BDSecurity Object [C++]
Use this object to manage security settings used to control access to various functionality of Commerce Server Business Desk. These security settings are maintained in the Commerce Server database in the Security Definition Tables (SDT), which is comprised of the BDSecurityDefinition and BDSecurityIdentifiers database tables.
| ProgID: | Commerce.BDSecurity (Externally creatable) |
| COM Class Name: | BDSecurity |
| Type Library Name: | BDSecurity 1.0 Type Library |
| DLL Name: | BDSecurity.dll |
| Threading Model: | Free |
[C++]
| COM Interface Name: | IBDSecurity |
| Interface ID Constant: | None |
| Header File: | None |
[C++] In C++, use the IBDSecurity interface to access the methods of the BDSecurity object.
Methods
[C++]
| Method | Description |
|---|---|
| AddAccount | Adds a new user or group account to the Business Desk security database.
This method is intended for use by the Permissions module and dialog box and is not likely to be used within any other Business Desk modules. |
| CanUserAccess | Determines whether the user has access rights to read the specified file.
This method is included for backward-compatibility with Commerce Server 2000. |
| GetAccounts | Returns information about all of the accounts in the Business Desk security database.
This method is intended for use by the Permissions module and dialog box and is not likely to be used within any other Business Desk modules. |
| GetAccountsForRight | Returns information about all of the accounts associated with the specified combination of entity, element, and right.
This method is intended for use by the Permissions module and dialog box and is not likely to be used within any other Business Desk modules. |
| GetPermissions | Returns permission information (allow, deny, or undefined) associated with the specified combination of security identifier (SID), entity, element, and right.
This method is used by modules that make use of the Business Desk security settings to control access to various aspects of their functionality. |
| Initialize | Retrieves the connection string associated with the Business Desk security database and stores it within the object for use by the other methods.
This method is generally only called within the page Global.asa in the course of initializing the global instance of the BDSecurity object referenced by the global variable g_MSCSBizDeskSecurity. |
| RemoveAccount | Remove the account associated with the specified security identifer (SID) from the Business Desk security database. It also removes all permissions associated with that account. This method is intended for use by the Permissions module and dialog box and is not likely to be used within any other Business Desk modules. |
| RemoveSecurityDefinitions | Removes all permission and security definition settings associated with the specified combination of entity, element, and right from the Business Desk security database. This method is used by modules to clean up the SDT when a securable element under their control is deleted. |
| SetPermissions | Sets permission information (allow, deny, or undefined) for the specified combination of security identifier (SID), entity, element, and right.
This method is intended for use by the Permissions module and dialog box and is not likely to be used within any other Business Desk modules. |
[Visual Basic]
| Method | Description |
|---|---|
| AddAccount | Adds a new user or group account to the Business Desk security database.
This method is intended for use by the Permissions module and dialog box and is not likely to be used within any other Business Desk modules. |
| CanUserAccess | Determines whether the user has access rights to read the specified file.
This method is included for backward-compatibility with Commerce Server 2000. |
| GetAccounts | Returns information about all of the accounts in the Business Desk security database.
This method is intended for use by the Permissions module and dialog box and is not likely to be used within any other Business Desk modules. |
| GetAccountsForRight | Returns information about all of the accounts associated with the specified combination of entity, element, and right.
This method is intended for use by the Permissions module and dialog box and is not likely to be used within any other Business Desk modules. |
| GetPermissions | Returns permission information (allow, deny, or undefined) associated with the specified combination of security identifier (SID), entity, element, and right.
This method is used by modules that make use of the Business Desk security settings to control access to various aspects of their functionality. |
| Initialize | Retrieves the connection string associated with the Business Desk security database and stores it within the object for use by the other methods.
This method is generally only called within the page Global.asa in the course of initializing the global instance of the BDSecurity object referenced by the global variable g_MSCSBizDeskSecurity. |
| RemoveAccount | Remove the account associated with the specified security identifer (SID) from the Business Desk security database. It also removes all permissions associated with that account. This method is intended for use by the Permissions module and dialog box and is not likely to be used within any other Business Desk modules. |
| RemoveSecurityDefinitions | Removes all permission and security definition settings associated with the specified combination of entity, element, and right from the Business Desk security database.
This method is used by modules to clean up the SDT when a securable element under their control is deleted. |
| SetPermissions | Sets permission information (allow, deny, or undefined) for the specified combination of security identifier (SID), entity, element, and right.
This method is intended for use by the Permissions module and dialog box and is not likely to be used within any other Business Desk modules. |
Remarks
The methods provided by this object (other than the method CanUserAccess, which is provided for backward-compatibility with Commerce Server 2000) are used to manage the security settings stored in a pair of SQL tables, collectively known as the Security Definition Tables (SDT). In general, these methods are thin wrappers for underlying SQL stored procedures. Business Desk modules typically only call the GetPermissions method to retrieve the relevant security settings for the current user. How these settings are used to control and limit functionality within the module is entirely module-specific.
The following table shows the Business Desk feature areas that make use of the Business Desk security functionality in Commerce Server 2002.
| Feature Area | Security Entities |
|---|---|
| Framework | Categories, modules, tasks |
| Catalogs | Catalogs, categories, property definitions |
| Profiles | Properties |
See the source code for the Business Desk Framework and relevant categories for examples of how these security settings can be used. Note that the catalog modules cache the security settings for each of its entities as separate XML documents associated with the current session.
Most of the methods provided by this object are only intended for design time use by the Permissions module and dialog box in Business Desk. The exceptions are the methods GetPermissions and RemoveSecurityDefinitions. At run time, Business Desk modules can use the GetPermissions method to retrieve security settings so that they can enable or disable functionality as appropriate.
Modules can also use the RemoveSecurityDefinitions method to clean up the SDT if an entity, element, or right is dynamically removed. For example, if a catalog is deleted, all security settings associated with that catalog are removed from the SDT. For more information about entities, elements, rights, and permissions in the context of Business Desk security, see Security.
See Also
Copyright © 2005 Microsoft Corporation.
All rights reserved.