Project Security in the Designer
When several users are all working on the same project, managing changes to the project can become cumbersome. By default, all users with Designer access can modify, delete, save, and publish all resources available in the Designer. In some situations, it is desirable to limit what each user can do in the Designer. Ignition has several built-in Designer restriction methods to help in these scenarios.
Designer Project Permissions​
Actions such as, viewing, saving, deleting, and editing of project resources are restricted to users who have sufficient roles to do so. Editing of the these required roles is done in the permissions section of the Project Properties dialog in the Designer. If required roles are not set for an action, then all users with Designer access can perform the action.
The Designer does not poll for role changes, so if a user who is currently logged into the Designer has their roles changed, they will need to re-launch the Designer for the new role(s) to take effect.
Controlling Project Edits by Role​
You can control who gets to login to a project by assigning roles and giving permissions to those roles in the Required Designer Roles property which you set up in the Designer.
In the Designer, from the menubar, choose Project > Properties.
Go to the Project > Permissions area.
Under the Required Designer Roles, enter the appropriate roles next to each project-level restriction, as required. You can enter a comma-separated list of role names that are required to access the project. As you start typing, matching role names will pop up.
Click OK to save the changes.
The following table describes each of these four options:Option Result View User must have at least one of these roles to view the project in the Designer. Save User must have at least one of these roles to save the project. Delete User must have at least one of these roles to delete the project. Protect Resources User must have at least one of these roles to access protected resources.
Protecting Project Resources​
You can lock individual project resources from inside Designer by opening the Project Browser, and right clicking on any of the objects that you want to lock in. Select the Protect option to protect it. Once it's protected, it cannot be changed except by someone that has the permission to unprotect it, and modify it.
Protected resources are global or project resources that can only be edited by select users with the required roles. These roles are required to protect resources from being edited in the Designer, and do not apply to the clients. This means you can prevent a resource from being edited by other users who have Designer access. It is often used in scenarios where development work is finished on a window or object, and no further changes should be made to it. Other objects like Vision Templates or Alarm Pipelines are often protected so they may be used, but not modified.
Users without a required role will see the following message in the Designer when attempting to open a protected resource:
Users with a required role are allowed to modify the resource, but a message will appear informing them that the resource is protected, and will be asked how to proceed:
Additionally, a lock (
) icon will appear on the resource informing users that it is protected. An example can be seen on the 'Audit Events' window below:
To remove the protection, simply right click the object and select the Protect option to unprotect it.