Hi,
We need to restrict the user to see only specific PMUs.
E.g.
PDC is connected with 5 PMUs (PQRST)
Users (ABCDE) can see only specific PMU like
user A-> PMU P
user B-> PMU Q
Specifically, we need to this security feature in openHistorian Grafana portal.
Could you please explain, how can we achieve this?
Thanks & Regards
Logu
Currently you cannot “hide” PMUs from a user who can login, the rights control who can “modify” a record.
The roles are “Viewer” (read-only access), “Editor” (edit access), “Admin” (edit access + can control security).
To create ACLs for each PMU you would need define a “Role” for each device in the system, then associate users with these device “Roles”, and finally you would need to modify the device screen to check for role access.
Not too complicated, but it is a code change to check roles on screens with device access and a schema update to synchronize device names to the roles table.
Grafana rights restriction would need to filter metadata based on these roles.
Ritchie
Hi Ritchie,
Thanks for your quick response.
In openHistorian database, there is a field “NodeID” in Device table.
Could you please explain more? what is meant by “Node”?
How to configure multiple node in single openHistorian instance?
Do we have any documentation? If yes, please share the document link.
thanks & Regards
Logu
Technically the “NodeID” field is what allows a single database instance to be used as a configuration source for multiple openHistorian instances.
This is typically not a recommended deployment, especially where access to new database instances is not an issue, i.e., creating one database instance per openHistorian instance is ideal.
However, in cases where getting database instances can be a complex activity, e.g., highly controlled IT environment with restricted database access, then using a single instance database where each node represents an instance of an openHistorian can be beneficial.
Thanks,
Ritchie