The
Permission data object associates
the privileges required to perform an action on an object with the principals
(user, group). Principals have privileges through their role. To set or update
permissions on an object, use the
AuthorizationManager.SetEntityPermissions
method.
To set permissions on an entity, use the
following steps.
Procedure
-
Obtain a reference to the
AuthorizationManager for the
server from the
ServiceContent object
associated with the
ServiceInstance. For
example:
ManagedObjectReference hostAuthorizationManager = service.getAuthorizationManager();
-
Create a
Permission data object that
identifies the user (or group) name, the role, the entity to which the
permission should apply, and whether the permission should be applied to the
entity’s children.
For example, the following code fragment
creates a permission on the root folder of the inventory granting a user
Administrator role to the root folder and all its children.
Permission per = new Permission();
per.setGroup(false);
per.setPrincipal(“new_user_name”);
per.setRoleId(-1);
per.setPropagate(true);
per.setEntity(rootFolder);
Permissions cannot be set directly on
children in a complex entity. For complex entities, set permissions on the
parent entity and set the
propagate flag to true to
apply permissions to the child entities.
To replace existing permissions with a new
set of permissions, use the
AuthorizationManager.ResetEntityPermissions
method.