IMetabaseObjectDescriptor.CheckAndAuditOperation

Syntax

CheckAndAuditOperation(Operation: Integer; Comment: String; State: MetabaseObjectAuditOperationState): Decimal;

Parameters

Operation. Mask of the checked/recorded operations, the availability of rights to which it is necessary to check for the current user. To create a mask value, it is necessary to use the MetabaseObjectPredefinedRights enumeration values. This enumeration contains basic and additional operations on which permissions can be given and access audit can be led. The specific operations are available for defined classes of objects. To use specific operations depending on the object class in a mask there is a possibility to use values of the following enumerations:

Comment. The comment that is entered in the access protocol

State. Variant of operation auditing.

Description

The CheckAndAuditOperation method checks the access permissions of the current user for the specified operations and traces the result in accordance with the chosen variant of the audit.

Comments

If the current user does not have rights even to one of the checked operations or the variant of auditing that bans execution of the operation (ForceDeny, ForceDenyAndAudit) was chosen, the exception condition will be generated. Depending on the present settings of scheme auditing and on chosen variant of auditing of the checked operation (State), a record with failed result can be added to access protocol.

The method returns unique key of the record which is written in the access protocol.

If it is necessary to check access permissions for custom class operation, use the IMetabaseCustomObject.CheckAndAuditOperation method.

Example

Executing the example requires a form with the Button1 button. There is a regular report with the Report_11 identifier in the repository.

Add links to the Metabase, Ui system assemblies.

Sub Button1OnClick(Sender: Object; Args: IMouseEventArgs);
Var
    MB: IMetabase;
    MObj: IMetabaseObjectDescriptor;
Begin
    MB := MetabaseClass.Active;
    MObj := MB.ItemById(
"Report_11");
    
Try
        MObj.CheckAndAuditOperation(MetabaseObjectPredefinedRights.Write 
Or
        MetabaseObjectPredefinedRights.Print,
        
"Check user permissions" ,
        MetabaseObjectAuditOperationState.ForceDeny);
    
Except
    
On E: Exception Do
    WinApplication.InformationBox(E.message);
    
End Try;
End Sub Button1OnClick;

After executing the example the exception condition is generated (the user does not have enough rights to perform operation). A record with failed result is added to the access protocol, if the auditing for the type of checked object was activated in the settings of scheme auditing.

See also:

IMetabaseObjectDescriptor