Permission-related functions | |
see also the module Permission manipulation functions | |
| bool | fwAccessControl_HasUserAdminPrivilege (dyn_string &exceptionInfo, string user="", bool exceptionOnNotGranted=TRUE) |
| bool | fwAccessControl_HasGroupAdminPrivilege (dyn_string &exceptionInfo, string user="", bool exceptionOnNotGranted=TRUE) |
| bool | fwAccessControl_HasDomainAdminPrivilege (dyn_string &exceptionInfo, string user="", bool exceptionOnNotGranted=TRUE) |
| bool | fwAccessControl_HasSystemAdminPrivilege (dyn_string &exceptionInfo, string user="", bool exceptionOnNotGranted=TRUE) |
| void | fwAccessControl_getGroupPrivileges (string groupName, dyn_string domainNames, dyn_string &privileges, dyn_string &exceptionInfo, bool recursively=FALSE) |
| void | fwAccessControl_updateGroupPrivileges (string groupName, dyn_string newPrivileges, dyn_string &exceptionInfo) |
| void | fwAccessControl_getUserPrivileges (string userName, dyn_string domainNames, dyn_string &privileges, dyn_string &exceptionInfo, bool strictRoleChecking=FALSE) |
| void | fwAccessControl_checkUserPrivilege (string userName, string domainName, string privilegeName, bool &granted, dyn_string &exceptionInfo) |
| void | fwAccessControl_isGranted (string domain_privilege, bool &granted, dyn_string &exceptionInfo) |
| void | fwAccessControl_getGroupsHavingPrivilege (string domainName, string privName, dyn_string &groups, dyn_string &exceptionInfo) |
| void | fwAccessControl_getUsersHavingPrivilege (string domainName, string privName, dyn_string &users, dyn_string &exceptionInfo) |
| void | fwAccessControl_checkUserPrivilege_AuthFunc (string userName, string domainName, string privilegeName, bool &granted, dyn_string &exceptionInfo) |
| void | fwAccessControl_checkUserPrivilege_AuthFastFunc (string userName, string domainName, string privilegeName, bool &granted, dyn_string &exceptionInfo) |
| void | fwAccessControl_getPrivilegeNames (string domainName, dyn_string &privilegeNames, dyn_int &privilegeIds, dyn_string &exceptionInfo) |
| void | fwAccessControl_setPrivilegeNames (string domainName, dyn_string privilegeNames, dyn_string &exceptionInfo) |
| bool fwAccessControl_HasUserAdminPrivilege | ( | dyn_string & | exceptionInfo, | |
| string | user = "", |
|||
| bool | exceptionOnNotGranted = TRUE | |||
| ) |
check if user has User Administration privilege
| exceptionInfo | standard error-handling variable | |
| user | (optional) the name of the user for which privilege is checked; by default (empty string) - current user. | |
| exceptionOnNotGranted | if true, also raises exception when the user has no privilege |
| bool fwAccessControl_HasGroupAdminPrivilege | ( | dyn_string & | exceptionInfo, | |
| string | user = "", |
|||
| bool | exceptionOnNotGranted = TRUE | |||
| ) |
check if user has Group Administration privilege
| exceptionInfo | standard error-handling variable | |
| user | (optional) the name of the user for which privilege is checked; by default (empty string) - current user. | |
| exceptionOnNotGranted | if true, also raises exception when the user has no privilege |
| bool fwAccessControl_HasDomainAdminPrivilege | ( | dyn_string & | exceptionInfo, | |
| string | user = "", |
|||
| bool | exceptionOnNotGranted = TRUE | |||
| ) |
check if user has Domain Administration privilege
| exceptionInfo | standard error-handling variable | |
| user | (optional) the name of the user for which privilege is checked; by default (empty string) - current user. | |
| exceptionOnNotGranted | if true, also raises exception when the user has no privilege |
| bool fwAccessControl_HasSystemAdminPrivilege | ( | dyn_string & | exceptionInfo, | |
| string | user = "", |
|||
| bool | exceptionOnNotGranted = TRUE | |||
| ) |
check if user has System Administration (root) privilege
| exceptionInfo | standard error-handling variable | |
| user | (optional) the name of the user for which privilege is checked; by default (empty string) - current user. | |
| exceptionOnNotGranted | if true, also raises exception when the user has no privilege |
| void fwAccessControl_getGroupPrivileges | ( | string | groupName, | |
| dyn_string | domainNames, | |||
| dyn_string & | privileges, | |||
| dyn_string & | exceptionInfo, | |||
| bool | recursively = FALSE | |||
| ) |
get the list of privileges granted to a group
| groupName | specifies the group name | |
| domainNames | if empty, all domains are searched, including system domain | |
| privileges | on return contains the list of privileges | |
| exceptionInfo | standard error-handling variable | |
| recursively | (optional, default FALSE); determines if group hierarchy should be traversed recursively to extract all privileges |
| void fwAccessControl_updateGroupPrivileges | ( | string | groupName, | |
| dyn_string | newPrivileges, | |||
| dyn_string & | exceptionInfo | |||
| ) |
sets (updates) the privileges of a group
| groupName | specifies the group name | |
| newPrivileges | contains the list of new privileges, encoded as "domain:privilege" strings | |
| exceptionInfo | standard error-handling variable |
| void fwAccessControl_getUserPrivileges | ( | string | userName, | |
| dyn_string | domainNames, | |||
| dyn_string & | privileges, | |||
| dyn_string & | exceptionInfo, | |||
| bool | strictRoleChecking = FALSE | |||
| ) |
get privileges of specified user for a domain
This function returns the list of privileges for a specified user in a specified domain (or a list of domains)
| void fwAccessControl_checkUserPrivilege | ( | string | userName, | |
| string | domainName, | |||
| string | privilegeName, | |||
| bool & | granted, | |||
| dyn_string & | exceptionInfo | |||
| ) |
check if specific user has permission in a domain
| userName | user name for which privileges are checked; empty string: get current user | |
| domainName | domain name in which privilege is checked | |
| privilegeName | privilege name queried | |
| granted | on return will contain TRUE if user has the privilege, FALSE otherwise | |
| exceptionInfo | standard error-handling variable |
userName is NULL (ie get current user), then the function will also take into account the current workstation/manager authorization masks, which allows to restrict certain privileges to certain workstations; this will however not work if a custom authorization function is specified. | void fwAccessControl_isGranted | ( | string | domain_privilege, | |
| bool & | granted, | |||
| dyn_string & | exceptionInfo | |||
| ) |
This function returns whether the current user has been granted a certain privilege.
Modification History: None
Constraints: None
Usage: JCOP framework internal
PVSS manager usage: VISION
| domain_privilege | string that contains the domain, the privilege is seeked in, concatenate via : with the name of the domain | |
| granted | boolean that will contain the result of the query | |
| exceptionInfo | dyn_string for JCOP Fw exception handling |
| void fwAccessControl_getGroupsHavingPrivilege | ( | string | domainName, | |
| string | privName, | |||
| dyn_string & | groups, | |||
| dyn_string & | exceptionInfo | |||
| ) |
get the list of groups that hold specific privilege
Note: the function also looks up through each groups' subgroups to resolve all privileges...
| void fwAccessControl_getUsersHavingPrivilege | ( | string | domainName, | |
| string | privName, | |||
| dyn_string & | users, | |||
| dyn_string & | exceptionInfo | |||
| ) |
get the list of users that hold specific privilege
| void fwAccessControl_checkUserPrivilege_AuthFunc | ( | string | userName, | |
| string | domainName, | |||
| string | privilegeName, | |||
| bool & | granted, | |||
| dyn_string & | exceptionInfo | |||
| ) |
Default authorization-checking routine
| void fwAccessControl_checkUserPrivilege_AuthFastFunc | ( | string | userName, | |
| string | domainName, | |||
| string | privilegeName, | |||
| bool & | granted, | |||
| dyn_string & | exceptionInfo | |||
| ) |
| void fwAccessControl_getPrivilegeNames | ( | string | domainName, | |
| dyn_string & | privilegeNames, | |||
| dyn_int & | privilegeIds, | |||
| dyn_string & | exceptionInfo | |||
| ) |
| void fwAccessControl_setPrivilegeNames | ( | string | domainName, | |
| dyn_string | privilegeNames, | |||
| dyn_string & | exceptionInfo | |||
| ) |
sets the list of privilege names for a domain
1.6.1