edmiRemoteDefineAccessRights

Owned by Former user (Deleted)
Last updated: Dec 05, 2017
EdmiError edmiRemoteDefineAccessRights(SdaiServerContext serverContextId,
                                       SdaiAppInstance   currInst,      
                                       SdaiInstance      userORgroupId, 
                                       SdaiUnsignedInt   accessRights,  
                                       SdaiInvocationId  *edmiInvocationId);

Grants individual access rights to a protected instance to an EDMuser or an EDMgroup in a remote EDMdatabase. The access rights granted by this function will only be effective in cases where the EDMuser/EDMgroup would otherwise be given public access. I.e, owners and administrators can not have their access rights increased or reduced by having individual access rights set for them. Only owners, administrators and superuser may use this function.

Arguments

TypeNameComment
 SdaiServerContext

serverContextId

Context identification, from edmiDefineServerContext

 SdaiAppInstance

currInst

A numeric instanceID that uniquely identifies a protected instance in the  EDMdatabase  for which individual access rights are to be granted to an EDMuser or EDMgroup.

 SdaiInstance

userORgroupId

A numeric instanceID that uniquely identifies an EDMuser or EDMgroup instance in the EDMdatabase  to be granted individual access rights to the protected instance given by argument <currInst>.

 SdaiUnsignedInt

accessRights

A bitwise OR of any combination of the symbols below: 

  • DELETE_ACCESS
  • EXECUTE_ACCESS
  • CREATE_ACCESS
  • WRITE_ACCESS
  • READ_ACCESS
 SdaiInvocationId

edmiInvocationId

Currently not used.

Return Value

Error rendering macro 'excerpt-include' : User 'null' does not have permission to view the page 'US:_r_EDMInterface'.

 

Options

  

 

Example

 

 EdmiError rstat;
 SdaiInstance instId;
 SdaiServerContext myContext;
 SdaiRepository repId;
 SdaiModel modId;
 SdaiInstance userId, directorId;
 SdaiBoolean gotAccess;
 SdaiInteger accessRole, protCode, accRights;
  
 /* Define Remote Server Context */
 rstat = edmiDefineServerContext("MyRemoteServerContext",
 "Superuser", NULL, "cf37ftr", 
 "TCP", "9090", "MyServerHost", 
 NULL, NULL, NULL, NULL, NULL, &myContext); 
  
 /* Check if Johnny got access */
 rstat = edmiRemoteGetRepository(myContext, "StaffRepository",
 &repId, NULL); 
 rstat = edmiRemoteGetUser(myContext, "Johnny", &userId, NULL);
 rstat = edmiRemoteCheckInstanceAccess(myContext, repId, 0,
 (WRITE_ACCESS|CREATE_ACCESS), userId, 0, 0,  
 &gotAccess, &instId, &accessRole,  
 &protCode, &accRights, NULL); 
  
 /* Check if access may be granted */
 if (gotAccess != sdaiTRUE) {
 /* Check if Johnny was individually excluded */ 
 if (accessRole == ACCESS_FOR_USER) { 
 printf("\nSorry Johnny has already been excluded."); 
 goto err; 
 } else if (accessRole != PUBLIC_ACCESS) { 
 printf("\nJohnny is owner or administrator."); 
 printf("\nIndividual access rights will have no effect."); 
 goto err; 
 } else { 
 /* Grant access to Johnny on the StaffRepository */ 
 rstat = edmiRemoteDefineAccessRights(myContext, repId,  
 userId, (WRITE_ACCESS|CREATE_ACCESS), NULL); 
 } 
 }
  
 /* Create Johnnys Hour List Model */
 rstat = edmiRemoteCreateModel(myContext, "StaffRepository",
 "JohnnysHourList", "HOUR_LIST_SCHEMA", 0, NULL); 
  
 rstat = edmiRemoteGetModel(myContext, repId,
 "JohnnysHourList", &modId, NULL); 
  
 /* Change ownership */
 rstat = edmiRemoteChangeInstanceOwner(myContext, modId,
 userId, (SET_OWNER|REPLACE_CURRENT), NULL); 
  
 /* Set protection */
 rstat = edmiRemoteProtectInstance(myContext, modId,
 (GROUP_NONE|PUBLIC_NONE|OWNER_CREATE| 
 OWNER_DELETE|OWNER_WRITE), NULL); 
  
 /* Grant read access to director */
 rstat = edmiRemoteGetUser(myContext, "Director", &directorId, NULL);
 rstat = edmiRemoteDefineAccessRights(myContext, modId,
 directorId, READ_ACCESS, NULL); 
 . . .

 

See also

Filter by label

There are no items with the selected labels at this time.

Â