Protect context actions
In order to allow or deny actions depending on user or application, the application may define action rights depending on any application resource. Within database access, action rights are checked within the database context.
Protected actions have to be registered in specialized DatabaseContext class by calling DatabaseContext::protectAction(). One may protect an action by name, in which case it it will be protected for all actions with the current context type (PropertyContext, TypeContext, ...). In order to protect an action for a special context class, the context class name has to be passed in addition. Protected actions are collected at database context level in an action permission cache.
Protected actions are checked before executing the action by calling permitted(). The function has to be implemented either in the specialized PropertyContext or TypeContext class associated with a property or structure or in the database context. When not being implemented in the PropertyContext or TypeContext class, the permission check is passed to the specialized DatabaseContext class. Depending on the return code of the permitted function, the action will be enabled (1) or disabled (0). When the action is protected but the permitted() function has not been implemented, the action will be enabled.
After an action had been enabled or disabled, the permit function will not be called, again. In order to reset the action state for all protected actions (e.g. because changing the active user), DatabaseContext::resetPermissions() may be called.
Related topics
- protectAction - Protect action
- permitted - Check action permission
- ResetPermissions - Reset permission cache