Unknown macro: {next_previous_links}
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

The permission API exposes a number of methods to analyze the access rights of a given suer. These methods assist extension developers to secure their resources. The ES extension model supports the following permission API's:

Methods nameDescriptionExample
hasAssetPermission
This method is used to check specific asset type permissions.
  • hasAssetPermission(‘ASSET_CREATE’,’gadget’,session);
  • hasAssetPermission(‘ASSET_CREATE’,’gadget’,tenantId,username);

By default hasAssetPermission method is executed taking into account the currently logged in users session
and tenantId. If you wish to check the asset type permission of another user, you need to define the tenantId and username of the specific user.

hasAppPermission

This method is used to check permissions which are independent of the asset type.

Example:

Verify if you have permission to access the My Items page.

  • hasAppPermission(‘APP_MYITEMS’,session);
  • hasAppPermission(‘APP_MYITEMS’,tenantId,username);

By default hasAppPermission method is executed taking into account the currently logged in users session
and tenantId. If you wish to check the permission for independent asset types of another user, you need to
define the tenantId and username of the specific user.

hasAssetPagePermission
This method is used to check the access permissions of a user for an asset specific page.hasAssetPagePermission(‘gadget’,‘list’,tenantId,username);
hasAssetAPIPermission
This method is used to check access permissions of a user for an application specific page.hasAssetAPIPermission(‘gadget’,‘assets’,tenantId,username);
hasAppAPIPermission
This method is used to check access permissions of a user for an asset specific API.hasAppAPIPermission(‘asset’,tenantId,username);
  • No labels