Spotfire Ideas Portal
The existing spotfire license either provides iron python or java script capability or removes completely. We are looking for options to restrict what users can do as part of the iron python or java scripting through spotfire such as
1. Restrict any input output operations through these scripts
2. list of packages or namespaces that can be imported or used in the scripts
To give a bit more context. The implicit assumption we have been working with for IronPython is that report creators would use such tools for report navigation and more intuitive manipulation and potentially some data side calculation.
However, we are seeing an increase of users leveraging code on the internet to suggest writing to file system. In a more extreme case, a user took code from online, where the extractData was written to a temp file on a server in plain text.
The user can potentially plead ignorance, and we can warn people not to do it, but it's still an imperfect solution. Ideally we would like ways to either track or restrict what happens within code while in report.