ERROR(500): Error executing function 'RunQuery': The current user does not have the required roles for this operation

Hi I get an error when I try to see the data from my db on runtime, but it works in the designer, this is the error.

	ERROR(500): Error executing function 'RunQuery': The current user does not have the required roles for this operation.
com.inductiveautomation.ignition.gateway.servlets.gateway.functions.GatewayFunctionException: The current user does not have the required roles for this operation.

at com.inductiveautomation.ignition.gateway.servlets.Gateway.doPost(Gateway.java:408)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)

at com.inductiveautomation.ignition.gateway.bootstrap.MapServlet.service(MapServlet.java:85)

at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:837)

at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:583)

at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)

at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)

at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)

at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1160)

at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)

at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)

at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1092)

at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)

at org.eclipse.jetty.server.handler.HandlerList.handle(HandlerList.java:52)

at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)

at org.eclipse.jetty.server.Server.handle(Server.java:518)

at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:308)

at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:244)

at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273)

at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)

at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)

at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:246)

at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:156)

at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654)

at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572)

at java.lang.Thread.run(Unknown Source)

3 Likes

Do you have security set on this table? Are you logged in as the same user in the runtime client?

1 Like

I dont have security on the table, I reinstalled ignition and I get the error again. The user is default “admin” “password”.

1 Like

As of Ignition 7.9.4 there’s a new set of client scoped permissions that prevent even authenticated clients, by default, from changing anything on the gateway.

https://docs.inductiveautomation.com/display/DOC79/Project+Properties#ProjectProperties-ClientPermissions

8 Likes

And the tl;dr here is that security is turned on by default for new projects.

3 Likes

Thanks, I turned on all the permissions and it works.

1 Like

Just to be more clear: In Designer Version 8, choose Project | Project Properties. Once open choose Permissions under Vision then check the box that says Legacy Databases.

9 Likes

Just to clarify things a bit further for everyone…

https://inductiveuniversity.com/video/client-permissions/7.9

This video explains client permissions which are disabled by default after version 7.9.4. Checking the box ‘Legacy Database Access’ allows client database access outside of named queries and transaction groups. You should try to only use named queries and transaction groups where possible for security reasons.

The biggest confusion is the videos aren’t made for version 8.0 in my opinion.

Legacy DB Access got it working immediately. TYVM!

Just thank you, I spend like 3 hours trying to solve this issue. :smiley:

Turning on Legacy DB access is not a solution. It is a patch that re-enables insecure behavior of your system. The actual solution is to use Named Queries.

1 Like

Well, thank you. I tried using Named Queries but the data of the database was not showed.

For example in the SQL part I wrote this
SELECT date_, volume_
FROM mydb
WHERE date
BETWEEN '{Root Container.initialdate.text}' AND '{Root Container.finaldate.text}'

And it worked with the solution from Joe Hammond.

So I created the same query at Named queries and in the table properties I called in the SQL Named Query but nothing happened, there is no errors but the table is not showing anything. (I'm new in ignition :slight_smile: ) Do you know why is this happening?

If you left it as {Root Container.initialdate.text} then it will never work. What is the name of the parameters in your named query? You need to use those, and then refer with a colon prrefix, I would imagine something like :initialDate. Show your full named query and how you bind to the named query.

2 Likes

Thank you! I did it like you said and It Works! I turned off the Legacy DB and everything worked nice.
I called the Named Query that I configured and just put the values.

Thank you again!

1 Like