HasAccess(Subject: ISecuritySubject; DesiredAccess: Integer): Boolean;
Subject. Security subject, which is checked for presence of permissions for particular operations with the object.
DesiredAccess. Mask that determines operations, permissions for which must be checked for the Subject security subject. It is necessary to use values of the MetabaseObjectPredefinedRights enumeration type to form mask value. This enumeration contains basic and additional operations, on which permissions can be given and access auditing can be executed. The specific operations are available for defined object classes. To use specific operations depending on the object class in a mask there is a possibility to use values of the following enumerations:
CalculatedCubeSpecificRights - specific operations available for calculated cubes.
CubeLoaderSpecificRights - specific operations available for cube data loader.
CubeSpecificRights - specific operations available for various types of cubes.
CustomObjectSpecificRights - specific operations available for custom class objects.
DataBaseSpecificRights - specific operations available for the Database repository object.
DictionarySpecificRights - specific operations available for the MDM Dictionary and Composite MDM Dictionary repository objects.
MDCalcSpecificRights - specific operations available for the Multidimensional Calculation on DB Server repository object.
ProblemSpecificRights - specific operations available for the Modeling Problem modeling container object.
ProcedureSpecificRights - specific operations available for the Procedure repository object.
ScenarioDimensionSpecificRights - specific operations available for the Modeling Scenario repository object.
TableSpecificRights - specific operations available for the following repository objects: Table, View, Log, External Table.
ValidationSpecificRights - specific operations available for the Validation Rule and Validation Group repository object.
The HasAccess method checks and returns whether the security subject has permissions to execute the specified operations with the current object.
The method returns True if the Subject security subject can execute all operations specified in the DesiredAccess mask.
Executing the example requires that the repository contains an object with the Obj_1 identifier. There is the TestUser user among the security subjects that were created in the security manager of the current repository.
Sub UserProc;
Var
MB: IMetabase;
MDesc: IMetabaseObjectDescriptor;
SecDesc: ISecurityDescriptor;
Subj: ISecuritySubject;
b: Boolean;
Begin
MB := MetabaseClass.Active;
Subj := MB.Security.ResolveName("TestUser");
MDesc := MB.ItemById("Obj_1");
SecDesc := MDesc.SecurityDescriptor;
b := SecDesc.HasAccess(Subj, MetabaseObjectPredefinedRights.Delete);
End Sub UserProc;
After executing the example the "b" variable determines whether the TestUser user can remove the specified object.
See also: