New Tag Permissions Model based on Security Levels

+1

I have same needs.
I have converted all my generated udt with the new tag permission format for Ignition 8.0.13+
For checking if write operation is authorized for a tag with scripting, you will had to read the tag properties writePermissions and readOnly and use something ugly like that to obtain roles and compare it to the logged user roles...

def getRoleFromTagPermission(permission):
	"""	
	Example :	
	  "writePermissions": {
		"type": "AnyOf",
		"securityLevels": [
		  {
			"name": "Authenticated",
			"children": [
			  {
				"name": "Roles",
				"children": [
				  {
					"name": "BIL_param",
					"children": []
				  },
				  {
					"name": "GTC_visu",
					"children": []
				  }				  
				]
			  }
			]
		  }		  
		"readPermissions": {
		  	"type": "AnyOf",
		  	"securityLevels": []
		}		  
	"""
	global strLib
	strFct="getRoleFromTagPermission"	
	try:
		result = []
		if ((permission != None) and (permission != "")):
			#<type 'com.inductiveautomation.ignition.common.auth.permissions.PermissionsConfig$AnyOfPermissionsConfig'>	
			#if type(permission)==AnyOfPermissionsConfig:
			json = permission.toJsonTree()
			if json != None:
				if "securityLevels" in json:
					securityLevels = json["securityLevels"]
					if securityLevels != None:
						if len(securityLevels)>0:
							roles = securityLevels[0]["children"][0]["children"]
							for role in roles:
								result.append(role["name"])
	except:
		shared.commun.logger.logERROR(strFct=strFct,strLib=strLib,strLog="GTC_Tag")
	return result

@jspecht
If there is a way to obtain the securitylevels of the user, there is an isAuthorized function to check the permission.