Application Override Security Resolution Examples

The following is a list of common security resolution contexts illustrating the various ways in which PNT and FAC security play a role to resolve the correct security permissions.

Application	Resolution Example
CygNet Explorer	The CVS and CAS have Events (RTACCESS and ACCESS, respectively) that can be used to restrict the list of point and alarm records displayed. As such, this functionality extends to Application Override. The VHS, AUD, ELS, and GRP services do not have an Event to restrict the list of records. As such, all items are listed regardless of an Application Override. However if you attempt to edit an item in the Editor dialog box you may be denied access based on the Application Override.
CygNet Studio	Standard CygNet-aware Studio controls — CVS, PNT and FAC security is checked. Any object associated with a point for which the user does not have at least Level 1 (read) authorization is not displayed. (The behavior is based on the setting of the object’s [UnknownTag] property.) In addition, all right-click functionality on the object is blocked. Text Tool, all Shape Tools, Ribbon Tool — The object is displayed as unreliable. Image Tool and Vector Image Tool — The object’s "unreliable" image or "default" image is displayed. Comment Tool — The comment tool is not displayed. UIS Command and DDS Command buttons — These are not affected by Application Override. Facility Navigation Bar — The Facility Navigation Bar will check FAC record security and filters out any entries to which the user does not have at least Level 1 (read) authorization. Group Navigation Bar — The Group Navigation Bar will check FAC record security for all group nodes with a node type of “~F - CVS Facility” and filter out any entries in which the user does not at least have “1-Read” access. Multi-point controls — CVS, PNT and FAC security is checked. Any object associated with a point for which the user does not have at least Level 1 (read) authorization is not displayed. (The behavior is based on the setting of the object’s [UnknownTag] property.) In addition, all right-click functionality on the object is blocked. Point configuration record dialog boxes invoked from various CygNet Studio screens: Alarm Settings — See ALARMSET and CFGBITxx events. Alarm Suppression Settings — See ALMSUPP event. Comments — See COMMENT event. Questionable State — See QUESTION event. WatchList Tool — A protected point appears blank. Group Grid Tool — A protected point appears unreliable. Trend Tool — A protected point appear as if the point has no history. An error message will be displayed: "Unable to resolve Series x" (where "x" represents the number in the series of points assigned to plot).
Automation Interfaces (scripting)	GetTagList — Checks PNT and FAC level security and hides any data for which the user’s access is not at least Level 1 (read). GetFacilityList — Checks FAC security and hides any data for which the user’s access is not at least Level 1 (read). CxScript::Points Object — Checks PNT security. CxScript::Facilities Object — Checks FAC security. Point configuration record dialog boxes invoked via the COM API exposed through the CxPnt.dll. Alarm Settings — See ALARMSET and CFGBITxx events. Alarm Suppression Settings — See ALMSUPP event. Comments — See COMMENT event. Questionable State — See QUESTION event.
Utility Programs	Group Manager — The user running GrpMgr.exe must have admin rights to the connected GRP service before hierarchies can be configured or built. When configuring and building hierarchies, GrpMgr explicitly suppresses FAC and DDS record security checks so that it has access to the records that it needs. FacLoad — The user running FacLoad.exe must have admin rights to the FAC service before facilities can be loaded. PointCfgMgr — Does not check PNT or FAC level security. PointCfgScriptCopy — Does not check security.