FORUM CTRLX AUTOMATION
ctrlX World Partner Apps for ctrlX AUTOMATION
03-16-2021 05:09 PM
I've got a user boschrexroth. This user does not belong to a user group. The rights are restricted to the datalayer. But indeed, the user has a lot of more rights. To example he has access inside the landing page to the EtherCAT app (delete the configuration or change the EtherCAT state) or he can stop/start/reset the PLC!
Here is my user configuration:
Will this topic be improved in further releases?
Solved! Go to Solution.
03-17-2021 08:43 AM
I will check that.
02-28-2022 09:43 AM
Could you please test the scope function with the actual release RM21.11P2 or end of next moth with RM22.03?
The scope functionality is of course improved step by step.
04-13-2022 04:19 PM
Hi CodeShepherd
With RM22.03 I still have the same result, see my initial post here.
04-27-2022 08:39 AM - edited 04-27-2022 08:49 AM
Thanks for your reply. I will check this internaly.
03-14-2023 10:46 AM
The datalayer permissions allow full access to the datalayer, without reglementations. These includes all nodes from ethercat, plc or scheduler. Since the functionality of these apps is realized using datalayer. It means you can change all settings, including deletion of master instances.
If you want to create a user accounts with restricted access to the datalayer, you can define restricted permission scopes, see: https://docs.automation.boschrexroth.com/doc/2276122339/einfuehrung-und-uebersicht/latest/de/?search...
This allows you to limit the access to certain nodes in the datalayer.
Be aware that certain functions, e.g. configuring axes, not only requires permissions under motion/** but also on fieldbusses/** and others.