CheckAndAuditOperation(Operation: Integer; Comment: String; State: MetabaseObjectAuditOperationState): Decimal;
Operation. Mask of the checked/recorded operations, the availability of rights to which it is necessary to check for the current user. It is necessary to use a value of the MetabaseObjectPredefinedRights enumeration to form a value of the mask. This enumeration contains basic and additional operations on which permissions can be given and access audit can be led. The specific operations are available for defined classes of objects. To use specific operations depending on the object class in a mask there is a possibility to use values of the following enumerations:
CalculatedCubeSpecificRights are specific operations available for calculated cubes.
CubeLoaderSpecificRights are specific operations available for loading data in a cube.
CubeSpecificRights are specific operations available for different types of cubes.
CustomObjectSpecificRights are specific operations available for objects of custom classes.
DataBaseSpecificRights are specific operations available for repository object - Database.
DictionarySpecificRights are specific operations available for repository objects - MDM Dictionary and Composite MDM dictionary.
MDCalcSpecificRights are specific operations available for repository object - Multidimensional calculation on DB server.
ProblemSpecificRights are specific operations available for an object of modeling container - Modeling task.
ProcedureSpecificRights are specific operations available for repository object - Procedure.
TableSpecificRights are specific operations available for the following repository objects - Table, View, Log, External table.
ValidationSpecificRights are specific operations available for repository object - Validation rule and Validation group.
Comment. The comment that is entered in the access protocol.
State. Variant of operation auditing.
The CheckAndAuditOperation method checks the access permissions of the current user for the specified operations and traces the result in accordance with the chosen variant of the audit.
If the current user does not have rights even to one of the checked operations or the variant of auditing that bans execution of the operation (ForceDeny, ForceDenyAndAudit) was chosen, the exception condition will be generated. Depending on the present settings of scheme auditing and on chosen variant of auditing of the checked operation (State), a record with failed result can be added to access protocol.
The method returns unique key of the record which is written in the access protocol.
If it is necessary to check access permissions for custom class operation, use the IMetabaseCustomObject.CheckAndAuditOperation method.
Executing the example requires that the repository contains an object with the Report identifier.
Sub UserProc;
Var
MB: IMetabase;
MObj: IMetabaseObjectDescriptor;
Begin
MB := MetabaseClass.Active;
MObj := MB.ItemById("Report");
Try
MObj.CheckAndAuditOperation(MetabaseObjectPredefinedRights.Write Or
MetabaseObjectPredefinedRights.Print,
"Check of user rights",
MetabaseObjectAuditOperationState.ForceDeny);
Except
On E: Exception Do
WinApplication.InformationBox(E.message);
End Try;
End Sub UserProc;
After executing this example the exception condition is generated (the user does not have enough rights to perform operation). A record with failed result is added to the access protocol, if the auditing for the type of checked object was activated in the settings of scheme auditing.
See also: