Difference between UserReadAll or UserReadName Permission / Permission Overview

0

To read a users name (User.getName()) whitin a script element, I assigned the corresponding permission "UserReadAll" to the role the calling user owned. Nevertheless, ivy reports the Error "The session does not fulfill the permission rule SESSION (MATCHES THIS AND OWNS UserReadOwnName PERMISSION) OR OWNS UserReadName PERMISSION OR OWNS UserReadName@SYSTEM PERMISSION" After that, I added also the permission "UserReadName/UserReadFullName" and then it worked.

What's the difference between "UserReadAll" and "UserReadName"? In my opinion, the "UserReadAll" permission should cover and allow all "Read" operations on a user object.

Is there any documentation which explains the permission concept of ivy? I couldn't find any detailed information about in the documentation section available on the xpert.ivy download area.

Thanks and regards, Stefan

asked 20.10.2014 at 10:35

Stefan's gravatar image

Stefan
(suspended)
accept rate: 60%

One Answer:
active answersoldestnewestmost voted
1

The permission UserReadAll is necessary to call methods like ISecurityContext#getUsers() or ISecurityContext#findUser(...). So it gives you the right to access all user objects.

The permission UserReadName gives you the right to call the method IUser#getName() on any user object.

The permission UserReadOwnName gives you the right to call method IUser#getName() on the user object that represents yourself. E.g. the user object that is associated with the current session.

link

answered 20.10.2014 at 16:57

Reto%20Weiss's gravatar image

Reto Weiss ♦♦
4.9k202857
accept rate: 74%

Thanks, Reto. Is there any detailed documentation available?

(21.10.2014 at 07:28) Stefan Stefan's gravatar image

Hi Stephan

See question http://answers.axonivy.com/questions/1014 to find out where the permissions needed to call a method is documented

(21.10.2014 at 10:03) Reto Weiss ♦♦ Reto%20Weiss's gravatar image

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×40

Asked: 20.10.2014 at 10:35

Seen: 2,274 times

Last updated: 21.10.2014 at 10:03

Related questions

Changing the Security System

Java blocks Rich Dialog applications and we cannot update

LDAP API call cache

Change password of an AD user in Ivy

How to set multiple responsible roles for a process start request

Does a user have a specific role?

How to reset a task back to state SUSPENDED cancelled by the user

How to change the certificate for SSL/HTTPS?

Permission Denied: needs Permission SYSTEM but the Session is SYSTEM

How can I disable Permission checks?