Re: [foxboro] Philosophy of operator action Protection ID's

  • From: Sascha Wildner <swildner@xxxxxxxxxx>
  • To: foxboro@xxxxxxxxxxxxx
  • Date: Wed, 22 Mar 2006 09:55:58 +0100

Hmm,

this discussion reminds me of the following scheme that I once came up 
with for the access control problem (this is for display manager):

1) Set a DM variable (let's call it "a") in each environment script to 
specify the "access code" for that environment.

2) Modify each link that opens an overlay to set three other DM 
variables (say, "e1", "e2" and "e3") to those access codes which are 
allowed to operate on this overlay.

3) Modify each overlay's critical buttons to have a protection class of 
x (any value >0).

4) Modify each overlay to have an embedded script which (upon opening 
the overlay) compares e1, e2 and e3 to a. If one matches, do "unprotect 
x" (see 3). If none matches, do "protect x".

This way it was possible to have generic overlays that everyone could 
open but only some (those having a matching "a" in their environment) 
could operate. Access to critical buttons could be handled on a 
per-point basis this way without any additional protection class foo. 
Critical buttons would just be magically protected/unprotected upon 
opening the overlays depending on your rights.

The downside was that you had to put the code for setting e1, e2 and e3 
into every "open overlay" link. Also, the maximum number of different 
environments being able to control a point was 3 this way.

Thought I'd mention it. It's from the top of my head, so I might have 
missed something. I'm not sure how useful this still is and I'm not even 
sure if this was clever or foolish but it worked pretty well at the time 
(roughly 10 years ago). :)

Cheers,

-- 
Sascha Wildner
erpicon Software Development GmbH
Neusser Str. 724-726
50737 Köln
Germany

Phone: +49 221 9746069
Fax:   +49 221 9746099
eMail: swildner@xxxxxxxxxx

 
 
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
 
foxboro mailing list:             //www.freelists.org/list/foxboro
to subscribe:         mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe:      mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave

Other related posts:

  1. Home
  2. foxboro
  3. Archive
  4. 03-2006