This service checks if a session has particular permissions for protected entity operations. More...
#include <IAuthorizationInfoService.hpp>
Public Types | |
| using | Ptr = std::shared_ptr< IAuthorizationInfoService > |
 Public Types inherited from Arp::Base::Rsc::Commons::IRscService | |
| using | Ptr = std::shared_ptr< IRscService > |
| The shared_ptr type of IRscService. | |
Public Member Functions | |
| IAuthorizationInfoService (void)=default | |
| Constructs an IAuthorizationInfoService instance. | |
| virtual boolean | HasPermissionFor (const RscString< 512 > &entity, Operation operation, SecurityToken securityToken)=0 |
| Checks if the specified session has permission to execute particular entity operations, e.g. calling Rsc service operations, accessing files, reading data. Note: This method must not be called remotely via the RSC-Gateway and will throw an exception if attempted. More... | |
| Public Member Functions inherited from Arp::Base::Rsc::Commons::IRscService | |
| IRscService (void)=default | |
| The default constructor. | |
| IRscService (const IRscService &arg)=delete | |
| The deleted copy constructor. More... | |
| IRscService (IRscService &&arg) noexcept=default | |
| The default move constructor. More... | |
| IRscService & | operator= (const IRscService &arg)=delete |
| The deleted assignment operator. More... | |
| IRscService & | operator= (IRscService &&arg) noexcept=default |
| The default move-assignment operator. More... | |
| virtual | ~IRscService (void)=default |
| Destructs this instance and frees all resources. | |
Static Public Member Functions | |
| static IRscServiceProxyFactory & | GetProxyFactory (void) |
| Static Public Member Functions inherited from Arp::Base::Rsc::Commons::IRscService | |
| static IRscServiceProxyFactory & | GetProxyFactory (void) |
| Returns a reference to service proxy factory to create a proxy instance of this service. More... | |
Detailed Description
This service checks if a session has particular permissions for protected entity operations.
This service is only usable from the SDK for other processes running on the same PLC; it is not intended for remote (client) use over the RSC-Gateway.
All code snippets are written for C++ usage.
This service is defined in library Arp.System.Um.
Realtime Usage: This API call does not have to be deterministic in runtime behaviour, so an asynchronous execution should be considered.
Member Function Documentation
◆ HasPermissionFor()
|
pure virtual |
Checks if the specified session has permission to execute particular entity operations, e.g. calling Rsc service operations, accessing files, reading data. Note: This method must not be called remotely via the RSC-Gateway and will throw an exception if attempted.
The example below checks permission for a user on an non-existant(!) service.
The Securitytoken to check on is initialized by logging in as the user themselves (ex. Arp.System.Um.Services.IPasswordAuthenticationService)
or by converting the user's session to a SecurityToken Arp.System.Um.Services.ISessionService. Checking for users permissions on SecurityToken userToken = ... //see summary IAuthorizationInfoService authorizationInfoService = ... // subscribe to service auto userCanAccessService = authorizationInfoService.HasPermissionFor("arp.rsc.gateway/Arp/Arp.System.Um.Services.ITestService/GetTestData", Operation::Call, userToken);
- Parameters
-
entity The protected entity to check the permission for, e.g. Rsc service operations, files, Gds data points. See default permission-config file on a target for examples. operation The operation to be executed on the entity.
The operation to be executed on the entity, like Arp.System.Um.Services.Operation.Call to invoke Rsc services or Arp.System.Um.Services.Operation.ReadValue to read values of Gds data points. All values of this enum can be found at Arp.System.Um.Services.Operation.
- Parameters
-
securityToken The security token of the session to check the permission for, which has been obtained through Arp.System.Um.Services.IPasswordAuthenticationService
- Returns
trueif the access is granted, otherwisefalse.
The documentation for this class was generated from the following file:
- Arp/System/Um/Services/IAuthorizationInfoService.hpp
