Community Tip - Visit the PTCooler (the community lounge) to get to know your fellow community members and check out some of Dale's Friday Humor posts! X
It's simple to find out what permissions a user has on a particular entity, but is it possible to go the other way? Instead of mapping an entity to users' and groups' permissions regarding that object, can I (the administrator) retrieve a list of all permissions (including lack of permission) for a particular user?
One purpose of this might be in an audit, to ensure that permissions have been configured correctly and that nothing has been overlooked. (Perhaps I forgot to remove some permission on an entity that's outside the scope of what I'm testing. Silly, certainly, but not out of the realms of possibility!)
Solved! Go to Solution.
Hi Richard,
In CollectionFunctions Resource, you can find the service ExportUserPermissions which exports all permissions to an xml file in a Thingworx repository.
Search for the name of the user in the xml file and you will see his permissions.
Among the input parameters of the service are: includeCollectionPermissions, includeDependents, includeEntityPermissions.
Hi Richard,
In CollectionFunctions Resource, you can find the service ExportUserPermissions which exports all permissions to an xml file in a Thingworx repository.
Search for the name of the user in the xml file and you will see his permissions.
Among the input parameters of the service are: includeCollectionPermissions, includeDependents, includeEntityPermissions.
Thanks Cristina, that's really useful. I was hoping it would contain all the user's permissions, but perhaps I unintentionally constrained my question too much! I did keep saying entities, I know, but I suppose I was assuming that all permissions would be related to one entity or other. It appears that the permission to export entities is stored elsewhere: I don't suppose you know where that is, do you?
The permission to export entities is stored in the permissions.xml file as well. Look for "ExportImportSubsystem" in the xml.
In the Composer, you can restrict a user's permission to export entities in ExportImportSubsystem subsystem.