cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - When posting, your subject should be specific and summarize your question. Here are some additional tips on asking a great question. X

List a User's, Group's, or Org's Permissions

EM_9923519
13-Aquamarine

List a User's, Group's, or Org's Permissions

Hello, Is there a way to get that information programmatically, if so, could you please share sample script?

ACCEPTED SOLUTION

Accepted Solutions
yhan
17-Peridot
(To:EM_9923519)

General configuration idea is -- 1. Use the GetEntityList service of EntityServices resource. It will return a list of entities the user has visibility to; 2. Create a datashape that is used for listing the result of permission; 3. Use the CheckPermissionForUser service of the SecurityService resource. Then sort out the query result to an infotable with the defined datashape.

Take an example of listing user's permission:

 

var entities = Resources["EntityServices"].GetEntityList({
	maxItems: undefined /* NUMBER */,
	nameMask: "*Thing" /* STRING */,
	type: "Thing" /* STRING */,
	tags: undefined /* TAGS */
});
// CreateInfoTableFromDataShape(infoTableName:STRING("InfoTable"), dataShapeName:STRING):INFOTABLE(CheckPermissionDataShape)
var result = Resources["InfoTableFunctions"].CreateInfoTableFromDataShape({
    infoTableName: "InfoTable",
    dataShapeName: "CheckPermissionDataShape"
});

var row = new Object();
for (var i=0;i<entities.length;i++){
 row.user=UserName;
 row.entity=entities[i].name;
 row.PropertyRead = Resources["SecurityServices"].CheckPermissionForUser({
	name: entities[i].name /* STRING */,
	type: "PropertyRead" /* STRING */,
	user: UserName /* USERNAME */
	});
 row.PropertyWrite = Resources["SecurityServices"].CheckPermissionForUser({
	name: entities[i].name /* STRING */,
	type: "PropertyWrite" /* STRING */,
	user: UserName /* USERNAME */
	});
 row.serviceInvoke = Resources["SecurityServices"].CheckPermissionForUser({
	name: entities[i].name /* STRING */,
	type: "ServiceInvoke" /* STRING */,
	user: UserName /* USERNAME */
	});
 row.EventInvoke = Resources["SecurityServices"].CheckPermissionForUser({
	name: entities[i].name /* STRING */,
	type: "EventInvoke" /* STRING */,
	user: UserName /* USERNAME */
	});
 row.EventSubscribe = Resources["SecurityServices"].CheckPermissionForUser({
	name: entities[i].name /* STRING */,
	type: "EventInvoke" /* STRING */,
	user: UserName /* USERNAME */
	});
  result.AddRow(row);
}

 

The result looks like below:

6-9-2021 11-21-25 AM.jpg

View solution in original post

3 REPLIES 3
yhan
17-Peridot
(To:EM_9923519)

General configuration idea is -- 1. Use the GetEntityList service of EntityServices resource. It will return a list of entities the user has visibility to; 2. Create a datashape that is used for listing the result of permission; 3. Use the CheckPermissionForUser service of the SecurityService resource. Then sort out the query result to an infotable with the defined datashape.

Take an example of listing user's permission:

 

var entities = Resources["EntityServices"].GetEntityList({
	maxItems: undefined /* NUMBER */,
	nameMask: "*Thing" /* STRING */,
	type: "Thing" /* STRING */,
	tags: undefined /* TAGS */
});
// CreateInfoTableFromDataShape(infoTableName:STRING("InfoTable"), dataShapeName:STRING):INFOTABLE(CheckPermissionDataShape)
var result = Resources["InfoTableFunctions"].CreateInfoTableFromDataShape({
    infoTableName: "InfoTable",
    dataShapeName: "CheckPermissionDataShape"
});

var row = new Object();
for (var i=0;i<entities.length;i++){
 row.user=UserName;
 row.entity=entities[i].name;
 row.PropertyRead = Resources["SecurityServices"].CheckPermissionForUser({
	name: entities[i].name /* STRING */,
	type: "PropertyRead" /* STRING */,
	user: UserName /* USERNAME */
	});
 row.PropertyWrite = Resources["SecurityServices"].CheckPermissionForUser({
	name: entities[i].name /* STRING */,
	type: "PropertyWrite" /* STRING */,
	user: UserName /* USERNAME */
	});
 row.serviceInvoke = Resources["SecurityServices"].CheckPermissionForUser({
	name: entities[i].name /* STRING */,
	type: "ServiceInvoke" /* STRING */,
	user: UserName /* USERNAME */
	});
 row.EventInvoke = Resources["SecurityServices"].CheckPermissionForUser({
	name: entities[i].name /* STRING */,
	type: "EventInvoke" /* STRING */,
	user: UserName /* USERNAME */
	});
 row.EventSubscribe = Resources["SecurityServices"].CheckPermissionForUser({
	name: entities[i].name /* STRING */,
	type: "EventInvoke" /* STRING */,
	user: UserName /* USERNAME */
	});
  result.AddRow(row);
}

 

The result looks like below:

6-9-2021 11-21-25 AM.jpg

abjain
15-Moonstone
(To:yhan)

@EM_9923519 : If the previous response answered your question, please mark it as the Accepted Solution for the benefit of others with the same question.

EM_9923519
13-Aquamarine
(To:yhan)

When using the code you share I get this error message

 

Error executing service myService. Message :: Type not found: [CheckPermissionDataShape] - See Script Error Log for more details.

 

Do I need to create this CheckPermissionDataShape? Is there a way to get the result as a plain infotable?

Announcements


Top Tags