We want to enable an SNMP Write into our drivers, but we only want a specific set of users to be able to Execute these write parameters.
An Example is we want Write access to be available to users who already have write permissions on a Param like to be able to Swap input sources or reset a device. We want to have a separate set of write params (Time Zone, NTP Server Set) that are only available to an Admin user.
Is the Execute feature able to be excluded for individual parameters, or is it one in all?
To expand on this question, I also tried not to display a write parameter and to access it via the "multiple set" feature in the dropdown available when selecting an element. If a parameter isn't available for "display", it isn't available in the multiple set menu.
Hi Nathan,
You can add the level attribute on certain parameters in your protocol. Then users for which the security group access level is the same or higher can have access to these parameters.
Example
When you create a security group, the default access level is 5 (which can be adapted of course). In your case you can grant certain people access level 4 for some specific SNMP settings. Then you can give the admins access level 3 for more SNMP settings.
I have Implemented the "Level" attribute into a driver to test out.
To test it out I have implemented it in the following way with 16 being the read param and 116 as the write param.
<Param id="16" Level="5" trending="false">
<Name>timezone</Name>
<Param id="116" Level="5" snmpSetAndGet="true">
<Name>timezone</Name>
I have then added the security level to a few different users and groups to test out the new feature. Admins have a Level 1, Advanced users have Level 5, standard users with Level 6 and basic users with Level 8.
So with the Level 5 attribute, I should only be able to read and write with level 1 and 5 users and not for the rest. Unfortunately, I am able to still access and write a value to the parameters as a level 8 user.
Other than including the "Level="" in the param line, as well as the Group or user level, is there anywhere else this needs to be changed for the feature to work?
Thank you Jens!
This is fantastic! A bit of work now to add this to all of the drivers but this should address the issue.