PSDK Permissions

[xember]

Dear All,

I would like to Query who has permissions  on let`s say a Person object... How to achieve this?

Thanks in advance for your help,

Kind Regards,

Peter

[hsujdik]

I don’t know through psdk. But if you need it as a one-time thing, you could query the config database on table cfg_ace.

[asystemsaus]

If you know the IP address of the config server try the following.
[configserver]/api/v2/platform/configuration/persons/?name=<agent login id>

It’s part of the GWS Platform Configuration API:

https://docs.genesys.com/Documentation/HTCC/8.5.2/API/InternalConfigAPI

Uses these objects: https://docs.genesys.com/Documentation/PSDK/8.1.4/Developer/ConfigLayerObjectsList

[jarrod]

There is no way of doing this in any of the UI's

From the PSDK there is no simple way that I know of.

You can get the permission of an object simply but that returns a mixture of different object types. If this is a once off then the database might be simpler if you are not strong in PSDK development.

[abudwill]

First get the person object you want.

[code]
CfgPersonQuery personQuery = new CfgPersonQuery(cfgConnection.ConfService);
personQuery.Dbid = 102;
CfgPerson personResult = personQuery.ExecuteSingleResult();
[/code]

Next use RetrievePermissions method to get a collection of PermissionDescriptors attached to the person
[code]
ICollection<PermissionDescriptor> permissionDescriptors = personResult.RetrievePermissions();
[/code]

Iterate. PermissionDescriptor.ObjectType will tell you what type of object it is (Access Group, Person, etc).  PermissionDescriptor.ObjectDbid will give you its DBID, you can query config server to get the name of the person or access group with this info
[code]
String s = "";

foreach (PermissionDescriptor pd in permissionDescriptors)
{
  s += pd.ObjectType.ToString() +  Permissions.TranslatePermissionsHumanReadable(pd.AccessMask);
}
[/code]

Here is my custom TranslatePermissionsHumanReadable method:
[code]
        public static string TranslatePermissionsHumanReadable(int i)
        {
            string retVal = "";

            try
            {
                if (i == 0)
                    return "No access";

                if (i == 127)
                    return "Full access";

                GenesysPermissions permissions = (GenesysPermissions)i;

                // determine read permission
                if ((permissions & GenesysPermissions.Read) == GenesysPermissions.Read)
                    retVal += "Read: Y";
                else
                    retVal += "Read: N";

                retVal += ",";

                // determine create permission
                if ((permissions & GenesysPermissions.Create) == GenesysPermissions.Create)
                    retVal += "Create: Y";
                else
                    retVal += "Create: N";

                retVal += ",";

                // determine change permission
                if ((permissions & GenesysPermissions.Change) == GenesysPermissions.Change)
                    retVal += "Change: Y";
                else
                    retVal += "Change: N";

                retVal += ",";

                // determine execute permission
                if ((permissions & GenesysPermissions.Execute) == GenesysPermissions.Execute)
                    retVal += "Execute: Y";
                else
                    retVal += "Execute: N";

                retVal += ",";

                // determine delete permission
                if ((permissions & GenesysPermissions.Delete) == GenesysPermissions.Delete)
                    retVal += "Delete: Y";
                else
                    retVal += "Delete: N";

                retVal += ",";

                // determine readpermission permission
                if ((permissions & GenesysPermissions.ReadPermission) == GenesysPermissions.ReadPermission)
                    retVal += "Read Permission: Y";
                else
                    retVal += "Read Permission: N";

                retVal += ",";

                // determine changepermission permission
                if ((permissions & GenesysPermissions.ChangePermission) == GenesysPermissions.ChangePermission)
                    retVal += "Change Permission: Y";
                else
                    retVal += "Change Permission: N";
            }
            catch (Exception ex)
            {
                retVal = null;
                throw ex;
            }

            return retVal;
        }
[/code]

Here is the GenesysPermissions enum
[code]
    public enum GenesysPermissions
    {
        NoAccess = 0,
        Read = 1,
        Create = 2,
        Change = 4,
        Execute = 8,
        Delete = 16,
        ReadPermission = 32,
        ChangePermission = 64,
        Full = 127
    }
[/code]

Here is some sample output (without translating the dbids to actual access groups or persons - but you can do that on your own):
[code]
CFGAccessGroup,98,Read: Y,Create: N,Change: N,Execute: Y,Delete: N,Read Permission: N,Change Permission: N
CFGPerson,100,Full access
CFGAccessGroup,101,Full access
CFGAccessGroup,103,Read: Y,Create: N,Change: N,Execute: Y,Delete: N,Read Permission: N,Change Permission: N
CFGAccessGroup,48383,Read: Y,Create: N,Change: N,Execute: Y,Delete: N,Read Permission: N,Change Permission: N
CFGAccessGroup,48384,Read: Y,Create: N,Change: N,Execute: Y,Delete: N,Read Permission: N,Change Permission: N
[/code]

Give me sweet karma.

Regards,
Andrew