Access Control Admin Internals
These are the functions called by the WebAccess Web Admin Interface to administrate
the wanted authorizations. This listing is of the most important functions.
For more information look in the source code or at the signatures.
CONTENTS
1. Adding Information
2. Finding Information
3. Deleting Information
1. Adding Information
acc_add_action(name_action='', description='', optional='no', *allowedkeywords)
function to create new entry in accACTION for an action
name_action - name of the new action, must be unique
keyvalstr - string with allowed keywords
allowedkeywords - a list of allowedkeywords
keyvalstr and allowedkeywordsdict can not be in use simultanously
success -> return id_action, name_action, description and allowedkeywords
failure -> return 0
acc_add_role(name_role, description, firerole_def_ser, firerole_def_src)
add a new role to accROLE in the database.
name_role - name of the role, must be unique
description - text to describe the role
firerole_def_ser - precompiled serialized firewall like role definition (firerole)
firerole_def_src - definition text source for repairing after Python upgrades
acc_add_user_role(id_user=0, id_role=0, email='', name_role='')
this function adds a new entry to table user_accROLE and returns it
id_user, id_role - self explanatory
email - email of the user
name_role - name of the role, to be used instead of id.
acc_add_role_action_arguments_names(name_role='', name_action='', arglistid=-1, optional=0, verbose=0, **keyval)
this function makes it possible to pass names when creating new entries instead of ids.
get ids for all the names,
create entries in accARGUMENT that does not exist,
pass on to id based function.
name_role, name_action - self explanatory
arglistid - add entries to or create group with arglistid, default -1 create new.
optional - create entry with optional keywords, **keyval is ignored, but should be empty
verbose - used to print extra information
**keyval - dictionary of keyword=value pairs, used to find ids.
2. Finding Information
acc_find_possible_actions(id_role, id_action)
Role based function to find all action combinations for a
give role and action.
id_role - id of role in the database
id_action - id of the action in the database
returns a list with all the combinations.
first row is used for header.
3. Deleting Information
acc_deletea_ction(id_action=0, name_action=0)
delete action in accACTION according to id, or secondly name.
entries in accROLE_accACTION_accARGUMENT will also be removed.
id_action - id of action to be deleted, prefered variable
name_action - this is used if id_action is not given
if the name or id is wrong, the function does nothing
acc_delete_role(id_role=0, name_role=0)
delete role entry in table accROLE and all references from other tables.
id_role - id of role to be deleted, prefered variable
name_role - this is used if id_role is not given
acc_delete_user_role(id_user, id_role=0, name_role=0)
function deletes entry from user_accROLE and reports the success.
id_user - user in database
id_role - role in the database, prefered parameter
name_role - can also delete role on background of role name.
acc_delete_role_action_arguments_names(name_role='', name_action='', arglistid=1, **keyval)
utilize the function on ids by first finding all ids and redirecting the function call.
break of and return 0 if any of the ids can't be found.
name_role = name of the role
name_action - name of the action
arglistid - the argumentlistid, all keyword=value pairs must be in this same group.
**keyval - dictionary of keyword=value pairs for the arguments.