New Tag Permissions Model based on Security Levels

The 5/8/2020 Nightly Release of Ignition 8.0.13 introduces an overhaul to Tag Security. The primary goal of this overhaul was to get the Tag Permissions model to start using Security Levels, a powerful new hierarchical permissions model introduced in Ignition 8 and previously only used in Perspective. This overhaul is also an important step to make as we transition other parts of Ignition to use Identity Providers and Security Levels.

Some of the changes you will see:

  • The Security property set of a tag has 3 options:

    • Read Permissions: Defines the security levels required in order to read values from a tag
    • Read Only: Defines whether a tag is read-only or writable
    • Write Permissions (hidden if Read Only is enabled): Defines the security levels required in order to write values to a tag
  • A new configuration screen for Read and Write permissions which resembles the Perspective permissions configuration experience:

    • You no longer have to type out role names or security zones. The checkbox tree you are presented with will show you all of the security levels configured in the Gateway Config > Security > Security Levels page
    • You have the ability to set security by Role Only, Role + Security Zone or Security Zone Only.
    • You have the ability to require any or all the security levels you have selected
  • Any existing Tag Security will be migrated to the functional equivalent in the new model on upgrade. The same goes for tag imports from previous versions.

We hope that the changes benefit you and we welcome all feedback. If you do find an issue that you feel needs addressed, please let us know.

7 Likes