Secure Query Execution
While clients may request data from a Named Query, the actual execution of the query always takes place on the Gateway. Clients simply specify which query should run, and pass parameters that the Gateway will use. Additionally, the Gateway has an opportunity to restrict access to the query based on Security Zone and/or User Role. This provides a single interface to restrict access to the queries, and better protect your data. Additionally, queries cannot be modified by a Client other than by passing variables into it. This creates a very secure method to control what queries are being run against your database.
Where are Named Queries Used?
Named Queries may be used in multiple locations in Ignition. They are used in all the same places that a normal SQL query would be used. Here are a few examples.
A Named Query binding type has been added to leverage named queries for any component property bindings. Parameters may be bound to Tags or other properties on the same window, allowing your users to modify the resulting dataset by manipulating other components similar to the original SQL Query binding type. You can also select and update a query to simulate a bi-directional binding to the database.
A Named Query Data Source has been added to Reports. Report Parameters may be used by the Named Query to generate dynamic reports.
The system.db.runNamedQuery() function may be used to called a Named Query from any Python Script. This provides a secure method to execute a query from any location in Ignition.