HasAccess(Subject: ISecuritySubject; DesiredAccess: Integer): Boolean;
Subject. Security subject, which is checked for presence of permissions for particular operations on the object.
DesiredAccess. Mask that determines operations, permissions for which must be checked for the Subject security subject. It is necessary to use values of the enumeration type MetabaseObjectPredefinedRights to form mask value. This enumeration contains basic and additional operations on which permissions can be given and access audit can be led. The specific operations are available for defined classes of objects. To use specific operations depending on the object class in a mask there is a possibility to use values of the following enumerations:
CalculatedCubeSpecificRights are specific operations available for calculated cubes.
CubeLoaderSpecificRights are specific operations available for loading data in a cube.
CubeSpecificRights are specific operations available for different types of cubes.
CustomObjectSpecificRights are specific operations available for objects of custom classes.
DataBaseSpecificRights are specific operations available for repository object - Database.
DictionarySpecificRights are specific operations available for repository objects - MDM Dictionary and Composite MDM dictionary.
MDCalcSpecificRights are specific operations available for repository object - Multidimensional calculation on DB server.
ProblemSpecificRights are specific operations available for an object of modeling container - Modeling task.
ProcedureSpecificRights are specific operations available for repository object - Procedure.
ScenarioDimensionSpecificRights are specific operations available for the repository object - Modeling Scenario.
TableSpecificRights are specific operations available for the following repository objects - Table, View, Log, External table.
ValidationSpecificRights are specific operations available for repository object - Validation rule and Validation group.
The HasAccess method checks and indicates whether the security subject has rights to perform the specified operations on current object.
The method returns True if the Subject security subject can perform all operations specified in the DesiredAccess mask.
Executing the example requires that the repository contains an object with the Obj_1 identifier.There is the TestUser user among the security subjects that were created in the security manager of the current repository.
Sub UserProc;
Var
MB: IMetabase;
MDesc: IMetabaseObjectDescriptor;
SecDesc: ISecurityDescriptor;
Subj: ISecuritySubject;
b: Boolean;
Begin
MB := MetabaseClass.Active;
Subj := MB.Security.ResolveName("TestUser");
MDesc := MB.ItemById("Obj_1");
SecDesc := MDesc.SecurityDescriptor;
b := SecDesc.HasAccess(Subj, MetabaseObjectPredefinedRights.Delete);
End Sub UserProc;
After executing this example the "b" variable determines whether TestUser user could remove the specified object.
See also: