Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.
Set Permissions not enforced in graphical view
-
Often I add new setable points to a graphical view, usually rendered as simple points, expecting that only admin will be able to change that point, because the point set permission is either blank or set to admin. However, it seems that users without set permission are able to set the point value.
I expect users to only be allowed to change the value of points in the graphical view if they have set permission to that specific point. The "Set" permission field of the graphical view should not grant set permission to users who do not have set permission at the point level. It seems that graphical view set permission is granted for all setable points rendered in the view, even if the point-level permission was not granted to that user.
It is not feasible to replicate the view just for the Admin, because it will create a fork where multiple almost identical graphical views must be maintained. How can this be resolved?
-
Hi Pedro,
This was by design to keep compatibility with the old permissions system on the graphical views, I believe. The difference in code is simply adding
Permissions.ensureDataPointSetPermission(user, point);at GraphicalViewDwr::372
