FactoryTalk ViewPoint Administration Help > Secure a FactoryTalk ViewPoint web application > Change application, area, or display permissions

Change application, area, or display permissions

Application, area, and display permissions limit which actions users in a user group can perform. Each application, area, or display can have different permissions for each FactoryTalk Directory user group.

Permissions are automatically inherited unless overridden. Areas inherit permissions from applications. Displays inherit permissions from both areas and applications. Override inherited permissions by setting permissions for the area or display.

If application permissions are not set and all area and display permissions are inherited, users will be able to view published content but will not be able to write to tags.

Prerequisite

  • Enable web application security.

To change application, area, or display permissions

  1. Open FactoryTalk ViewPoint Administration.

    From the navigation bar, click Security Settings.

  2. (Optional) If it is not selected, click the Secured Displays tab.
  3. Select an application, area, or display from the left panel. The right panel displays permissions for each FactoryTalk Directory user group.
  4. Determine which permission to change:
    • Write - determines if the user group can view or modify the application, area, or screen. Overrides View.
    • View - determines if the user group can view the application, area, or screen
  5. Click the corresponding check box until the desired permission level is shown:
    • Green checkmark - user group can write or view the application, area, or display
    • Red X - user group cannot write or view the application, area, or display
    • Blank - permission is inherited
  6. Click Save.

    Security settings are saved along with other published content. When you publish a new application, only new displays require security settings.

Tips:
  • In runtime, if you navigate to a display that you are not authorized to use, a message displays indicating this condition. To access the display, grant runtime display rights by following the steps above.
  • If an effective permission for a given display is resolved to View-Deny for a currently logged user, then this user will not be able to navigate to that display. An error page will be shown to indicate this condition.
  • If an effective permission for a given display is resolved to View-Allow, but Write-Deny for a currently logged user, then this user will be able to navigate to that display, but all write-tag related actions will be disabled (for example, user will not be able to click a momentary push button).

See also

Enable web application security

Disable web application security

Keywords: permission, inherit, override, write, application, area, display

Copyright © 2019 Rockwell Automation Technologies, Inc. All Rights Reserved.