Checks the specified effective rights of one object over another for a specific attribute.
#include <ascauth.h>
int ASC_RIGHTS(ASCENV *asce, char *obj1, char *obj2, char *attribute, char *rights);
asce |
The environment item returned from the call to ASC_INIT() or ASC_INIT_EXT(). |
obj1 |
The Enterprise User ID or fully distinguished object name whose effective rights are to be tested. |
obj2 |
The Enterprise User ID or fully distinguished object name for which access by obj1 is to be tested. |
attribute |
The name of an attribute of obj2 for which the effective rights of obj1 are requested. The special attribute names All Attributes Rights, Entry Rights, and SMS Rights can also be specified. |
rights |
The rights to test. The characters specified must be in the following set: [S,C,R,W,A]. These correspond to Supervisor, Compare, Read, Write, and Add Self. |
Returns one of the following integer values defined in ascauth.h:
AS_OK |
User or object has the specified rights to the specified object attribute |
AS_NO |
User or object does not have the specified rights to the specified object attribute |
AS_ATTRNOTFOUND |
Specified attribute could not be found |
AS_INVALIDOBJ |
Specified user not found in the Census or the specified object does not exist |
AS_INVALIDOBJLEN |
Specified object exceeds maximum length |
AS_BADCLIENT |
Local host not authorized to query the Core Driver |
AS_NOAGENT |
No Core Driver could be contacted |
AS_NOAUTHENV |
No environment has been established |
AS_INVALIDREQ |
Call rejected by the Core Driver as not valid or not supported |
AS_INVALIDARGS |
Invalid arguments supplied to the function |
AS_KEYEXPIRED |
Old key rejected by the Core Driver because the expiration date has passed |
#include <stdio.h> #include <stdlib.h> #include <ascauth.h> main(int argc, char *argv[]) { ASCENV *asce; char *obj1, *obj2, *attr, *rights; int rc; if (argc != 5) { fprintf(stderr, "usage: %s <obj1> <obj2> \ <attribute> <rights>\n", argv[0]); exit(EXIT_FAILURE); } obj1 = argv[1]; obj2 = argv[2]; attr = argv[3]; rights = argv[4]; /* initialize the authentication environment */ asce = ASC_INIT(NULL); if (asce == NULL) { fprintf(stderr, "Error: cannot initialize authentication environment\n"); exit(EXIT_FAILURE); } /* check for rights */ rc = ASC_RIGHTS(asce, obj1, obj2, attr, rights); if (rc == AS_OK) printf("User has rights\n"); else printf("RC=%d, %s", rc, ASC_STRERROR(rc)); /* now terminate the authentication environment */ ASC_TERM(asce); return 0; }