In Ignition Perspective, I have a query that includes the following line:
sql
AND Asset.companyLevel IN ({nivelFilter})
The variable nivelFilter represents an area code, which can have values of 1, 2, 3, 4, 5, or 6.
now I will get the user zone from the gateway like
userRoles = self.session.auth.user.roles
userRoles = self.session.auth.user.roles
if "Zone_1" in userRoles:
nivelFilter = 1
elif "Zone_2" in userRoles:
nivelFilter = 2
# Other zones
return nivelFilter
and aply it to the filter...
Is this a good way to aply security Levels on a query?
I would say this is in general fine.
If you need to use this in multiple places put it into a project script and pass in the user roles to make it more scalable.
Another option could be to just use an expression with a map transform to get what the nivelFilter is and then always pass in the transformed value into your query. Technically I think the expression is more efficient.
Thanks for your explanation Benjamin.
Can the user have multiple roles?
If so you will want to build the list and use that in your IN clause.
Otherwise the code is fine, but I would change the query to
AND Asset.companylevel = {nivelFilter}