Recipe Security

Individual recipes can be protected from anyone accessing or altering a recipe. This is accomplished by indicating who is allowed or denied access to recipe items at the users or a group security level.

Prerequisites:

• Define data sources and process points requiring authorization and designate the Performer and Verifier security roles. See Global Settings - Authorization Tab.
• Assign security privileges to individual users or groups of users, granting or denying access to operations. See Security Privileges for Users and Groups.

To set up recipe security for a User or Group:

1. From the Workbench Project Explorer, expand the Security node and expand either the Groups or Users node.
2. Select Edit. The Security User or Group pane appears.
3. Select the Points tab.
4. Define the recipe data points (tags) you want to allow or deny access to in Allow these Operations and Deny these Operations.
   1. Select Click here to add new item and click the tag to open the Data Browser.

      Data Browser path to recipes is My Computer >Platform Services >Recipe.

   2. Select recipe items you want to secure. View image

   

5. Select Apply to save the information.

To set up a recipe command security for a User or Group:

1. From the Workbench Project Explorer, expand the Security node and expand either the Groups or Users node.
2. Select the Method tab.
3. Define the recipe data points (tags) you want to allow or deny access to in Allow these Operations and/or Deny these Operations.
4. Select Click here to add new item and click the tag to open the Data Browser.

   Data Browser path to recipes is My Computer >Platform Services >Recipe

5. Select a recipe command you want to secure. For example, you can allow or deny the Delete, Copy, Download Upload, or create New actions for a recipe. You can also use wildcard characters to prevent the user from deleting all recipe items using the rcp:.Donuts:*\RecipeDelete command. View image

   

6. (Optional) Another method for denying access to recipe items is through the Application Actions section.
   1.  Scroll to the Commands and expand the list.

   2. Scroll to the Recipe commands and clear the checkboxes to deny these methods for an individual user or group of users. View image

      

   When a command is executed for a recipe that requires double authorization, an Authorization dialog is displayed. The user logs in with their credentials and enters a comment and requests verification. After the user has been verified, the operation is performed and a new GenEvents log is are generated. View image

   

   Single or double password authentication applies to GraphWorX64 Runtime mode, HTML5 and Mobile applications, and other controls, such as Recipe Navigator and Recipe Grid (on the Controls ribbon).