Issue
A site has multiple locations in its instance. The goal is to restrict objects for a User in other locations by using permissions and tags which allow certain objects only for the local instance. The User also requires access to Event History, Live Monitoring and Floor plans.
After setting User permissions for specific objects, the object permissions work as expected, however clicking on Event History, Live Monitoring or a Floor plan shows:
'An error has occurred in the Live monitoring document while trying to execute initialize'
Or Access Expert will show one of the following errors depending on which event object was selected:
'An error has occurred in the Event History document while trying to execute initialize'
'An error has occurred in the Floor Plan document while trying to execute initialize'
Product Line
EcoStruxure Access Expert
Environment
Access Expert V3 Hosted
Cause
Event-level permissions function differently than object-level permissions
Resolution
User permissions set up with tags to restrict access to other locations will work as expected with objects like hardware, but these restrictions will not work with event objects.
The options to accomplish this are:
1. Buy an enterprise license and divide up the sites with their own instance. Each location should be represented by a shared instance with its controllers configured. Those controllers will publish their event to only their instances which can be controlled using permissions. This is the preferred method.
2. Allow ALL Type permissions for the hardware and event objects to be accessed. Using this method allows the event objects to work, but allows Users from other locations to access the hardware.
Event-level objects use an entirely different mechanism than regular objects. The technology under the hood requires that an enterprise license be used to accomplish event-level permission restrictions.
