Just like in any other part of our application we ensure that users can only see the data they are supposed to see.
You can define if a group has access to virtual events editor or not.
A virtual event action is executed with the data the owner (initially the creator) has access to.
Access to the data generated by virtual events is handled by giving access to the regarding things (just as for normal events). I.e. if you have a row of data where the thing is "machine A" only users with access to this thing can see this row.
You can share virtual events separately with read or write permissions.
Granting Access to Virtual Things
In a virtual event, you can assign any string column to the metadata thing attribute. If you do so the different entries will get registered as virtual things and will be available in the group settings.
If the thing is used exclusively in virtual events it will be marked as virtual in the group settings. If a user has access to a certain thing, he will be able to see and use the data related to this thing (regardless of whether it is virtual or not).
If a virtual event creates data of a thing that didn't exist in the database before the normal user will not see this data until the admin assigned permission for this thing to the user! This also holds true for virtual events which the user created by itself!