[IGN-3333]Set a user as read-only when starting Perspective client

I’m trying to set up a script to set a certain type of user as read-only when they start up their perspective client using Session Events>startup in version 8.1. I’m partially going off of the trainings on Inductive University:

if u'Administrator'in system.security.getRoles():
    #This part of the script will run if the user has the correct priviliges. For example:"
    print "this script will run if the user has a the administrator role."
else:
    system.gui.errorBox('Insufficient security privileges.')

The code I have so far:

if (u'Administrator' or u'Operator') in system.security.getRoles():
    system.util.setConnectionMode(3)
elif u'Visitor' in system.security.getRoles():
    system.util.setConnectionMode(2)
else
    system.util.setConnectionMode(1)

As the code states, I want administrators and operators to have full read-write access in the client, visitors will have read-only, and anyone else will disconnect.

For some reason though, this code isn’t working. I’m not sure why though.

system.util.setConnectionMode() only applies to vision clients

For perspective I believe you’d use system.perspective.isAuthorized - Ignition User Manual 8.1 - Ignition Documentation
to logout users who aren’t administrators / operators / visitors

In conjunction with component level security settings to only allow administrators / operators write access for buttons/ etc. Security in Perspective - Ignition User Manual 8.1 - Ignition Documentation

I don’t believe there’s a global setting for it like there is for vision, but I might be wrong.

2 Likes

I hope there is a way to do it globally in Perspective. It’s on an existing project and with the amount of controls there are, it would be significant. Thanks for your response.

Python/Jython doesn’t allow you to put multiple items in the first part of the in operator. It isn’t a syntax error, but it won’t find a boolean True anywhere in the list.

3 Likes

Perspective does not have an analogue for the ‘connection mode’ setting Vision has. The most global way to configure things is with either tag security, or restricting access to views that have the ability to write to tags.

1 Like

How exactly would that work?

View permissions:
https://docs.inductiveautomation.com/display/DOC81/Security+in+Perspective#SecurityinPerspective-PerspectiveViewsSecurity

Oh right, I guess I read too much into your comment :slight_smile:
I was aware of view permissions

1 Like