Permissions
<Permissions>¶
Permissions provides the possibility to make values and actions accessible or inaccessible to different user groups.
By implication, it can be defined which organization types (labels on the organization in the DataPortal) can see which signals or actions.
Signals, DTCs and Actions without allocation can be viewed by all users.
Permissions must be defined in the following order: <SignalPermissions>, <J1939Permissions>, <GeoPermissions>, <ActionPermissions>.
Note
If the <j1939Permissions> is not defined, all DTCs will be visible for all users.
Consider that the PDC is assigned to machines or models and, therefore, permissions are applied on a machine or model level.
<Permissions>
<SignalPermissions>
<valueDefinition ref="value.common.engine.fuel.level">
<visibleToOrganizationTypes>
<type>OEM</type>
<type>Dealer</type>
<type>Machine_Owner</type>
</visibleToOrganizationTypes>
</valueDefinition>
<valueDefinition ref="value.common.engine.speed">
<visibleToOrganizationTypes>
<type>OEM</type>
<type>Distributor</type>
<type>Machine_Owner</type>
</visibleToOrganizationTypes>
</valueDefinition>
</SignalPermissions>
<J1939Permissions>
<source address="20">
<spn id="12">
<visibleToOrganizationTypes>
<type>Dealer</type>
</visibleToOrganizationTypes>
</spn>
<spnRange minimalId="14" maximalId="18">
<visibleToOrganizationTypes>
<type>Distributor</type>
</visibleToOrganizationTypes>
</spnRange>
</source>
<sourceRange minimalAddress="20" maximalAddress="23">
<visibleToOrganizationTypes>
<type>OEM</type>
</visibleToOrganizationTypes>
<spn id="12">
<visibleToOrganizationTypes>
<type>Machine_Owner</type>
</visibleToOrganizationTypes>
</spn>
</sourceRange>
</J1939Permissions>
<GeoPermissions>
<visibleToOrganizationTypes>
<type>Dealer</type>
<type>Machine_Owner</type>
</visibleToOrganizationTypes>
</GeoPermissions>
<ActionPermissions>
<action ref="ServiceCounter">
<visibleToOrganizationTypes>
<type>Dealer</type>
<type>Machine_Owner</type>
<type>OEM</type>
</visibleToOrganizationTypes>
<permissionSets>
<permissionSet subject="Machine" minimalLevel="View"/>
</permissionSets>
</action>
</ActionPermissions>
</Permissions>
| Description | Declaration |
|---|---|
<SignalPermissions> |
Definition of the signals for which authorizations are to be created. Consider also Proemion-only Signals. |
<valueDefinition> |
Reference to the signal key in the ValueDefinition. |
<visibleToOrganizationTypes> |
Definition of the authorizations for the signal previously addressed in the |
<type> |
Specifies the organization unit that is to receive the authorization. |
| The following organization units are currently supported. | |
| OEM | |
| Dealer | |
| Distributor | |
| Machine_Owner | |
<GeoPermissions> |
Definition of the authorizations for the GPS signals. |
<ActionPermissions> |
Opens the area in which the permissions for actions are defined. |
<action> |
Reference to the action for which authorizations are to be created. |
<permissionSets> |
Opens the area in which the authorization group is defined. |
<permissionSet> |
Determines for which group the authorization is created and what the minimum level of the authorization is. |
| Currently the following subjects: | |
Assignment |
|
AEMP |
|
Contract |
|
Dashboard |
|
Location |
|
Machine |
|
Model |
|
Organization |
|
Report |
|
Task |
|
Tenant |
|
Theme |
|
| and levels are supported: | |
View |
|
Maintain |
|
Administer |
|
Latest |
|
History |
|
| Consider that not all possible subject-level combinations are valid. Please refer to DataPortal User Manual → Permissions for reference. | |
<J1939Permissions> |
Opens the area where the permissions for DTCs can be created. |
<source> |
Opens the area in which permissions are created for a DTC based on its address. The value of the address is given in decimal. |
<spn> |
Opens the area in which permissions can be defined for SPNs The respective SPN is addressed via the key "id". |
<sourceRange> |
Opens the area in which permissions for DTCs are created based on an address range. This is done using the syntax <sourceRange minimalAddress="xx" maximalAddress="yy">. Overlaps in ranges are not permitted. |
<spnRange> |
Opens the area where permissions can be defined for a range of SPNs. The respective range is defined using the syntax <spnRange minimalId="xx" maximalId="yy">. Overlaps in ranges are not permitted. |
Proemion-only Signals¶
If you need to remove permissions for all organizations, you can remove the complete list of organization types for each signal key reference in the ValueDefinition.
As Proemion always has access/permissions to any signal; adding an empty <visibleToOrganizationTypes>, implies a signal visible to Proemion only:
<Permissions>
<SignalPermissions>
<valueDefinition ref="value.acc.x">
<visibleToOrganizationTypes>
</visibleToOrganizationTypes>
</valueDefinition>
</SignalPermissions>
</Permissions>
Listing only Proemion behaves the same as an empty <visibleToOrganizationTypes>:
<visibleToOrganizationTypes>
<type>Proemion</type>
</visibleToOrganizationTypes>