LabVIEW

What you need to do with the Access Rights. If u can specify the exact requirement it will be useful.

Kind Regards

palanivel Thiruvenkadam

It's a few years late, but maybe it will help the poor souls desperately googling for a non-existent DSC documentation.

First thing, you need to install the DSC module to access this security tab. Even though "NI security"/ACL is a part of Labview (hence the App methods), you need DSC to apply granular security settings to certain controls, shared variables, libraries and what-not.

Second, anything you can do through a GUI in Labview, you can do programmatically. There's always an API, even if it's not documented most of the time. To apply an ACL to a control, you have to use an undocumented method of the Control class. I don't know if this method is part of the Labview base program or if the DSC module is mandatory (at least you can't easily access this method like other private properties), but the latter will make your life easier, since it provides some wrapper VIs for the security stuff. In this case it's ...\LabVIEW 20XX\vi.lib\lvdsc\security\internal\property\DSC_setACLtag.vi

Third, this VI uses a specific ACL reference/session as an input to apply to the control. Internally, the ACL is just a byte string, which is easy enough to reverse engineer (e.g. by looking at the ACL property within a library file, which is just a simple XML text file). However, to do it "properly", you'll have to use a whole different API to create and configure an ACL "object". Fortunately, there are wrapper VIs and exposed properties/methods to do this relatively simply. The relevant wrapper VIs are in ...\LabVIEW 20XX\vi.lib\Platform\security\user and most of it should be more or less self-explanatory (since there is no documentation, of course). Here's a very simple example how it's supposed to work:

The system is a bit convoluted because everything is an "object", i.e. the ACL itself, the ACL entry (ACE) and the access rights definition, but you get the point. You can allow acces for a machine (host name or IP address) via the AddHost method, or for a "NI Security" domain user/group/whatever, which they call "Principals", via AddEntry. You have to call the AddHost or AddEntry method for every host or user you want to add to the current ACL object and each call can use a different access rights object for different rights (in this example I just showed read/write allowed for both example entries).

I hope this sheds some light into the NI ACL system. I wouldn't recommend using it because it's not very reliable or secure, especially if you use host/machine based authentication instead of user/password.