I’ve noticed some objects don’t seem to be completely affected by Component Security.
For example, rather than clutter a window with control buttons, I put a rectangle over an item of equipment on the screen. (The rectangle is not filled, and the border is set to the same colour as the screen background - its border is highlighted when the user moved the mouse over it, and is cleared when they move the mouse away.)
When the user clicks on the rectangle, a small window is opened containing controls for the equipment. However, even if Component Security is used to deny clearance to a role, if the ‘Disable component’ option is selected rather than ‘Hide and disable component’, someone logged in with that role can still click on the rectangle and run the script (and therefore control the equipment), despite the Mouseover Text being greyed out.
I have managed to restrict this function using the Action Qualifier, but this has to be done separately for each object. Is this expected behaviour?