Grants individual access rights to a protected istance to an EDMuser or an EDMgroup in a remote EDMdatabase.
The acces rights granted by this function will only be effective in cases where the EDMuser/EDMgroup would otherwise be given public access. I.e, owners and administrators can not have their access rights increased or reduced by having individual access rights set for them.
Only owners, administrators and superuser may use this function.
Related functions: edmiRemoteCheckInstanceAccess, edmiRemoteGetInstanceAccessRights, edmiRemoteChangeInstanceOwner, edmiRemoteDeleteAccessRights, edmiRemoteProtectInstance.
Header:
#include "sdai.h"
Prototype:
EdmiError edmiRemoteDefineAccessRights(SdaiServerContext serverContextId, SdaiAppInstance currInst, SdaiInstance userORgroupId, SdaiUnsignedInt accessRights, SdaiInvocationId *edmiInvocationId);
Arguments:
serverContextId |
Context identification, from edmiDefineServerContext |
currInst |
A numeric instanceID that uniquely identifies a protected instance in the _EDMdatabase_ for which individual access rights are to be granted to an EDMuser or EDMgroup. |
userORgroupId |
A numeric instanceID that uniquely identifies an EDMuser or EDMgroup instance in the _EDMdatabase_ to be granted individual access rights to the protected instance given by argument <currInst>. |
accessRights |
A bitwise OR of any combination of the symbols below: |
edmiInvocationId |
Currently not used. |
Returns:
A completion code of datatype EdmiError is the returned function value. The completion code has the following values:
Completion code = 0 : Operation successfully performed.
Completion code != 0: Error in operation. Completion code is an _EDMinterface_ error code. Use edmiGetErrorText to get the error text corresponding to the error code.
Example:
EdmiError rstat;
SdaiInstance instId;
SdaiServerContext myContext;
SdaiRepository repId;
SdaiModel modId;
SdaiInstance userId, directorId;
SdaiBoolean gotAccess;
SdaiInteger accessRole, protCode, accRights;
/* Define Remote Server Context */
rstat = edmiDefineServerContext("MyRemoteServerContext",
"Superuser", NULL, "cf37ftr",
"TCP", "9090", "MyServerHost",
NULL, NULL, NULL, NULL, NULL, &myContext);
/* Check if Johnny got access */
rstat = edmiRemoteGetRepository(myContext, "StaffRepository",
&repId, NULL);
rstat = edmiRemoteGetUser(myContext, "Johnny", &userId, NULL);
rstat = edmiRemoteCheckInstanceAccess(myContext, repId, 0,
(WRITE_ACCESS|CREATE_ACCESS), userId, 0, 0,
&gotAccess, &instId, &accessRole,
&protCode, &accRights, NULL);
/* Check if access may be granted */
if (gotAccess != sdaiTRUE) {
/* Check if Johnny was individually excluded */
if (accessRole == ACCESS_FOR_USER) {
printf("\nSorry Johnny has already been excluded.");
goto err;
} else if (accessRole != PUBLIC_ACCESS) {
printf("\nJohnny is owner or administrator.");
printf("\nIndividual access rights will have no effect.");
goto err;
} else {
/* Grant access to Johnny on the StaffRepository */
rstat = edmiRemoteDefineAccessRights(myContext, repId,
userId, (WRITE_ACCESS|CREATE_ACCESS), NULL);
}
}
/* Create Johnnys Hour List Model */
rstat = edmiRemoteCreateModel(myContext, "StaffRepository",
"JohnnysHourList", "HOUR_LIST_SCHEMA", 0, NULL);
rstat = edmiRemoteGetModel(myContext, repId,
"JohnnysHourList", &modId, NULL);
/* Change ownership */
rstat = edmiRemoteChangeInstanceOwner(myContext, modId,
userId, (SET_OWNER|REPLACE_CURRENT), NULL);
/* Set protection */
rstat = edmiRemoteProtectInstance(myContext, modId,
(GROUP_NONE|PUBLIC_NONE|OWNER_CREATE|
OWNER_DELETE|OWNER_WRITE), NULL);
/* Grant read access to director */
rstat = edmiRemoteGetUser(myContext, "Director", &directorId, NULL);
rstat = edmiRemoteDefineAccessRights(myContext, modId,
directorId, READ_ACCESS, NULL);
. . .