By default; ThingWorx system shows only the entities for which user has visibility permission.
Sample RestAPI example:
For e.g. if user has visibility to only two Things out of five implementing Thing of the Thing Template; he/she will receive the two he/she has access to as response. Here I am considering that user has access to the ThingTemplate whose Implementing Thing we want to view.
I hope it helps.
Hi Ankit Thanks for providing the Rest API.
1. Even though the user does not have any access to the ThingTemplate, the user can execute this service from a Postman using the Basic Authentication in header.
Does this API go by the visibility (Orgs and Org Units) or by Runtime permissions for filtering out the results?
2. It is returning all the implementing things even though I did not set the visibility to any org.
Does it return results based only visibility of the Thing or Design Time or Run time permissions?
After removing the "users" group from "Everyone" organization now the user is not seeing any Things, which is what is wanted. Now I started to build the custom org tree to assign the visibility to Things. However the Org to Thing visibility is not working as intended.
Here is the scenario
- "My company Everyone" Org is at top level where all the users are assigned to. When a new user is created, that user will be added to this "My Company Everyone" org unit.
- Then a child org called "Department A" Org unit is added.
- ThingTemplate (TT) is implemented by 10 Things.
- 5 of those Things are for Department A. Only people in Department A are supposed to view Things related to that department.
- Visibility on those 5 Things for Dept. A are assigned with "Department A" Org unit.
User UA1 is assigned to "Department A" org unit. When this user logs in or when invoking the API that you have provided, it is correctly displaying 5 Things.
I added a new user UA2 and is not assigned to "Department A". However this user also is seeing those 5 Things. This is not expected.
How do I resolve this?