$FlsAcc: Difference between revisions
m (link repair) |
|||
Line 1: | Line 1: | ||
<p>The $ | <p> | ||
<p>$ | The <var>$FlsAcc</var> function, combined with the $<var>$FlsChk</var> function, allows a SOUL request to check for field-level security access violations before they occur. This reduces evaluation-time errors and request cancellations, and it helps to ensure that the files being updated are not left in a logically inconsistent state ([[Using variables and values in computation#Resolution of field types and levels|Resolution of field types and levels]]). </p> | ||
<p> | |||
$<var>$FlsAcc</var> can determine a user's access rights to a particular field or to all fields in a file or group. The function returns a character string representing the user's access rights to the specified field(s). If the field is not defined in the file or group, a null string is returned. The string normally contains a combination of the characters listed in this table: </p> | |||
<table> | <table> | ||
<tr class="head"> | <tr class="head"> | ||
Line 10: | Line 12: | ||
<td>SELECT access rights</td> | <td>SELECT access rights</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td> R</td> | <td> R</td> | ||
<td>READ access rights</td> | <td>READ access rights</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td> U</td> | <td> U</td> | ||
<td>UPDATE access rights</td> | <td>UPDATE access rights</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td> A</td> | <td> A</td> | ||
Line 23: | Line 28: | ||
</tr> | </tr> | ||
</table> | </table> | ||
<p>The format of the $ | ==Syntax== | ||
<p class=" | <p> | ||
The format of the <var>$FlsAcc</var> function is:</p> | |||
<p class="syntax">$Flsacc (<span class="term">fieldname</span> <span class="squareb">[</span>,<span class="term">name</span><span class="squareb">]</span>) | |||
</p> | </p> | ||
<p> | <p> | ||
Where:</p> | |||
<ul> | <ul> | ||
<li>fieldname is a character string that is interpreted as the name of the field whose access is being checked. | <li><var class="term">fieldname</var> is a character string that is interpreted as the name of the field whose access is being checked. | ||
<p>If this argument is omitted or null, every field in the file or group specified in the name argument is checked. In this case, the output string returned by $ | <p>If this argument is omitted or null, every field in the file or group specified in the name argument is checked. In this case, the output string returned by <var>$FlsAcc</var> contains an access indication (S, R, U, A) only if that level of access applies to every field in the file or group. This use of <var>$FlsAcc</var> is costly system overhead because all field descriptions must be examined.</p> | ||
</li> | </li> | ||
<li>name is optional; use it to control the file or group context of the function. The format for this argument is: | <li><var class="term">name</var> is optional; use it to control the file or group context of the function. The format for this argument is: | ||
<p class=" | <p class="syntax">[[FILE | [PERM | TEMP] GROUP] <span class="term">name</span> [AT <span class="term">location</span>] | ||
| $CURFILE | $UPDATE] | | $CURFILE | $UPDATE] | ||
</p> | </p> | ||
<p>If access for the current file of a FOR loop is desired, $ | <p>If access for the current file of a FOR loop is desired, $Curfile can be used as the second argument. $Update can be used to indicate the name of the update file in the current group. $Curfile and $Update are described in detail in [[Files, groups, and reference context#$Curfile and $Update functions|$Curfile and $Update functions]]. For single file context, the field level security access rights are well defined. If a field name is specified in group context, <var>$FlsAcc</var> returns the maximum access rights for the group. If the name argument is omitted or null, the context used for the check is the context of the statement that contains the function. </p> | ||
</li> | </li> | ||
</ul> | </ul> | ||
[[Category:SOUL $functions]] | [[Category:SOUL $functions]] |
Revision as of 22:23, 13 May 2015
The $FlsAcc function, combined with the $$FlsChk function, allows a SOUL request to check for field-level security access violations before they occur. This reduces evaluation-time errors and request cancellations, and it helps to ensure that the files being updated are not left in a logically inconsistent state (Resolution of field types and levels).
$$FlsAcc can determine a user's access rights to a particular field or to all fields in a file or group. The function returns a character string representing the user's access rights to the specified field(s). If the field is not defined in the file or group, a null string is returned. The string normally contains a combination of the characters listed in this table:
Character | Meaning |
---|---|
S | SELECT access rights |
R | READ access rights |
U | UPDATE access rights |
A | ADD access rights |
Syntax
The format of the $FlsAcc function is:
$Flsacc (fieldname [,name])
Where:
- fieldname is a character string that is interpreted as the name of the field whose access is being checked.
If this argument is omitted or null, every field in the file or group specified in the name argument is checked. In this case, the output string returned by $FlsAcc contains an access indication (S, R, U, A) only if that level of access applies to every field in the file or group. This use of $FlsAcc is costly system overhead because all field descriptions must be examined.
- name is optional; use it to control the file or group context of the function. The format for this argument is:
[[FILE | [PERM | TEMP] GROUP] name [AT location] | $CURFILE | $UPDATE]
If access for the current file of a FOR loop is desired, $Curfile can be used as the second argument. $Update can be used to indicate the name of the update file in the current group. $Curfile and $Update are described in detail in $Curfile and $Update functions. For single file context, the field level security access rights are well defined. If a field name is specified in group context, $FlsAcc returns the maximum access rights for the group. If the name argument is omitted or null, the context used for the check is the context of the statement that contains the function.