Security.Resources
persistent class Security.Resources extends %Library.Persistent, %XML.Adaptor, %SYSTEM.Help
SQL Table Name: Security.Resources
Define the security Resource database, and methods which manipulate them.The system includes a set of pre-defined System resources. Some properties of the system resources may not be modified.
Resource names have the following properties:
1) Resource names are case insensitive.
2) Maximum length of a resource name is 64 characters.
3) First Character after the "_" cannot be a % for user-defined resources
4) Resource names cannot contain a "," or ":"
The %Admin_Secure:USE permission is required to operate on a resource
The table for this class should be manipulated only through object access, the published API's or through the System Management Portal. It should not be updated through direct SQL access.
Property Inventory
Method Inventory
Parameters
parameter DOMAIN = %Utility;
Properties
property Description as %String (MAXLEN = 256);
Description of the resource.
Description cannot be modified if a system defined resource.
Description cannot be modified if a system defined resource.
Property methods: DescriptionDisplayToLogical(), DescriptionGet(), DescriptionGetStored(), DescriptionIsValid(), DescriptionLogicalToDisplay(), DescriptionLogicalToOdbc(), DescriptionNormalize(), DescriptionSet()
property Name as %String (COLLATION = "Exact", MAXLEN = 64, MINLEN = 1) [ Required ];
Name of the resource.
Property methods: NameDisplayToLogical(), NameGet(), NameGetStored(), NameIsValid(), NameLogicalToDisplay(), NameLogicalToOdbc(), NameNormalize(), NameSet()
property PublicPermission as Security.Datatype.Permission [ InitialExpression = 0 ];
Public permissions on the resource.
Bit 0 - Read
Bit 1 - Write
Bit 2 - Use
Alternatively, you can set to this any of "RWU" or "READ,WRITE,USE"
Bit 0 - Read
Bit 1 - Write
Bit 2 - Use
Alternatively, you can set to this any of "RWU" or "READ,WRITE,USE"
Property methods: PublicPermissionDisplayToLogical(), PublicPermissionExternalToInternal(), PublicPermissionGet(), PublicPermissionGetStored(), PublicPermissionInternalToExternal(), PublicPermissionIsValid(), PublicPermissionLogicalToDisplay(), PublicPermissionLogicalToOdbc(), PublicPermissionNormalize(), PublicPermissionXSDToLogical()
property Type as Security.Datatype.ResourceType (MINVAL = 0) [ InitialExpression = 0 ];
Type - Bitmap describing the type of resource.
Bit 0 = System initialized resource
Bit 1 = Database resource
Bit 2 = Service resource
Bit 3 - Application resource
Bit 4 - DeepSee resource
Bits 5-30 reserved
Bit 31 = User defined Resource
Bits 31-64 user defined
Note that this property is set automatically by the filer and should not be set for user defined resources.
Do not modify this field directly except on initialization of system defaults.
Bit 0 = System initialized resource
Bit 1 = Database resource
Bit 2 = Service resource
Bit 3 - Application resource
Bit 4 - DeepSee resource
Bits 5-30 reserved
Bit 31 = User defined Resource
Bits 31-64 user defined
Note that this property is set automatically by the filer and should not be set for user defined resources.
Do not modify this field directly except on initialization of system defaults.
Property methods: TypeDisplayToLogical(), TypeGet(), TypeGetStored(), TypeIsValid(), TypeLogicalToDisplay(), TypeLogicalToOdbc(), TypeNormalize(), TypeSet(), TypeXSDToLogical()
Methods
classmethod Create(Name As %String, Description As %String, PublicPermission As Security.Datatype.Permission, Type As %Integer) as %Status
Create a Resource.
Creates a Resource in the Security database.
Parameters:
Name - Name of the resource to create
Description- Description of the resource
PublicPermission - Public permission on the resource
May be one or more of "R","W","U"
Type - Internal use only, User defined resources should not pass this parameter
Creates a Resource in the Security database.
Parameters:
Name - Name of the resource to create
Description- Description of the resource
PublicPermission - Public permission on the resource
May be one or more of "R","W","U"
Type - Internal use only, User defined resources should not pass this parameter
Delete a resource.
This method will delete a resource from the security database. After the resource is deleted, it will update all the roles which hold this resource to remove the resource from the role. It will then update the in-memory security tables to mark this resource as "No access" for all roles, and "no access" for its public permissions.
Access to these resources will then be restricted only to users who own the %All role.
Parameters:
Name - Name of the resource to delete
This method will delete a resource from the security database. After the resource is deleted, it will update all the roles which hold this resource to remove the resource from the role. It will then update the in-memory security tables to mark this resource as "No access" for all roles, and "no access" for its public permissions.
Access to these resources will then be restricted only to users who own the %All role.
Parameters:
Name - Name of the resource to delete
classmethod Exists(Name As %String, ByRef Resource As %ObjectHandle, ByRef Status As %Status) as %Boolean
Resource exists.
This method checks for the existence of a resource in the security database.
Parameters:
Name - Name of the resource to check existence of
Return values:
If Value of the method = 0 (Resource does not exist, or some error occured)
Resource = Null
Status = Resource "x" does not exist, or other error message
If Value of the method = 1 (Resource exists)
Resource = Object handle to resource
Status = $$$OK
This method checks for the existence of a resource in the security database.
Parameters:
Name - Name of the resource to check existence of
Return values:
If Value of the method = 0 (Resource does not exist, or some error occured)
Resource = Null
Status = Resource "x" does not exist, or other error message
If Value of the method = 1 (Resource exists)
Resource = Object handle to resource
Status = $$$OK
classmethod Export(FileName As %String = "ResourcesExport.xml", ByRef NumExported As %Integer, Resources As %String = "*", PublicPermissions As %Integer = -1, Type As %Integer = -1) as %Status
This method exports Resource records to a file in xml format.
Parameters:
Filename - Output file name
NumExported (byref) - Returns number of records exported.
Resources - Comma separated list of Resources to export, "*" = All
PublicPermissions - Only export those with this type of public permissions
-1 = All
Bit 0 - Read public permission
Bit 1 - Write public permission
Bit 2 - Use public permission
Bit 9 - No public permission
Type - Internal use only, pass -1
Parameters:
Filename - Output file name
NumExported (byref) - Returns number of records exported.
Resources - Comma separated list of Resources to export, "*" = All
PublicPermissions - Only export those with this type of public permissions
-1 = All
Bit 0 - Read public permission
Bit 1 - Write public permission
Bit 2 - Use public permission
Bit 9 - No public permission
Type - Internal use only, pass -1
Get a resource's properties.
Gets a resource's properties from the security database.
Parameters:
Name - Name of the resource to get
Return values:
Properties - Array of resource properties
Properties("Description")- Description of the resource
Properties("PublicPermission") - Public permission on the resource
May be one or more of "R","W","U"
Properties("Type") - Internal use only
Gets a resource's properties from the security database.
Parameters:
Name - Name of the resource to get
Return values:
Properties - Array of resource properties
Properties("Description")- Description of the resource
Properties("PublicPermission") - Public permission on the resource
May be one or more of "R","W","U"
Properties("Type") - Internal use only
classmethod Import(FileName As %String = "ResourcesExport.xml", ByRef NumImported As %Integer, Flags As %Integer = 0) as %Status
Import Resource records from an xml file.
Parameters:
FileName - Filename to import Resource records from
NumImported (byref) - Returns number of records imported
Flags - Control import
Bit 0 - Do not import records, just return count
Note: On failure, no records will be imported
Parameters:
FileName - Filename to import Resource records from
NumImported (byref) - Returns number of records imported
Flags - Control import
Bit 0 - Do not import records, just return count
Note: On failure, no records will be imported
classmethod InUse(Name As %String, ByRef InUse As %Status, ByRef Roles As %List, ByRef Databases As %List, ByRef Applications As %List, Flags As %Integer = 0) as %Status
Checks if the resource is in use.
Checks if the resource specified is used by any role, application or database.
Parameters:
Name - Name of the resource to check.
Return values:
InUse = 0 Not used
InUse = 1 Used
Roles - $list of roles the resource is used by or null if none
Databases - $list of databases the resource is used by or null if none
Applications - $list of applications the resource is used by or null if none
Flags - Controls return values
Bit 0 - Return roles in format $lb(Role1_":"_Permission,Role2_":"_Permission)
Checks if the resource specified is used by any role, application or database.
Parameters:
Name - Name of the resource to check.
Return values:
InUse = 0 Not used
InUse = 1 Used
Roles - $list of roles the resource is used by or null if none
Databases - $list of databases the resource is used by or null if none
Applications - $list of applications the resource is used by or null if none
Flags - Controls return values
Bit 0 - Return roles in format $lb(Role1_":"_Permission,Role2_":"_Permission)
Modify a resource.
Modify an existing resource's properties in the security database.
Parameters:
Name - Name of the resource to modify
Properties - Array of properties to modify.
See the Get() method for a description of the Properties parameter.
If a specific property is not passed in the properties array, the value is not modified.
Modify an existing resource's properties in the security database.
Parameters:
Name - Name of the resource to modify
Properties - Array of properties to modify.
See the Get() method for a description of the Properties parameter.
If a specific property is not passed in the properties array, the value is not modified.
Queries
query List(Names As %String, PublicPermissions As %Integer, Type As %Integer, Flags As %Integer = 0)
Selects Name As %String, Description As %String, PublicPermission As %String, Type As %String, ResourceType As %String
List Resource types
Names - Comma separated list of resource names
"*" - All records match
"String,String1" - Any records matching one of these elements
"String*" - Any record starting with "String"
"String,String1*,String2" - Any record matching one of these elements, or starting with "String1"
PublicPermissions - Only list those with this type of public permissions
-1 = All
Bit 0 - Read public permission
Bit 1 - Write public permission
Bit 2 - Use public permission
Bit 9 - No public permission
Type - Internal use only, pass -1
Flags - 0 - Use "Startswith" as the selection on the name.
Flags - 1 - Use "Contains" as the selection on the name.
Note: This query may change in future versions
Names - Comma separated list of resource names
"*" - All records match
"String,String1" - Any records matching one of these elements
"String*" - Any record starting with "String"
"String,String1*,String2" - Any record matching one of these elements, or starting with "String1"
PublicPermissions - Only list those with this type of public permissions
-1 = All
Bit 0 - Read public permission
Bit 1 - Write public permission
Bit 2 - Use public permission
Bit 9 - No public permission
Type - Internal use only, pass -1
Flags - 0 - Use "Startswith" as the selection on the name.
Flags - 1 - Use "Contains" as the selection on the name.
Note: This query may change in future versions
Indexes
index (NameIndex on NameLowerCase) [IdKey, Type = key];
Index methods: NameIndexCheck(), NameIndexDelete(), NameIndexExists(), NameIndexOpen(), NameIndexSQLCheckUnique(), NameIndexSQLExists(), NameIndexSQLFindPKeyByConstraint(), NameIndexSQLFindRowIDByConstraint()
Inherited Members
Inherited Methods
- %%CLASSNAMELogicalToStorage()
- %%CLASSNAMEStorageToLogical()
- %AddToSaveSet()
- %AddToSyncSet()
- %BMEBuilt()
- %BuildIndicesAsync()
- %BuildIndicesAsyncResponse()
- %CheckConstraints()
- %CheckConstraintsForExtent()
- %ClassIsLatestVersion()
- %ClassName()
- %ComposeOid()
- %ConstructClone()
- %Delete()
- %DeleteExtent()
- %DeleteId()
- %DispatchClassMethod()
- %DispatchGetModified()
- %DispatchGetProperty()
- %DispatchMethod()
- %DispatchSetModified()
- %DispatchSetMultidimProperty()
- %DispatchSetProperty()
- %Exists()
- %ExistsId()
- %Extends()
- %GUID()
- %GUIDSet()
- %GetLock()
- %GetParameter()
- %GetSwizzleObject()
- %Id()
- %InsertBatch()
- %IsA()
- %IsModified()
- %IsNull()
- %KillExtent()
- %KillExtentData()
- %LoadFromMemory()
- %LockExtent()
- %LockId()
- %New()
- %NormalizeObject()
- %ObjectIsNull()
- %ObjectModified()
- %Oid()
- %OnBeforeAddToSync()
- %OnDeleteFinally()
- %OnDetermineClass()
- %OnOpenFinally()
- %OnSaveFinally()
- %Open()
- %OpenId()
- %OriginalNamespace()
- %PackageName()
- %PhysicalAddress()
- %PurgeIndices()
- %Reload()
- %RemoveFromSaveSet()
- %ResolveConcurrencyConflict()
- %RollBack()
- %Save()
- %SaveDirect()
- %SaveIndices()
- %SerializeObject()
- %SetModified()
- %SortBegin()
- %SortEnd()
- %SyncObjectIn()
- %SyncTransport()
- %UnlockExtent()
- %UnlockId()
- %ValidateIndices()
- %ValidateObject()
- %ValidateTable()
- Help()
- XMLDTD()
- XMLExport()
- XMLExportToStream()
- XMLExportToString()
- XMLNew()
- XMLSchema()
- XMLSchemaNamespace()
- XMLSchemaType()
Storage
Storage Model: Storage (Security.Resources)
^|$$$SecurityMapRolesResources|SYS("Security","ResourcesD")(ID) |
= | %%CLASSNAME
Description
Name
PublicPermission
Type
Version
|