- To add security to an event on a component, right-click on the component then choose Configure Events...
- The Events Configuration screen is displayed. Many different types of events can be set for a component. For this example, choose Mouse Events > onClick.
- Under Organize Actions, click the Add
icon, then select Script from the list.
- Click the Security Settings icon near the bottom of the screen.
- Click the check box next to the security levels you want to grant access. In the example, we checked Administrator and Line1Oper for the security Roles. Then, we chose the requirement option that at least one of the security levels for the user must match for access. This means anyone with Administrator or Line1Oper security levels will have permission to run the script associated with the onClick event on this button.
- Click the Security Settings icon to close the window, then click OK.
Using Component Bindings to Check Authorization
Component bindings can also be used to determine if a user should have access to a certain component. For example, if a component has an "Enabled" property that you want to toggle based off of security levels, then can simply apply one of these approaches.
Using isAuthorized in an Expression
The simplest method involves configuring an expression binding that uses the isAuthorized function.
In the image below, an isAuthorized function expression binding is configured on a Button's enabled property, which causes the property to change to "false" if a user doesn't have the specified security level. This has the additional benefit of preventing the onActionPerformed scripting event from triggering in cases where a user doesn't the security level.
Using Session Props to Check Roles
Alternatively, a script transform can be used to examine the
session.props.auth.user.roles property to determine if the current user has the desired role. In this case, we can configure a property binding to the roles session property, and use the following line in a script transform:
Deleted Security Level Indicators
Since security levels are set through the Gateway, it may not be immediately obvious that a security level has been deleted. This can be checked quickly in the Designer by accessing the Project Properties and navigating to Perspective > Permissions. In the example image below, the Plant1 role has been deleted. This is indicated by the security level, and any child levels, appearing grayed-out with a red warning underline. Hovering over the security level displays a tooltip informing the user the security level no longer exists on the Gateway. A warning indicator icon will also appear in the upper right-hand corner with the number of selected security levels that no longer exist. If you follow the security levels tree up to the parent levels, you'll notice affected levels now include a dotted underline.
All warning indications are removed when deleted security levels are unchecked and new settings are saved. Additionally, the deleted security level will no longer be visible.
These security level indications are visible on the Event Configuration, Edit Permissions, and Tag Editor windows when applicable.