CX_SECURITY
Class hierarchy
Description:
Base class for all security policies.
The CX_SECURITY object currently active in the system can be queried via CX_SYSTEM_OBJECT։։GetRegisteredSecurity.
semantic change:
As of Dll version 225901, the semantics of the Securtiy evaluation have been revised. The changes are summarised in the following table. The old semantics can be activated transitionally via the environment variable CX_SECURITY_OLD_MODE=1.
Before Dll version 225901 Or CX_SECURITY_OLD_MODE=1 | From Dll version 225901 |
---|---|
An empty CX_SECURTIY_SET or a set consisting only of empty sets is only treated as if no security were registered when evaluating class/object accesses. (=all allowed) This rule does not apply to message access , but the default here is also everything is allowed. The following applies to access to system functions:
| An empty CX_SECURTIY_SET or a set consisting only of empty sets is always treated as if no security were registered (= everything allowed). |
The default for message access (if no security object is responsible) is that the message is allowed. | The default for message access (if no security object is responsible) is that the message is blocked. |
The default for the system functions (if no security object is responsible) is:
| The default for the system functions (if no security object is responsible) is: All options forbidden. |
If there are several responsible security objects in a CX_SECURITY_SET , the following applies:
| In the case of several responsible security objects in a CX_SECURITY_SET , the last one always applies. |
If there are several responsible security objects in specializations in CX_CLASS_SECURITY/CX_OBJECT_SECURITY, the first one applies. | In the case of multiple responsible security objects in specialisations in CX_CLASS_SECURITY/CX_OBJECT_SECURITY, the last one shall apply. |
In case of multiple responsible attributes in accessExpressions in CX_CLASS_SECURITY/CX_OBJECT_SECURITY, the first one shall apply. | In case of multiple responsible attributes in accessExpressions in CX_CLASS_SECURITY/CX_OBJECT_SECURITY, the last one shall apply. |
Code example:
...
Function | MA* | Parameter | Return | Short description |
---|---|---|---|---|
Register | - | - | Registers the security object in the system | |
TestClass 225901 | INTEGER | CX_BIT_PATTERN | Returns the class access for a specific class. | |
TestMessage 225661 | INTEGER | TRUE/FALSE | Test whether message is allowed or blocked. | |
TestObject 225901 | OBJECT, STRING | CX_BIT_PATTERN | Returns the object access for a specific object (+ path). | |
TestOption 225735 | INTEGER | TRUE/FALSE | Test whether option is allowed or blocked. |
* MA = Member Access Function
Use in AppsWH
Module | Brief description |
---|---|