Author Topic: PSDK Permissions  (Read 2927 times)

Offline xember

  • Newbie
  • *
  • Posts: 19
  • Karma: 0
PSDK Permissions
« on: July 27, 2018, 12:44:16 PM »
Dear All,

I would like to Query who has permissions  :)> on let`s say a Person object... How to achieve this?

Thanks in advance for your help,

Kind Regards,

Peter

Offline hsujdik

  • Hero Member
  • *****
  • Posts: 541
  • Karma: 30
Re: PSDK Permissions
« Reply #1 on: July 27, 2018, 04:32:46 PM »
I don’t know through psdk. But if you need it as a one-time thing, you could query the config database on table cfg_ace.

Offline asystemsaus

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
Re: PSDK Permissions
« Reply #2 on: July 28, 2018, 03:35:21 AM »
If you know the IP address of the config server try the following.
[configserver]/api/v2/platform/configuration/persons/?name=<agent login id>

It’s part of the GWS Platform Configuration API:

https://docs.genesys.com/Documentation/HTCC/8.5.2/API/InternalConfigAPI

Uses these objects: https://docs.genesys.com/Documentation/PSDK/8.1.4/Developer/ConfigLayerObjectsList

Offline jarrod

  • Newbie
  • *
  • Posts: 42
  • Karma: 1
    • InProd CMS
Re: PSDK Permissions
« Reply #3 on: July 30, 2018, 05:14:57 AM »
There is no way of doing this in any of the UI's

From the PSDK there is no simple way that I know of.

You can get the permission of an object simply but that returns a mixture of different object types. If this is a once off then the database might be simpler if you are not strong in PSDK development.


Offline abudwill

  • Full Member
  • ***
  • Posts: 157
  • Karma: 4
Re: PSDK Permissions
« Reply #4 on: September 29, 2018, 05:13:32 AM »
First get the person object you want.

[code]
CfgPersonQuery personQuery = new CfgPersonQuery(cfgConnection.ConfService);
personQuery.Dbid = 102;
CfgPerson personResult = personQuery.ExecuteSingleResult();
[/code]

Next use RetrievePermissions method to get a collection of PermissionDescriptors attached to the person
[code]
ICollection<PermissionDescriptor> permissionDescriptors = personResult.RetrievePermissions();
[/code]

Iterate. PermissionDescriptor.ObjectType will tell you what type of object it is (Access Group, Person, etc).  PermissionDescriptor.ObjectDbid will give you its DBID, you can query config server to get the name of the person or access group with this info
[code]
String s = "";

foreach (PermissionDescriptor pd in permissionDescriptors)
{
  s += pd.ObjectType.ToString() +  Permissions.TranslatePermissionsHumanReadable(pd.AccessMask);
}
[/code]

Here is my custom TranslatePermissionsHumanReadable method:
[code]
        public static string TranslatePermissionsHumanReadable(int i)
        {
            string retVal = "";

            try
            {
                if (i == 0)
                    return "No access";

                if (i == 127)
                    return "Full access";

                GenesysPermissions permissions = (GenesysPermissions)i;

                // determine read permission
                if ((permissions & GenesysPermissions.Read) == GenesysPermissions.Read)
                    retVal += "Read: Y";
                else
                    retVal += "Read: N";

                retVal += ",";

                // determine create permission
                if ((permissions & GenesysPermissions.Create) == GenesysPermissions.Create)
                    retVal += "Create: Y";
                else
                    retVal += "Create: N";

                retVal += ",";

                // determine change permission
                if ((permissions & GenesysPermissions.Change) == GenesysPermissions.Change)
                    retVal += "Change: Y";
                else
                    retVal += "Change: N";

                retVal += ",";

                // determine execute permission
                if ((permissions & GenesysPermissions.Execute) == GenesysPermissions.Execute)
                    retVal += "Execute: Y";
                else
                    retVal += "Execute: N";

                retVal += ",";

                // determine delete permission
                if ((permissions & GenesysPermissions.Delete) == GenesysPermissions.Delete)
                    retVal += "Delete: Y";
                else
                    retVal += "Delete: N";

                retVal += ",";

                // determine readpermission permission
                if ((permissions & GenesysPermissions.ReadPermission) == GenesysPermissions.ReadPermission)
                    retVal += "Read Permission: Y";
                else
                    retVal += "Read Permission: N";

                retVal += ",";

                // determine changepermission permission
                if ((permissions & GenesysPermissions.ChangePermission) == GenesysPermissions.ChangePermission)
                    retVal += "Change Permission: Y";
                else
                    retVal += "Change Permission: N";
            }
            catch (Exception ex)
            {
                retVal = null;
                throw ex;
            }

            return retVal;
        }
[/code]

Here is the GenesysPermissions enum
[code]
    public enum GenesysPermissions
    {
        NoAccess = 0,
        Read = 1,
        Create = 2,
        Change = 4,
        Execute = 8,
        Delete = 16,
        ReadPermission = 32,
        ChangePermission = 64,
        Full = 127
    }
[/code]

Here is some sample output (without translating the dbids to actual access groups or persons - but you can do that on your own):
[code]
CFGAccessGroup,98,Read: Y,Create: N,Change: N,Execute: Y,Delete: N,Read Permission: N,Change Permission: N
CFGPerson,100,Full access
CFGAccessGroup,101,Full access
CFGAccessGroup,103,Read: Y,Create: N,Change: N,Execute: Y,Delete: N,Read Permission: N,Change Permission: N
CFGAccessGroup,48383,Read: Y,Create: N,Change: N,Execute: Y,Delete: N,Read Permission: N,Change Permission: N
CFGAccessGroup,48384,Read: Y,Create: N,Change: N,Execute: Y,Delete: N,Read Permission: N,Change Permission: N
[/code]

Give me sweet karma.

Regards,
Andrew