Protecting Resources
Protected Resources
Protected resources are resources that can only be edited by select users with required roles. These roles are required to protect or modify protected resources. This means you can prevent a resource from being edited by other users who have Designer access.
Users without a required role will see the following message when attempting to open a protected resource:
Users with a required role are allowed to modify the resource, but a message will appear informing them that the resource is protected, and ask how to proceed:
Additionally, a icon will appear on the resouce informing users that it is protected. An example can be seen on the 'Audit Events' window below:
Protecting Client Resources
You can lock individual project-level resources in the Ignition Designer using Project > Properties and the Project Properties window and adding a role to the Protect Resources project setting.
Protecting Global Resources
You can lock individual global resources in Ignition using the protection option. Global Resources can be locked in 2 different locations: in the Designer and on the Gateway webpage using the Global Resource Protection setting.
To lock Global Resources in the Designer, go to the Global section of your Project Browser.
Right click on one of the objects under the Global section and select Protect. This example uses the Basic Email Pipeline object, but any object can be protected. To remove the protection, simply right click the object and select the Protect option again to unprotect it. Once an object is protected, you will see that you can still modify it.
To block certain users, a role requirement must be added on the Gateway Webpage under the Configure section. On the left side under Configuration, click Gateway Settings and locate the Global Resource Protection option.
You can add or modify the roles you want in the Global Resource Protection field to protect the global resources. In this example, you can enter multiple role names separating them with commas. Once you enter the required roles, anyone without one of these roles will not be able to modify protected objects.
Before assigning a role, typically an Administrator or the person adding Global Resource Protection needs to identify what role is required and who has that role so the proper protection is placed on global resource objects.