Index

DKAccessControlDL

Purpose:

The DKAccessControlDL class is a subclass of dkAccessControl. This class is the concrete implementation of the dkAccessControl for access control provided in Content Manager Version 7 and earlier.

Class summary:

class DKAccessControlDL : public dkAccessControl
{
  public:
    DKAccessControlDL(DKDatastoreDL * ds);
    ~DKAccessControlDL();
 
    void addAccessControlList(const char * acl_name, 
                              const char * description, 
                              dkCollection * access_data);
    void updateAccessControlList(const char * acl_name, 
                                 const char * description, 
                                 dkCollection * access_data);                                 
    void deleteAccessControlList(const char * acl_name);
 
    dkCollection * listAccessControlLists();
    DKAccessControlListDL * listAccessControlList(const char * acl_name);
 
    DKString getItemACL(const char * itemID);
    void setItemACL(const char * itemID, const char * acl_name);
 
    dkCollection * listPrivileges();
    DKString listPrivilege(const char * user_name);
    dkCollection * listUsers();
    dkCollection * listUsers(const char * group_name);
    dkCollection * listGroups();
    dkCollection * listGroups(const char * user_name);
    DKString listPrivilegeString(const char * privilege_name);
    DKBoolean isAuthorized(const char * privilege_string, long authority);
    DKBoolean isAccessControlList(const char * acl_name);
    DKBoolean isPrivilege(const char * privilege_name);
    DKBoolean isUser(const char * user_name);
    DKBoolean isGroup(const char * group_name);
};

Members:

Constructors and destructor
The DKAccessControlDL constructor has a parameter that is a pointer to a DL datastore requesting for access control functions.
DKAccessControlDL(DKDatastoreDL * ds);
~DKAccessControlDL();

Member functions

addAccessControlList
Adds an access control list into the system. acl_name specifies the name of access control list. description provides the textual information of the access control list. access_data specifies the access data entries of the access control list. Each access data entry is an object of DKAccessDataDL, which is defined below.
void addAccessControlList(const char * acl_name, 
const char * description, 
dkCollection * access_data);

updateAccessControlList
Updates an access control list in the system. acl_name specifies the name of access control list. description provides the textual information of the access control list. access_data specifies the access data entries of the access control list. Each access data entry is an object of DKAccessDataDL, which is defined below.
void updateAccessControlList(const char * acl_name, 
const char * description, 
dkCollection * access_data);

deleteAccessControlList
Deletes an access control list in the system. acl_name specifies the name of access control list.
void deleteAccessControlList(const char * acl_name);

listAccessControlLists
Returns a collection of DKAccessControlListDL objects defined in the system.
dkCollection * listAccessControlLists();

listAccessControlList
Returns a DKAccessControlListDL object with the specified name.
DKAccessControlListDL * listAccessControlList(const char *                                           acl_name);

getItemACL
Returns the name of access control list of the specified item ID.
DKString getItemACL(const char * itemID);

setItemACL
Associates an access control list with the specified item ID.
void setItemACL(const char * itemID, const char * acl_name);

listPrivileges
Returns a collection of DKString objects containing the name of privilege sets defined in the system.
dkCollection * listPrivileges();

listPrivilege
Returns the privilege name of the specified user.
DKString listPrivilege(const char * user_name);

listUsers
The first form returns a collection of DKString objects containing the name of users defined in the system. The second form returns a collection of DKString objects containing the name of users defined in a group.
dkCollection * listUsers();
dkCollection * listUsers(const char * group_name);

listGroups
The first form returns a collection of DKString objects containing the name of groups defined in the system. The second form returns a collection of DKString objects containing the name of groups that the specified user is part of.
dkCollection * listGroups();
dkCollection * listGroups(const char * user_name);

listPrivilegeString
Returns TRUE if the specified authority is granted in the privilege string.
DKBoolean isAuthorized(const char * privilege_string, long authority);

isAuthorized
Returns TRUE if the specified authority is granted in the privilege string.
DKBoolean isAuthorized(const char * privilege_string, long authority);

isAccessControlList
Returns TRUE if the specified name is a valid access control list.
DKBoolean isAccessControlList(const char * acl_name);

isPrivilege
Returns TRUE if the specified name is a valid privilege.

DKBoolean isPrivilege(const char * privilege_name);

isUser
Returns TRUE if the specified name is a valid user.
DKBoolean isUser(const char * user_name);

isGroup
Returns TRUE if the specified name is a valid group.
DKBoolean isGroup(const char * group_name);

(c) Copyright International Business Machines Corporation 1996, 2003. IBM Corp. All rights reserved.