IRISLIB database
Static Public Member Functions | Static Private Member Functions | List of all members
Utils Class Reference

APIs used by the System Management Portal. More...

Inheritance diagram for Utils:
Inheritance graph
[legend]
Collaboration diagram for Utils:
Collaboration graph
[legend]

Static Public Member Functions

_.Library.Boolean AllowDirectory (_.Library.String dir)
 This method will allow the given directory (and its descendants) to be visible. More...
 
_.Library.Integer CheckLinkAccess (_.Library.String link)
 CheckLinkAccess determines whether the target user is permitted. More...
 
 ClearDirectories ()
 This method will clear the set of directories that are visible by the. More...
 
_.Library.Boolean GetAllowedDirectories (dirs)
 This method will retrieve the set of root directories that are visible. More...
 
 RemoveDirectory (_.Library.String dir)
 This method will remove the given directory from the set of root directories that. More...
 
_.Library.Boolean RestrictDirectories (_.Library.Boolean flag)
 If flag is true then the <Class>ZEN.Dialog.fileSelect</Class> page will only. More...
 

Static Private Member Functions

_.Library.Status AddFavorite (_.Library.String pName, _.Library.String pLink)
 Add item to favorites list.
 
_.Library.Boolean CheckCustomResource (_.Library.String pURL)
 Check the custom resource (if any) assigned to a given URL. More...
 
_.Library.Status ClearFavoriteItems (_.Library.String pUser)
 Delete favorite item list for given user. More...
 
_.Library.Status ClearRecentItems (_.Library.String pUser)
 Delete recent item list for given user. More...
 
_.Library.String GetCustomResource (_.Library.String pID)
 Get the custom resource assigned to a given id (url). More...
 
_.Library.Status GetCustomResourceList (_.Library.String pList)
 Return a list of all currently used custom resource names.
 
_.Library.Status GetFavoritesForUser (pFavorites)
 Return the current favorites list for the current user: More...
 
_.Library.Status GetNamespaceList (_.Library.String pNamespaces)
 Get a list of namespaces which the current user may access. More...
 
_.Library.Status GetRecentItemsForUser (pItems)
 Return the recent items list for the current user:
More...
 
_.Library.Boolean IsAutoRefreshEnabled ()
 Helper method to indicate whether pages in the management portal are allowed to perform. More...
 
_.Library.Status RegisterRecentItem (_.Library.String pName, _.Library.String pURL)
 Add this item to the recent item list.
 
_.Library.Status RemoveFavoriteItem (_.Library.String pName)
 Delete a favorite item for the current user.
 
_.Library.Status RemoveRecentItem (_.Library.String pName)
 Delete a recent item for the current user.
 
_.Library.Status SetCustomResource (_.Library.String pID, _.Library.String pResource)
 Set the custom resource assigned to a given id (url). More...
 

Additional Inherited Members

- Public Member Functions inherited from RegisteredObject
_.Library.Status OnAddToSaveSet (_.Library.Integer depth, _.Library.Integer insert, _.Library.Integer callcount)
 This callback method is invoked when the current object is added to the SaveSet,. More...
 
_.Library.Status OnClose ()
 This callback method is invoked by the <METHOD>Close</METHOD> method to. More...
 
_.Library.Status OnConstructClone (_.Library.RegisteredObject object, _.Library.Boolean deep, _.Library.String cloned)
 This callback method is invoked by the <METHOD>ConstructClone</METHOD> method to. More...
 
_.Library.Status OnNew ()
 This callback method is invoked by the <METHOD>New</METHOD> method to. More...
 
_.Library.Status OnValidateObject ()
 This callback method is invoked by the <METHOD>ValidateObject</METHOD> method to. More...
 
- Static Public Attributes inherited from RegisteredObject
 CAPTION = None
 Optional name used by the Form Wizard for a class when generating forms. More...
 
 JAVATYPE = None
 The Java type to be used when exported.
 
 PROPERTYVALIDATION = None
 This parameter controls the default validation behavior for the object. More...
 

Detailed Description

APIs used by the System Management Portal.

Member Function Documentation

◆ CheckCustomResource()

_.Library.Boolean CheckCustomResource ( _.Library.String  pURL)
staticprivate

Check the custom resource (if any) assigned to a given URL.

Note that pURL should be URL-encoded.

◆ ClearFavoriteItems()

_.Library.Status ClearFavoriteItems ( _.Library.String  pUser)
staticprivate

Delete favorite item list for given user.

If user is not specified, delete all items.

◆ ClearRecentItems()

_.Library.Status ClearRecentItems ( _.Library.String  pUser)
staticprivate

Delete recent item list for given user.

If user is not specified, delete all items.

◆ GetCustomResource()

_.Library.String GetCustomResource ( _.Library.String  pID)
staticprivate

Get the custom resource assigned to a given id (url).

Note that pID should be URL-encoded.

◆ GetFavoritesForUser()

_.Library.Status GetFavoritesForUser (   pFavorites)
staticprivate

Return the current favorites list for the current user:

pItems(n) = $LB(name,date,url)

◆ GetNamespaceList()

_.Library.Status GetNamespaceList ( _.Library.String  pNamespaces)
staticprivate

Get a list of namespaces which the current user may access.

pNamespaces is returned as an array with the following structure: pNamespaces("NAMESPACE") = $lb(enabled,remote)

◆ GetRecentItemsForUser()

_.Library.Status GetRecentItemsForUser (   pItems)
staticprivate

Return the recent items list for the current user:

pItems(n) = $LB(name,date,url)
These are reset on system restart.

◆ IsAutoRefreshEnabled()

_.Library.Boolean IsAutoRefreshEnabled ( )
staticprivate

Helper method to indicate whether pages in the management portal are allowed to perform.

automatic refreshes that poll the server.

◆ SetCustomResource()

_.Library.Status SetCustomResource ( _.Library.String  pID,
_.Library.String  pResource 
)
staticprivate

Set the custom resource assigned to a given id (url).

Note that pID should be URL-encoded.

◆ AllowDirectory()

_.Library.Boolean AllowDirectory ( _.Library.String  dir)
static

This method will allow the given directory (and its descendants) to be visible.

by the <Class>ZEN.Dialog.fileSelect</Class> page. If the set of directories was previously unrestricted, and if the restriction was not explicitly disabled by calling <Method>RestrictDirectories</Method> then only this directory and its descendants will be visible. If the specified directory is invalid or does not exist, this method will return 0 (false), and no change is made.

◆ CheckLinkAccess()

_.Library.Integer CheckLinkAccess ( _.Library.String  link)
static

CheckLinkAccess determines whether the target user is permitted.

to view a given CSP or Zen page based on the security requirements for the relevant target Web application, the underlying page class, and any custom resources applied to the link.

Returns 0 if the link is not to a csp application. (enable)

Returns 1 if the user is permitted access to the page. (enable)

Returns 2 if could not determine Target User. Clicking on link will bring up login page. (choice: enable or disable)

Returns 3 if the user doesn't have access to the CSP application.(disable)

Returns 4 if the user doesn't have resources specific to the page.(disable)

  1. It is assumed the CheckLinkAccess is called from a context in which session and request are available, ie, from callpage in the CSP Server
  2. In order to minimize information trolling, CheckLinkAccess will just return a bit indicating if the link should be enabled in the current calling context.
  3. Definitions:
    1. Source application - application in which the current caller is being run
    2. Current user - ($Username) the user currently logged into the Source Application
    3. Target Application - the application pointed to by the link
    4. Target User - the computed username under which the user will be logged into the Target Application
    5. Target Page: the page portion of the link, e.g., /csp/app/mypage.csp: mypage.csp

This method is meant to be called from the link's containing page within the context of the CSP server. The containing page is part of a source application.

We must be able to detemine which target user will be used to check privileges. The target user cannot be determined if the source and target applications are different and the target is neither part of an active by-id group nor sharing-sessions with the source application.

Applications share sessions when:

  • The source and target are the same application.
  • The link to the target page contains CSPSHARE=1.
  • Source and target applications have the same Session Cookie Path.

Who is the target user?

Since this is called from with a CSP session, there are the following situations:

  1. The target application is a member of an authenticated by-id group. That group's authenticated user is the Target User.
  2. The target application will be in the current session. The CSP server has already handled logic for determing the user.
    1. The session's user is not UnknownUser. The target user is $Username.
    2. The session's user is UnknownUser
      • If the target application is the source application, the Target User is UnknownUser.
      • If the target application is different, the target user is the user from the session's Sticky-context. If the session has no sticky-context, the Target User will be UnknownUser

CheckLinkAccess Policy

  • If the Target Application is not a CSP Application, return ENABLE/UNKNOWN
  • If the Source and Target application are the same, skip to check resources.
  • If the Target Application is neither in an authenticated by-id group nor in the Source Application's session, return ENABLE/UNKNOWN
  • Compute the Target User. See 'Who is Target User?' above.
  • If the Target Application is two-factor enabled and the Target User is not, return NO_APP_ACCESS.
  • Get any application-defined and user-defined resources assigned to the Target Page.
  • If Source and Target Applications are different, check that the Target User has the right roles to enter the Target Application. If not, return NO_APP_ACCESS.

  • Check Resources:

    If the Target User can access the Target Page's Resources after escalating roles from the Target Application, return ENABLE/UNKNOWN. Else return NO_PAGE_ACCESS.

◆ ClearDirectories()

ClearDirectories ( )
static

This method will clear the set of directories that are visible by the.

<Class>ZEN.Dialog.fileSelect</Class> page. After this all directories available to the system will be visible in the fileSelect page.

◆ GetAllowedDirectories()

_.Library.Boolean GetAllowedDirectories (   dirs)
static

This method will retrieve the set of root directories that are visible.

by the <Class>ZEN.Dialog.fileSelect</Class> page. If the system is configured to restrict the directories that are visible the method will return 1 (true) and dirs will contain the set of root directories. Otherwise it will return 0 (false), and all directories will be visible.

◆ RemoveDirectory()

RemoveDirectory ( _.Library.String  dir)
static

This method will remove the given directory from the set of root directories that.

are visible by the <Class>ZEN.Dialog.fileSelect</Class> page. If the given directory was not previously configured as an available root directory, this will have no effect.

◆ RestrictDirectories()

_.Library.Boolean RestrictDirectories ( _.Library.Boolean  flag)
static

If flag is true then the <Class>ZEN.Dialog.fileSelect</Class> page will only.

allow navigation to the set of directories configured by <Method>AddDirectory</Method>. If no directories are configured, then the fileSelect page will not display any files.
If flag is false, then the fileSelect page will allow navigation to all files. The set of directories configured by <Method>AddDirectory</Method> (if any) is not removed. Return 1 (true) if we were previously configured to use restricted directories, 0 (false) otherwise.