EPICS Controls Argonne National Laboratory

Experimental Physics and
Industrial Control System

1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  <20092010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  2024  Index 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  <20092010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  2024 
<== Date ==> <== Thread ==>

Subject: Re: TR: Access security problem
From: "Martin L. Smith" <[email protected]>
To: GOURNAY Jean-Francois <[email protected]>
Cc: [email protected]
Date: Tue, 08 Sep 2009 09:53:23 -0500
I think that if you remove the =1 in your CALC expression it will probably work.
So you should have:
CALC("A&1")
CALC("A>>1") .... etc

All CALC expressions must evaluate to TRUE or FALSE so there is no need for
the "=1" in this case.

I usually just use
CALC(A>0&&A<2) rather than "A=1" and
CALC(A>1&&A<3) rather than "A=2"
Just in case the VAL of the PV is not exactly 1 or 2 ...

For the RULE(1 ... and RULE(0 .... this refers to the Access Security Level
(ASL) and has to do with the database record definitions.
The EPICS Application Developers Guide, Chapter 6 states:

"Fields which operators normally change are assigned ASL0. Other
fields are assigned ASL1. For example, the VAL field of an analog output record is assigned ASL0 and all other fields ASL1. This is because only the VAL field should be modified during normal operations."

Allowing write access to Access Security Level 1 implies write access to Access
Security Level 0 but not visa versa.

Hope this helps,
Marty


GOURNAY Jean-Francois wrote:
/This message sent yesterday didn’t show up. ///

/ /

Hello

I try the following ASG configuration file:

UAG(tous) {spiral2, spiral2mgr, gournay}

UAG(physique) {spiral2}

UAG(develop) {spiral2mgr}

UAG(gournay) {gournay}

HAG(hag) {dappck110}

ASG(DEFAULT) {

      INPA(ASGVAL)

      RULE(1,READ)

      RULE(1,WRITE) {

            UAG(tous)

            HAG(hag)

            CALC("A&1=1")

      }

      RULE(1,WRITE) {

            UAG(develop)

            HAG(hag)

            CALC("A>>1=1")

      }

      RULE(1,WRITE) {

            UAG(physique)

            HAG(hag)

            CALC("A>>2=1")

      }

      RULE(1,WRITE) {

            UAG(gournay)

            HAG(hag)

CALC("A>>3=1") }
}

The idea is to change WRITE permission depending on the value of a longout record ASGVAL (ASGVAL.VAL = 1,2,4,8)

It doesn’t work: for A=1 the 3 users defined in “tous” have WRITE access whatever UAG. For A != 1 no WRITE access at all. As I am in ASG DEFAULT, I did’nt specify anything for the ASG Fields in the database.

What is wrong in this scheme?

Another point: I did’nt really understand the meaning of RULE(1 … vs RULE(0 …

Thanks!

J.F. Gournay

CEA Saclay

IRFU/SIS



References:
TR: Access security problem GOURNAY Jean-Francois

Navigate by Date:
Prev: Re: asyn compiler problems Eric Norum
Next: Re: asyn compiler problems Emmanuel Mayssat
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  <20092010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  2024 
Navigate by Thread:
Prev: TR: Access security problem GOURNAY Jean-Francois
Next: RE: Access security problem GOURNAY Jean-Francois
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  <20092010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  2024 
ANJ, 31 Jan 2014 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·