some reliance on the old V2.X UI. I set the datapoint permissions using the old user interface but this only affects the datapoints and not the folder name which is where the problem lies I think. If I am to start using tags instead of folders then I assume you can tag devices separately from data points ? If a query were based on a device tag permission then I can see the list only being populated with the right values.
So is there a high-level UI function which allows me to set tags on the device level or is this where manipulating the JSON data come in? Some concrete examples of the most pragmatic way to do this considering I have hundreds of datasources would be appreciated.
-
@Benoit your best bet would be a csv import. You can then update your points en masse.
Alternatively if you know of the naming conventions you want to use for data points and are happy to do it slowly, but in an automated way, a scripting data source can update points and save the changes.
Considering you have thousands of points, it may be more worthwhile doing it via an automated process. I'd still do something in small batches of 20 every minute or so as to not affect your data collection. A point will turn off and on when you save it.
As far as I know you cannot tag devices,only data points. However there is nothing stopping you from tagging all applicable datapoints with a device tag. Just ensure the tags are unique!
Let me know your thoughtsFox
-
What exactly is involved to use an automated scripting datasource?
If you cannot tag devices themselves, what guarantee is there that the list of available watchlists will differ than what I am experiencing now? What I am trying to do is not that special; I want to allow multiple users to use tempalted watchlists, trend graphs and dashboards and only be able to see those they have permission to see - list included. How do most people achieve this?
-
@Benoit watchlists are either statically defined, or dynamically with the use of an rql lookup or with tags.
Since you're unfamiliar with scripting data sources it may be outside of your capabilities..
What I'd do is:- Use a json data store to store a list of data sources, including the total datapoints and datapoints tagged count.
- Load said json stire and iterate through each datasource whilst doing a lookup with an offset.
- Each time completing a batch of points, increment the number of points tagged and update the json store file as well to track
- once all points tagged are equal to the total points available, move on to the next datasource
Fox
