fwAccessControl
8.4.2
|
Functions | |
void | _fwAccessControl_exportDomain (dyn_string &expCmd, string domainName, dyn_string &exceptionInfo) |
void | _fwAccessControl_exportGroup (dyn_string &expCmd, string groupName, dyn_string &exceptionInfo) |
void | _fwAccessControl_exportSubGroup (dyn_string &expCmd, string groupName, dyn_string &exceptionInfo) |
void | _fwAccessControl_exportUser (dyn_string &expCmd, string userName, dyn_string &exceptionInfo) |
Variables | |
global bool | g_fwAccessControl_initialised =FALSE |
global bool | g_fwAccessControl_isInInit =FALSE |
global string | g_fwAccessControl_AreasDP |
global string | g_fwAccessControl_GroupsDP |
global string | g_fwAccessControl_UsersDP |
global string | g_fwAccessControl_WorkstationsDP |
global mapping | g_fwAccessControl_workstationAliases |
global string | g_fwAccessControl_ConfigurationDP |
global string | g_fwAccessControl_DefaultAdminPriv |
global string | g_fwAccessControl_CurrentRole |
const int | GROUP_IDX_TO_NAME =2 |
const int | DOMAIN_NAME_TO_IDX =3 |
const int | DOMAIN_IDX_TO_NAME =4 |
const int | USER_NAME_TO_IDX =5 |
const int | USER_IDX_TO_NAME =6 |
Permission-related functions | |
see also the module Permission manipulation functions | |
void | fwAccessControl_setPrivilegeNames (string domainName, dyn_string privilegeNames, dyn_string &exceptionInfo) |
Framework domain specific functions | |
void | _fwAccessControl_checkInit () |
private void | _fwAccessControl_dpSetSudo (string dpe, mixed &value, dyn_string &exceptionInfo) |
private | _fwAccessControl_checkRootAndParaPrivileges () |
private void | _fwAccessControl_setInitialLoginAndRole () |
private void | _fwAccessControl_checkExecuteInitHook () |
private void | _fwAccessControl_checkSetupGlobalVariables () |
private void | _fwAccessControl_checkSetupUiDpArchiving () |
private void | _fwAccessControl_checkSetupConfigurationDP () |
private void | _fwAccessControl_checkSetupPrivileges () |
private void | _fwAccessControl_checkSetupEgroupSyncDP () |
void fwAccessControl_setPrivilegeNames | ( | string | domainName, |
dyn_string | privilegeNames, | ||
dyn_string & | exceptionInfo | ||
) |
sets the list of privilege names for a domain
void _fwAccessControl_checkInit | ( | ) |
initialized variables used by access control
note that custom initialization hooks may be provided by defining function fwAccessControl_initializeHook(); it will be called automatically at the end of startup, before the autologin/forcelogin. Note that the hook function is executed with root authorization!!!
void _fwAccessControl_exportDomain | ( | dyn_string & | expCmd, |
string | domainName, | ||
dyn_string & | exceptionInfo | ||
) |
Exports domain information as a text suitable for .postInstall script
expCmd | lines with CTRL commands will be appended to this variable |
domainName | the name of the domain to export |
exceptionInfo | standard exception handling variable |
NOTE! The "generic" privilege names (names matchin "PRIV?", i.e. PRIV5, PRIV6, PRIV7) will not be stored!
void _fwAccessControl_exportGroup | ( | dyn_string & | expCmd, |
string | groupName, | ||
dyn_string & | exceptionInfo | ||
) |
Exports group information as a text suitable for .postInstall script
expCmd | lines with CTRL commands will be appended to this variable |
groupName | the name of the group to export |
exceptionInfo | standard exception handling variable |
void _fwAccessControl_exportSubGroup | ( | dyn_string & | expCmd, |
string | groupName, | ||
dyn_string & | exceptionInfo | ||
) |
Exports subgroup information as a text suitable for .postInstall script
expCmd | lines with CTRL commands will be appended to this variable |
groupName | the name of the group, the subgroup info of which to be exported |
exceptionInfo | standard exception handling variable |
void _fwAccessControl_exportUser | ( | dyn_string & | expCmd, |
string | userName, | ||
dyn_string & | exceptionInfo | ||
) |
Exports user information as a text suitable for .postInstall script
expCmd | lines with CTRL commands will be appended to this variable |
userName | the name of the user to export |
exceptionInfo | standard exception handling variable |
global bool g_fwAccessControl_initialised =FALSE |
flag indicating the initialisation
global bool g_fwAccessControl_isInInit =FALSE |
flag indicating that we are in initialisation phase and enable certain functions to work already at early stage
global string g_fwAccessControl_AreasDP |
contains the DP name storing area information, usually SystemName:_Areas
global string g_fwAccessControl_GroupsDP |
contains the DP name storing groups information, usually SystemName:_Groups
global string g_fwAccessControl_UsersDP |
contains the DP name storing Users information, usually SystemName:_Users
global string g_fwAccessControl_WorkstationsDP |
contains the DP name storing Workstation information, usually SystemName:_WsPermission
global mapping g_fwAccessControl_workstationAliases |
contains the mapping of aliases for workstations to the list of names
global string g_fwAccessControl_ConfigurationDP |
contains the DP name storing the Fw Access Control Settings
global string g_fwAccessControl_DefaultAdminPriv |
contains the default name:privilege for user/group/domain administration; as of fwAccessControl-3.2.24 the new default it is SYSTEM:FwAccessControl (privilege 30 of system domain)
global string g_fwAccessControl_CurrentRole |
Currently selected role, if strict role checking enabled.
const int GROUP_IDX_TO_NAME =2 |
convert group index to group name in _fwAccessControl_convert
const int DOMAIN_NAME_TO_IDX =3 |
convert domain name to domain index in _fwAccessControl_convert
const int DOMAIN_IDX_TO_NAME =4 |
convert domain index to domain name in _fwAccessControl_convert
const int USER_NAME_TO_IDX =5 |
convert user name to user index in _fwAccessControl_convert
const int USER_IDX_TO_NAME =6 |
convert user index to user name in _fwAccessControl_convert