Product/components used and version/fix level:
1018.0.281
Question related to a free trial, or to a production (customer) instance?
production
Hello all,
I wanna create restriction for events, so that a user can only see a special type of events.
I created a inventory role with permissions for events. Type is set to “data” and permisson to “Read”. But when I make a request via RestAPI with the users credentials, I can still see all events. What is the correct way to filter the events for a user?
thx for help
Helmut
I assume the Inventory role has been assigned to groups the user has access to?
What is the tenant and user?
Also make sure that the user does not have global role assigned with Event READ permission. If that is the case, the user will be able to see all events.
I can still see all events
Also to Events of Devices, where the User does not have access to? Or “only” all events of the proper Devices?
I could think of:
- As Harald stated, make sure your User does not have event-read from a global role, this would overrule your Inventory Role
- There is a “Full-Access” option in your Inventory role. Make sure it is not set, this would overrule your Event configuration
- The
type label in Inventory Role configuration are actually the names of (custom-) fragments, not the value of your type property. But mixing up these would result in having no events shown, not all, so that should not be the reason here.
1 Like
Hi,
I added a custom fragment to the event and now it works.
Thx alot 
greets
Helmut