Nightly Changelog: 8.0.0- beta.20190109
Ignition Platform
FB11672 Renaming of data type doesn’t propagate change to dependent nodes
Renaming a data type now works as a refactor, updating all dependent nodes with the new name.
Also, in working on this ticket, we fixed a bug where you couldn’t effectively modify the parent type of an instance if the current type didn’t exist.
FB12141 Deleting many tags is slow and FB11579 warning about deleting type definition
Perspective
FB12084: Popups in Edge open to correct size
FB11608: Perspective timezone project setting
FB12031: Default tag provider for the project is used for tag history query bindings when no provider is specified on the tag path
FB12116: Added useful log messages for diagnosing authorization decisions in perspective
For diagnostics on denied project or view access, set logger perspective.ClientSession
to debug
For diagnostics on denied gateway-scoped actions, set logger com.inductiveautomation.perspective.ComponentModel
to debug
Here are examples of the logs:
Denied Project:
D [p.ClientSession ] [23:43:25]: Access to project is denied. Diagnostic information: {"permissions":{"type":"AllOf","securityLevels":[{"name":"Authenticated","children":[{"name":"Roles","children":[{"name":"Administrator","children":[]}]}]}]},"webAuthStatus":{"authenticated":false,"securityLevels":[{"name":"SecurityZones","children":[]}]}} session-project=test
Denied View:
D [p.ClientSession ] [23:39:09]: Access to view New View 4@T[0] is denied. Diagnostic information: {"permissions":{"type":"AllOf","securityLevels":[{"name":"Authenticated","children":[{"name":"Roles","children":[{"name":"Administrator","children":[]}]}]}]},"webAuthStatus":{"authenticated":false,"securityLevels":[{"name":"SecurityZones","children":[]}]}} project=test, session-project=test
Denied Gateway-scoped Action:
D [c.i.p.ComponentModel ] [23:42:04]: Error running actions. project=test, component=root/Button, view=New View@C
com.inductiveautomation.perspective.gateway.action.ActionDeniedException: Unable to fire action: access is denied. Diagnostic Information: {"permissions":{"type":"AllOf","securityLevels":[{"name":"Authenticated","children":[{"name":"Roles","children":[{"name":"Administrator","children":[]}]}]}]},"webAuthStatus":{"authenticated":false,"securityLevels":[{"name":"SecurityZones","children":[]}]}}
at com.inductiveautomation.perspective.gateway.action.SecuredAction.runAction(SecuredAction.java:52)
at com.inductiveautomation.perspective.gateway.model.ActionCollection$ActionSequence$ExecuteActionsTask.lambda$call$0(ActionCollection.java:257)
at com.inductiveautomation.perspective.gateway.api.LoggingContext.mdc(LoggingContext.java:54)
at com.inductiveautomation.perspective.gateway.model.ActionCollection$ActionSequence$ExecuteActionsTask.call(ActionCollection.java:246)
at com.inductiveautomation.perspective.gateway.model.ActionCollection$ActionSequence$ExecuteActionsTask.call(ActionCollection.java:215)
at com.inductiveautomation.perspective.gateway.threading.BlockingTaskQueue$TaskWrapper.run(BlockingTaskQueue.java:154)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
at java.base/java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:264)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
The diagnostic information is JSON-encoded and contains the permissions
required to access the resource and the webAuthStatus
which includes any user information (if they are logged in) and the security levels they are granted.
{
"permissions": {
"type": "AllOf",
"securityLevels": [
{
"name": "Authenticated",
"children": [
{
"name": "Roles",
"children": [
{
"name": "Administrator",
"children": []
}
]
}
]
}
]
},
"webAuthStatus": {
"authenticated": true,
"user": {
"id": "539ebc26-4790-4447-bad9-a500279a8514",
"userName": "admin"
},
"securityLevels": [
{
"name": "Bar",
"children": []
},
{
"name": "Authenticated",
"children": [
{
"name": "Foo",
"children": []
},
{
"name": "Roles",
"children": []
}
]
},
{
"name": "SecurityZones",
"children": []
}
]
}
}