DL_GetDbAcl, CSSM_DL_GetDbAcl - Get ACL description (CDSA)
# include <cdsa/cssm.h>
API: CSSM_RETURN CSSMAPI CSSM_DL_GetDbAcl (CSSM_DL_DB_HANDLE
DLDBHandle, const CSSM_STRING *SelectionTag, uint32
*NumberOfAclInfos, CSSM_ACL_ENTRY_INFO_PTR *AclInfos) SPI:
CSSM_RETURN CSSMDLI DL_GetDbAcl (CSSM_DL_DB_HANDLE DLDBHandle,
const CSSM_STRING *SelectionTag, uint32 *NumberOfAclInfos,
CSSM_ACL_ENTRY_INFO_PTR *AclInfos)
Common Security Services Manager library (libcssm.so)
The handle pair that identifies the Data Storage service
provider to perform this operation and the target data
store whose associated ACL entries are scanned and
returned. A CSSM_STRING value matching the user-defined
tag value associated with one or more ACL entries for the
target data base. To retrieve a description of all ACL
entries for the target data base, this parameter must be
NULL. The number of entries in the AclInfos array. If no
ACL entry descriptions are returned, this value is zero.
An array of CSSM_ACL_ENTRY_INFO structures. The unique
handle contained in each structure can be used during the
current attach session to reference the ACL entry for
editing. The structure is allocated by the service
provider and must be released by the caller when the
structure is no longer needed. If no ACL entry descriptions
are returned, this value is NULL.
This function returns a description of zero or more ACL
entries managed by the data storage service provider module
and associated with the target database identified by
DLDBHandle.DBHandle. The optional input SelectionTag
restricts the returned descriptions to those ACL entries
with a matching EntryTag value. If a SelectionTag value is
specified and no matches are found, zero descriptions are
returned. If no SelectionTag is specified, a description
of all ACL entries associated with the target data base
are returned by this function.
Each AclInfo structure contains: Public contents of an ACL
entry ACL EntryHandle, which is a unique value defined and
managed by the service provider
The public ACL entry information returned by this function
includes: A CSSM_LIST structure containing one element
identifying the type of subject stored in the ACL entry.
A CSSM_BOOL value indicating whether the subject can delegate
the permissions recorded in Authorization A
CSSM_AUTHORIZATIONGROUP structure defining the set of
operations for which permission is granted to the Subject.
A CSSM_ACL_VALIDITY_PERIOD structure containing two elements,
the start time and the stop time for which the ACL
entry is valid. A CSSM_STRING containing a user-defined
value associated with the ACL entry.
A CSSM_RETURN value indicating success or specifying a
particular error condition. The value CSSM_OK indicates
success. All other values represent an error condition.
Errors are described in the CDSA technical standard. See
CDSA_intro(3). CSSMERR_DL_INVALID_DB_HANDLE
Books
Intel CDSA Application Developer's Guide (see
CDSA_intro(3))
Reference Pages [Toc] [Back]
Functions for the CSSM API:
CSSM_DL_ChangeDbAcl(3)
Functions for the DL SPI:
DL_ChangeDbAcl(3)
DL_GetDbAcl(3)
[ Back ] | 