V11 SP8
Loading...

Checking for Specific Permissions on an Entity Using Security Stored Procedures

Stored Procedure

Sec_ checkPermissionOnEntity.sp: Checks whether the user or user group has specific permissions on the defined entity.

Inputs

Name Description Required
userId The user ID for the user. You can retrieve the user ID from the UMUsers table: SELECT id FROM UMUsers WHERE login = 'user_name'. Yes
permissionIdList The list of permission IDs that you want to check. If you do not know the ID for a permission, you can find the permission name and ID in the UMPermissions table. Yes
entityType The type of entity. For example, set this to 28 to return all of the client groups a user is associated with. The ID for each type of entity is available in the APP_Entity table. Yes
entityId The entity ID for the entity. You can retrieve the entity ID from the appropriate entity table. For example, SELECT id FROM APP_ClientGroup WHERE name = 'G1'. Yes
inheritFromChildren The option to check child entities for the defined permission.

Valid values are:

  • 0, Do not check child entities.
  • 1, Check child entities.
Yes
AndOperartion The option to define an AND/OR relationship between the permissions in the permissionIdList input. No

Output

Yes or No depending on whether the user or user group has the permissions on the defined entity.

Sample Query

This query lists checks whether user "u1" has the Agent Management permission on client group "G1":

--sec_checkPermissionOnEntity.sp
--If you want to check if user u1 has agent management on client group G1.
DECLARE @userId INT = (SELECT id FROM UMUsers WHERE login = 'u1')
DECLARE @permissionIdList VARCHAR(10) = '2' --2 stands for agent management.
DECLARE @entityType INT = 28 --Client group entity. You can get it from APP_Entity table.
DECLARE @entityID INT = (SELECT id FROM APP_ClientGroup WHERE name = 'G1')
DECLARE @isAllowed INT = 0
EXEC sec_checkPermissionOnEntity @userId, @permissionIdList, @isAllowed OUTPUT, @entityType, @entityID
SELECT @isAllowed