how to limit access to attributes
our physics team would like to limit the write-access to some device attributes for external users.
They want to avoid an external user change a critical attribute on a device. Theses values are accessible in expert mode only, but they prefer something more difficult to bypass that simply switching between Operator/Expert view.
I see several possibilities:
1. define some alarm/warning values for critical attributes : is it possible to forbid modification of properties like alarm values?
2. define a high-level DS with fewer attributes linked to a low-level DS with all possible attributes. In this case, Tango access control could be used to limit access on :
* low-level DS
* to read-only for operator login
* to read-write for expert login.
However, in this case, since Tango access control is based on login, I imagine this operator will not anymore have write access to the low-level device even through high-level DS. Am I right?
Do you see any other way to avoid changing a critical value?
Yes, it is possible, with TAC, but for the whole device, if the user is in TAC READ-ONLY mode on this device. There is no fine granularity per attribute.
If the high level device is not exposing any of the low level device expert attributes and is not writing these expert attributes at all in its code, then indeed, the operator will not have any more write access to the low-level device, even through the high level DS.
Rosenberg's Law: Software is easy to make, except when you want it to do something new.
Corollary: The only software that's worth making is software that does something new.