Closed kasemir closed 4 years ago
If the access groups names don't change, the server.initAccessSecurityFile(filename)
can be called multiple times. The following is based on the access_control.py example.
pvdb = {
...
'ASG': {'type', 'str'}
}
class myDriver(Driver):
def write(self, reason, value):
if reason == 'ASG':
tid = threading.Thread(target=self.reload_asg, args=(value,))
tid.start()
self.setParam(reason, value)
return True
def reload_asg(self, asg):
cas.asCaStop()
server.initAccessSecurityFile(asg, P=prefix)
cas.asCaStart()
The asg file can be changed by writing to MTEST:ASG
, e.g.
caput MTEST:ASG test2.as
if .. group names don't change ..
Excellent, I think that's sufficient for what we need. The required change is usually limited to adding/removing users to/from existing user groups.
server.initAccessSecurityFile(filename)
allows setting an access security file. This must be called beforecreatePV()
.IOCs do allow re-loading the access security configuration file at runtime, to support changing the settings without rebooting the IOC. It is possible to support this in the API, i.e. add a
reload
type call?It would be up to the user to figure out how/when to call this, for example one could add a PV which, when written, calls that reload API.