Currently some functionality is only available to admin users yet sometimes it may make sense for users to be able to access aspects of this functionality. One example is listing information about connections (see list connections as NON-Admin ). Another is changing the run user for a Scenario (e.g., to a service account).
One can use a global API key with admin rights in a python script to achieve this but not a good practice to have that key stored in the code.
It'd be great if there was a way for an admin user to authorize specific Python functions to operate with admin permissions. Perhaps this could be done via a plugin although that would be more limited in scope. I suspect there are a number of ways this could be accomplished. I'm just sharing a couple ideas that have come to mind.
This would be flexible way for each organization to decide specifically what they might want to provide their users access to without changing the default behavior for DSS.