I want to disable a button on a standard motor control popup, but only for a few of the motors in my project. I thought I would be able to change write permissions on those tags, and then (easily) write an expression to check if the current user has the required write permissions, and enable/disable the button.
Both the tag, and the user could have multiple roles and if the user has at least one of the required roles, write permission would be granted.
I'm thinking this will be too complex for an expression, but how to even do it using a script?
One approach would be to assign the user roles to client tags at login. Then the client tags can be used in an expression for the enable bool.
Getting the user roles is easy.
I can read the SecurityLevel of the writePermissions of the tag using tag(path/to/tag.writePermissions)
which gives:
"type":"AnyOf","securityLevels":[{"name":"Authenticated","children":[{"name":"Roles","children":[{"name":"Automation","children":},{"name":"Manager","children":},{"name":"Process","children":}]}]}]}
How do I get the tag permissions in a format that I can compare to the user roles.
I don't know how to drill down into that SecurityLevel structure to compare against the user roles.
I thought I had the answer with the isAuthorized expression function, only to learn that this is only available in Perspective, not in Vision.
You can always read the CanWrite prop of the tag. This is the evaluation of the write permissions for the currently logged in user. Incidentally, there's also a CanRead prop as well
1 Like