In Ignition Perspective, I have a query that includes the following line:
sql
AND Asset.companyLevel IN ({nivelFilter})
The variable nivelFilter represents an area code, which can have values of 1, 2, 3, 4, 5, or 6.
now I will get the user zone from the gateway like
userRoles = self.session.auth.user.roles
userRoles = self.session.auth.user.roles
if "Zone_1" in userRoles:
nivelFilter = 1
elif "Zone_2" in userRoles:
nivelFilter = 2
# Other zones
return nivelFilter
and aply it to the filter...
Is this a good way to aply security Levels on a query?
I would say this is in general fine.
If you need to use this in multiple places put it into a project script and pass in the user roles to make it more scalable.
Another option could be to just use an expression with a map transform to get what the nivelFilter is and then always pass in the transformed value into your query. Technically I think the expression is more efficient.
1 Like
Thanks for your explanation Benjamin.
1 Like
Can the user have multiple roles?
If so you will want to build the list and use that in your IN clause.
Otherwise the code is fine, but I would change the query to
AND Asset.companylevel = {nivelFilter}
2 Likes