Report Access Rights on All Items
This script loops through all Items ( Projects, Folders, and Modules ) below the current folder or project, and reports on Access Rights. It does not attempt to open Modules and get any Access Right information from inside the Modules. You can add your own checks for the specific Access Rights you are looking for, and update the output of the script accordingly. Output is to the DXL interaction window.
Find permissions on an item for a user
This function allows you to find the permissions a particular user has on an item. The function takes an Item handle and a user name as parameters and return the permissions that the user has on the item. This includes permissions the user has through inherited access, group membership etc. The function does not support groups.
The permissions on an item can be specific or inherited. A user can be granted permissions in the following ways:
1. Explicitly. i.e. the user name appears on the access tab of the item properties. If this is the case then the user does not get any extra access rights through group membership.
2. By group membership. The user gets a superset of all permissions from the groups they are a member of.
3. Default. If the user has no explicit permissions and no permissions via group membership, then they get whatever is set for “Everyone Else”.
The following is an example of using this function. This example also makes use of a simple function stringOf(Permission) which allows you to print the results.
Item i = item(fullName(current Module)) Permission perm = getPermissions(i, "fredbrooks") print stringOf(perm)
View getPermissions() function.
View stringOf(Permission) function.
Set Access Inherited for all Items
This simple script allows you to set the access rights to inherited for all items below the current folder. This may be useful if you wish to reset access rights for the items in an imported project. This script sets access rights at the item (Project, Folder, Module) level. It does not open modules and set access on objects.
hasPermission
The hasPermission() perm is documented for use with electronic signatures, but there are other variants for checking a user’s access on items, views and attributes, that are not documented. Here is a list of these undocumented perms.
// In each case, the first parameter is the user name. // The third parameter is the permission you are checking for. // This can one of the following: // none // read // modify // create // delete // control (called admin in the GUI) bool hasPermission(string, Group, Permission) bool hasPermission(string, View, Permission) bool hasPermission(string, Object, Permission) bool hasPermission(string, ModName_, Permission) bool hasPermission(string, Module, Permission) bool hasPermission(string, Folder, Permission) bool hasPermission(string, Project, Permission) bool hasPermission(string, Item, Permission) // You can check for permissions on attribute values and definitions // using the following: bool hasValPermission(string, AttrDef, Permission) bool hasDefPermission(string, AttrDef, Permission)