I have a script that currently allows users to make their own alarms on certain tags. I am adding a security feature that only allows 1 security level to do this. Is there a way to block user from editing tags in the same way you can block users from reading or writing tags based on secuirty level?
There is a setting on each tag provider which permits tag edits based on Security Levels. Though, need to ensure that the Designer does not have the permission to change this setting…
Is there a way to do this with a remote provider?
I have many edge gateways that have their own tag providers and a security level that only allows people certain PCs to write to the tags. Is there a way to make it so only people from these certain PCs can edit these remote tags?
The security policy for these PCs and users is read write edit.
There are a couple of ways to manage this. The Edge gateway still has the provider security settings available within its gateway config, except they are moved to "Config / System / Gateway Settings @ Edge Settings / Tag Editing Permissions".
You can limit 'remote tag edit access' via Service Security on the (central?) gateway. This can be more involved, but allows for additional granularity (e.g. Only permit Edit access if user is logged in to Edge gateway...)
Note that the Edge gateway may be configured to Trust Remote Security Levels:
From Service Security | Ignition User Manual
If checked, security levels passed from the remote Gateway will be used for determining access to tags on the local Gateway.