Community Tip - New to the community? Learn how to post a question and get help from PTC and industry experts! X
We want to query for all the Things that a user (current user) has permission to and based on the ThingTemplate of the Thing or based on a property on the Thing. Could you please let us know how can we achieve this with Restful API.
*Edit*
We can consider filtering by design time read or run time read.
Thanks
Hi Pavan,
By default; ThingWorx system shows only the entities for which user has visibility permission.
Sample RestAPI example:
https://<Thingworx_URL_Here>/Thingworx/ThingTemplates/<ThingTemplate_Name_Here>/ImplementingThings/
For e.g. if user has visibility to only two Things out of five implementing Thing of the Thing Template; he/she will receive the two he/she has access to as response. Here I am considering that user has access to the ThingTemplate whose Implementing Thing we want to view.
I hope it helps.
Thanks,
Ankit Gupta
Hi Ankit Thanks for providing the Rest API.
2 issues:
1. Even though the user does not have any access to the ThingTemplate, the user can execute this service from a Postman using the Basic Authentication in header.
Does this API go by the visibility (Orgs and Org Units) or by Runtime permissions for filtering out the results?
2. It is returning all the implementing things even though I did not set the visibility to any org.
Does it return results based only visibility of the Thing or Design Time or Run time permissions?
Thanks
Pavan
Hi Pavan,
It seems that you have users group added in the Everyone organization. Could you please remove users from Everyone organization and recheck.
Also, please share the ThingWorx version you are on.
Thanks,
Ankit Gupta
Hi Ankit,
After removing the "users" group from "Everyone" organization now the user is not seeing any Things, which is what is wanted. Now I started to build the custom org tree to assign the visibility to Things. However the Org to Thing visibility is not working as intended.
Here is the scenario
User UA1 is assigned to "Department A" org unit. When this user logs in or when invoking the API that you have provided, it is correctly displaying 5 Things.
I added a new user UA2 and is not assigned to "Department A". However this user also is seeing those 5 Things. This is not expected.
How do I resolve this?
Thanks
Pavan