This document describes the database schema and classes available in build 134 of the RBAC database API.
The DatabaseRoutines class provides several miscellaneous routines relating to the API as a whole:
RBAC.DatabaseRoutines.Build;RBAC::DatabaseRoutines::Build();RBAC.DatabaseRoutines.ConnectionString = "DSN=My DSN";RBAC::DatabaseRoutines::SetDSN("My DSN");List of users who are administrators of various parts of the system.
| Column | Type | Description |
| UserID | integer (read-only) | ID of the user who is in a managerial role. |
| DepartmentID | integer (optional, read-only) | ID of the department the user has management rights over. |
| ResourceID | integer (optional, read-only) | ID of the resource the user has management rights over. |
New objects of this class are constructed with:
new RBAC.AdminGroupMembership(int UserID, int? DepartmentID, int? ResourceID)new RBAC::AdminGroupMembership($UserID, $DepartmentID, $ResourceID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer UserID, integer DepartmentID, integer ResourceID)The following methods return a list of objects:
GetAll()GetByDepartment(integer DepartmentID)GetResourcesForUser(integer UserID)GetDepartmentsForUser(integer UserID)GetRBACAdministrators()GetByResource(integer ResourceID)GetByUser(integer UserID)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Department | Department (read-only) | The department the user has management rights over. |
| Resource | Resource (read-only) | The resource the user has management rights over. |
| User | User (read-only) | The user who is in a managerial role. |
Storage for attachments relating to a request, or part thereof.
| Column | Type | Description |
| RequestID | integer (read-only) | The ID of the request the attachment relates to. |
| RequestLineID | integer (optional) | The ID of the specific request line the attachment relates to. |
| Filename | string(128) (read-only) | The original name of the file. |
| Filetype | string(128) | The MIME type of the file. |
| Data | string(128) | The attachment data. |
New objects of this class are constructed with:
new RBAC.Attachment(int RequestID, string Filename)new RBAC::Attachment($RequestID, $Filename)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer RequestID, string Filename)The following methods return a list of objects:
GetAll()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| RequestLine | RequestLine (read-only) | The request line the attachment relates to. |
| Request | RequestHeader (read-only) | The request the attachment relates to. |
The audit trail.
| Column | Type | Description |
| ID | uniqueid (read-only) | ID of the line, used only to provide uniqueness. |
| EventTime | datetime | Timestamp of the event. |
| Source | string(64) | Source -- either a subsystem or a user name. |
| EventType | string(32) | Type of audit event. |
| Severity | integer | Severity of audit event: 0 = catastrophic failure, 1 = error, 2 = warning, 3 = notice, 4 = debug 1 etc.. |
| Description | string(255) | Description of audit event. |
New objects of this class are constructed with:
new RBAC.Audit()new RBAC::Audit()The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ID)The following methods return a list of objects:
GetAll()GetEventsBetween(date/time FirstEventTime, date/time LastEventTime)GetEventOfSeverity(integer Severity)GetEventsOfType(string EventType)GetEventsFrom(string Source)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.Holds details of each authorization group – name etc.
| Column | Type | Description |
| ID | autoid (read-only) | ID of the auth group |
| Name | string(128) | name of the auth group |
| Comment | string(128) | a comment |
| LeadMemberID | integer | User ID of the lead member |
| DepartmentID | integer (optional) | The ID of the department owning the authorization group; governs authority to edit this auth group.. |
| ResourceID | integer (optional) | The ID of the resource the authorization group relates to; governs authority to edit this auth group. |
New objects of this class are constructed with:
new RBAC.AuthGroup()new RBAC::AuthGroup()The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ID)LookupByAuthGroupName(string Name)The following methods return a list of objects:
GetAll()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Department | Department | The department owning the authorization group. |
| Resource | Resource | The resource the authorization group relates to. |
| LeadMember | User | The lead user of the authorization group, having ability to delegate approval. |
List of users in each authorization group
| Column | Type | Description |
| AuthGroupID | integer (read-only) | ID of the auth group |
| UserID | integer (read-only) | ID of the user |
New objects of this class are constructed with:
new RBAC.AuthGroupMember(int AuthGroupID, int UserID)new RBAC::AuthGroupMember($AuthGroupID, $UserID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer AuthGroupID, integer UserID)The following methods return a list of objects:
GetAll()GetByRole(integer RoleID, integer RoleVersion)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| AuthGroup | AuthGroup (read-only) | The auth group the user is a mamber of. |
| User | User (read-only) | The user that is a member of the group. |
List of authorization groups required for each role
| Column | Type | Description |
| RoleID | integer (read-only) | ID of the role |
| RoleVersion | integer (read-only) | Version of the role |
| AuthGroupID | integer (read-only) | ID of the authgroup |
New objects of this class are constructed with:
new RBAC.AuthGroupRole(int RoleID, int RoleVersion, int AuthGroupID)new RBAC::AuthGroupRole($RoleID, $RoleVersion, $AuthGroupID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer RoleID, integer RoleVersion, integer AuthGroupID)The following methods return a list of objects:
GetAll()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| AuthGroup | AuthGroup (read-only) | The authorization group whose approval is required. |
| Role | Role (read-only) | The role this authorization group is required to approve. |
List of signatories for each request line – one per authorizing user in each authorization group.
| Column | Type | Description |
| RequestID | integer (read-only) | The ID of the request holding the request line to be approved. |
| LineID | integer (read-only) | The ID of the request line being approved. |
| AuthGroupID | integer (read-only) | The ID of the authorization group whose approval is required. |
| UserID | integer (read-only) | The ID of the user within the authorization group. |
| Status | string(32) | The current approval state of this line. |
| Signature | string(128) (optional) | The name of the user who signed this authline. |
| SignatureVerifiedBy | string(128) (optional) | How the signature was verified -- RBAC, Active Directory etc. |
| SignatureType | string(128) (optional) | Whether the signature was of the required user or a delegated user. |
| DelegateUserID | integer (optional) | The ID of the user who signed with delegated authority. |
| LastUpdated | datetime | The time this line was created or updated. |
| Comment | string(128) (optional) | A comment. |
New objects of this class are constructed with:
new RBAC.AuthLine(int RequestID, int LineID, int AuthGroupID, int UserID)new RBAC::AuthLine($RequestID, $LineID, $AuthGroupID, $UserID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer RequestID, integer LineID, integer AuthGroupID, integer UserID)The following methods return a list of objects:
GetAll()GetAllForUserWithStatus(integer UserID, string Status)GetAllForGroupAndLine(integer AuthGroupID, integer RequestID, integer LineID)GetAllForLine(integer RequestID, integer LineID)GetAllForUser(integer UserID)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| DelegateUser | User | The user who signed using delegated authority. |
| AuthGroup | AuthGroup (read-only) | The authorization group this line represents. |
| RequestLine | RequestLine (read-only) | The request line this signature line relates to. |
| Request | RequestHeader (read-only) | The request this signature line relates to. |
| AuthGroupMember | AuthGroupMember (read-only) | The user / authorization group that can sign off on this line. |
List of commands available in each WAR instance.
| Column | Type | Description |
| InstanceID | integer (read-only) | ID of the WAR instance this command applies to. |
| Name | string(128) (read-only) | Name of the command. |
New objects of this class are constructed with:
new RBAC.CommandInfo(int InstanceID, string Name)new RBAC::CommandInfo($InstanceID, $Name)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer InstanceID, string Name)The following methods return a list of objects:
GetAll()GetByInstance(integer InstanceID)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Instance | WARInstance (read-only) | The WAR instance this command is available on. |
List of parameters required for each WAR command.
| Column | Type | Description |
| InstanceID | integer (read-only) | ID of the WAR instance owning the command. |
| CommandName | string(128) (read-only) | Name of the command this parameter is for. |
| ParameterName | string(128) (read-only) | Name of the parameter. |
| ParameterType | string(128) | Type of the parameter. |
| Comment | string(128) | Comment. |
New objects of this class are constructed with:
new RBAC.CommandParameter(int InstanceID, string CommandName, string ParameterName)new RBAC::CommandParameter($InstanceID, $CommandName, $ParameterName)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer InstanceID, string CommandName, string ParameterName)The following methods return a list of objects:
GetAll()GetByCommand(integer InstanceID, string CommandName)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Command | CommandInfo (read-only) | The command this parameter is required for. |
Compound-role specific details
| Column | Type | Description |
| RoleID | integer (read-only) | ID of the role |
| RoleVersion | integer (read-only) | Version of the compound role |
New objects of this class are constructed with:
new RBAC.CompoundRole(int RoleID, int RoleVersion)new RBAC::CompoundRole($RoleID, $RoleVersion)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer RoleID, integer RoleVersion)The following methods return a list of objects:
GetAll()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Role | Role (read-only) | The common role data for the role. |
List of roles making up each compound role
| Column | Type | Description |
| CompoundRoleID | integer (read-only) | ID of the compound role |
| CompoundRoleVersion | integer (read-only) | Version of the compound role |
| RoleID | integer (read-only) | ID of the contained role |
| RoleVersion | integer | Version of the contained role (if compound) |
New objects of this class are constructed with:
new RBAC.CompoundRoleRole(int CompoundRoleID, int CompoundRoleVersion, int RoleID)new RBAC::CompoundRoleRole($CompoundRoleID, $CompoundRoleVersion, $RoleID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer CompoundRoleID, integer CompoundRoleVersion, integer RoleID)The following methods return a list of objects:
GetAll()GetByCompoundRole(integer CompoundRoleID, integer CompoundRoleVersion)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Role | Role (read-only) | The role contained within the CompoundRole. |
| CompoundRole | CompoundRole (read-only) | The containing compound role. |
List of delegations made by resource managers.
| Column | Type | Description |
| UserID | integer (read-only) | ID of the user whose authority he has elected to delegate. |
| DelegatedDepartmentID | integer (read-only) | ID of the department over which authority has been delegated. |
| DelegatedResourceID | integer (read-only) | ID of the resource over which authority has been delegated. |
| DelegateUserID | integer (read-only) | ID of the user the authority has been delegated to. |
| RequestID | integer (optional, read-only) | ID of the request this delegation is (optionally) specific to. |
| LineID | integer (optional, read-only) | ID of the request line this delegation is (optionally) specific to. |
| AuthGroupID | integer (optional, read-only) | ID of the authgroup this delegation is (optionally) specific to. |
New objects of this class are constructed with:
new RBAC.Delegation(int UserID, int DelegatedDepartmentID, int DelegatedResourceID, int DelegateUserID, int? RequestID, int? LineID, int? AuthGroupID)new RBAC::Delegation($UserID, $DelegatedDepartmentID, $DelegatedResourceID, $DelegateUserID, $RequestID, $LineID, $AuthGroupID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer UserID, integer DelegatedDepartmentID, integer DelegatedResourceID, integer DelegateUserID, integer RequestID, integer LineID, integer AuthGroupID)The following methods return a list of objects:
GetAll()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| DelegatedResource | Resource (read-only) | ... |
| DelegatedAuthLine | AuthLine (read-only) | ... |
| DelegateUser | User (read-only) | ... |
| DelegatedDepartment | Department (read-only) | ... |
| User | User (read-only) | The user whose authority is being delegated. |
List of departments
| Column | Type | Description |
| ID | autoid (read-only) | ID of the department |
| Name | string(128) | Name of the department |
| Comment | string(128) | Descriptive comment |
New objects of this class are constructed with:
new RBAC.Department()new RBAC::Department()The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ID)LookupByName(string Name)The following methods return a list of objects:
GetAll()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.List of compound roles available to each department
| Column | Type | Description |
| DepartmentID | integer (read-only) | ID of the owning department |
| CompoundRoleID | integer (read-only) | ID of the owned role |
| CompoundRoleVersion | integer | Version of the owned role |
New objects of this class are constructed with:
new RBAC.DepartmentCompoundRole(int DepartmentID, int CompoundRoleID)new RBAC::DepartmentCompoundRole($DepartmentID, $CompoundRoleID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer DepartmentID, integer CompoundRoleID)The following methods return a list of objects:
GetAll()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Department | Department (read-only) | The department with access to the compound role. |
| CompoundRole | CompoundRole (read-only) | The compound role the department has access to. |
Favourite roles
| Column | Type | Description |
| UserID | integer (read-only) | ID of the user whose favourite this is |
| RoleID | integer (read-only) | ID of the favourite role |
| RoleVersion | integer | Version of the favourite role |
| UsedTimestamp | datetime | Time this was last selected |
| UpdatedTimestamp | datetime | Time this was last updated |
New objects of this class are constructed with:
new RBAC.FavoriteRole(int UserID, int RoleID)new RBAC::FavoriteRole($UserID, $RoleID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer UserID, integer RoleID)The following methods return a list of objects:
GetAll()GetByUser(integer UserID)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| FavoriteRoleObj | Role (read-only) | The role the user has marked as a favourite. |
| User | User (read-only) | The user whose favourite this is. |
Favourite users
| Column | Type | Description |
| UserID | integer (read-only) | ID of the user whose favourite this is |
| FavoriteUserID | integer (read-only) | ID of the favourite user |
| UsedTimestamp | datetime | Time this was last selected |
| UpdatedTimestamp | datetime | Time this was last updated |
New objects of this class are constructed with:
new RBAC.FavoriteUser(int UserID, int FavoriteUserID)new RBAC::FavoriteUser($UserID, $FavoriteUserID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer UserID, integer FavoriteUserID)The following methods return a list of objects:
GetAll()GetByUser(integer UserID)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| User | User (read-only) | The user whose favourite this is. |
| FavoriteUserObj | User (read-only) | The user the user has marked as a favourite. |
List of manual executions that need to be fulfilled.
| Column | Type | Description |
| UserID | integer (read-only) | ID of the user who needs to be granted a role. |
| RoleID | integer (read-only) | ID of the resource role. |
| LastUpdated | datetime | Time this line was last updated. |
| Result | string(16) (optional) | Error/Warning/Information |
| Comment | string(128) (optional) | Comments associated with the execution. |
New objects of this class are constructed with:
new RBAC.ManualExecution(int UserID, int RoleID)new RBAC::ManualExecution($UserID, $RoleID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer UserID, integer RoleID)The following methods return a list of objects:
GetAll()GetUnfulfilledByManualExecutor(integer UserID)GetFulfilled()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Role | ResourceRole (read-only) | The resource role required. |
| User | User (read-only) | The user requiring the role. |
Notifications sent out by the system, and those awaiting despatch.
| Column | Type | Description |
| ID | uniqueid (read-only) | ID of the notification. |
| NotificationTime | datetime | Timestamp the notification was generated. |
| UserID | integer | ID of the user to be notified. |
| EventType | string(96) | Type of event -- request submitted, approval required, action required, etc. |
| EventLink | string(128) (optional) | URL stem to be presented to the user when the notification link is followed. |
| EventDetails | string(255) | Details of the event, displayed in the notificaton. |
| Sent | datetime (optional) | Time at which the notification was sent. |
| DelayUntil | datetime (optional) | Time after which the notification may be sent. |
| Expires | datetime (optional) | Time at which the notification will expire. |
New objects of this class are constructed with:
new RBAC.Notification()new RBAC::Notification()The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ID)The following methods return a list of objects:
GetAll()GetDueToSend(date/time When)GetUnprocessed()GetByDigest(integer UserID, date/time Sent)GetWithLink(string EventLink)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| User | User | The user to be notified. |
Stores output generated by request processor (manual executor or WAR)
| Column | Type | Description |
| RequestID | integer (read-only) | ID of the request generating this output. |
| LineID | integer (read-only) | ID of the request line generating this output. |
| RoleID | integer (optional) | The ID of the role this output relates to. |
| RoleVersion | integer (optional) | The version of the role this output relates to. |
| ExecutionOrder | integer (optional) | Index of the command within the execution. |
| OutputOrder | integer (read-only) | Index of the line within the output. |
| OutputType | string(16) | Error/Warning/Information/None {icons}, or Continuation. |
| OutputText | string(128) | The text of the line. |
New objects of this class are constructed with:
new RBAC.Output(int RequestID, int LineID, int OutputOrder)new RBAC::Output($RequestID, $LineID, $OutputOrder)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer RequestID, integer LineID, integer OutputOrder)The following methods return a list of objects:
GetAll()GetByRequestLine(integer RequestID, integer LineID)GetByRequest(integer RequestID)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Role | Role | The role action this output is associated with. |
| RequestLine | RequestLine (read-only) | The request line this output is associated with. |
| Request | RequestHeader (read-only) | The request this output is associated with. |
Parameter template for each role action
| Column | Type | Description |
| ResourceRoleID | integer (read-only) | ID of the resource role this defines |
| ResourceRoleVersion | integer (read-only) | Version of the resource role this defines |
| ExecutionOrder | integer (read-only) | Index of the command within the role |
| ParameterName | string(128) (read-only) | Name of the parameter being defined |
| ParameterSourceType | string(128) | The overall source of the parameter -- fixed, AD, Subscriber, request line etc. |
| ParameterSource | string(128) | The source of the parameter -- a fixed string, field name etc. |
New objects of this class are constructed with:
new RBAC.Parameter(int ResourceRoleID, int ResourceRoleVersion, int ExecutionOrder, string ParameterName)new RBAC::Parameter($ResourceRoleID, $ResourceRoleVersion, $ExecutionOrder, $ParameterName)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ResourceRoleID, integer ResourceRoleVersion, integer ExecutionOrder, string ParameterName)The following methods return a list of objects:
GetAll()GetParametersForAction(integer ResourceRoleID, integer ResourceRoleVersion, integer ExecutionOrder)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| RoleAction | RoleAction (read-only) | The role action this parameter is associated with. |
Holds overall details of each request – date, requestor, note etc.
| Column | Type | Description |
| ID | autoid (read-only) | The unique request ID. |
| RequestorID | integer | The User ID of the requesting user. |
| Status | string(16) | Overall status of the request -- Editing, Submitted, etc. |
| Description | string(255) (optional) | A description of the request, used by users to identify requests within the system. |
| Comment | string(255) (optional) | A comment regarding the request. |
| Created | datetime | The date and time the request was created. |
| LastUpdated | datetime | The date and time the request was last updated. |
New objects of this class are constructed with:
new RBAC.RequestHeader()new RBAC::RequestHeader()The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ID)The following methods return a list of objects:
GetAll()GetCurrentRequestForRequestor(integer RequestorID)GetByStatus(string Status)GetByRequestor(integer RequestorID)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Requestor | User | The user making the request. |
Holds individual request lines.
| Column | Type | Description |
| RequestID | integer (read-only) | The ID of the request holding this request line. |
| LineID | uniqueid (read-only) | The ID of this line within the request. |
| Action | string(64) | The action being requested. |
| Status | string(32) | The current status of this request line. |
| LastUpdated | datetime | The date and time the request was submitted. |
| ApprovalDeadline | datetime (optional) | The deadline for request line approval, NULL if none. |
| ExecutionDeadline | datetime (optional) | The deadline for request line execution, NULL if none. |
New objects of this class are constructed with:
new RBAC.RequestLine(int RequestID)new RBAC::RequestLine($RequestID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer RequestID, integer LineID)The following methods return a list of objects:
GetAll()GetByStatus(string Status)GetByRequest(integer RequestID)GetAllInApprovalState()GetByRequestAndStatus(integer RequestID, string Status)GetByStatusWithField(string Status, string FieldName, string FieldValue)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Request | RequestHeader (read-only) | The containing request. |
Data fields for each request line – these correspond initially to input into the user interface, and are created for new lines as the request progresses.
| Column | Type | Description |
| RequestID | integer (read-only) | The ID of the request holding this request line. |
| LineID | integer (read-only) | The ID of the request line to which this data pertains. |
| FieldName | string(64) (read-only) | The field name of the data. |
| FieldData | string(255) (read-only) | The data. |
New objects of this class are constructed with:
new RBAC.RequestLineData(int RequestID, int LineID, string FieldName, string FieldData)new RBAC::RequestLineData($RequestID, $LineID, $FieldName, $FieldData)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer RequestID, integer LineID, string FieldName, string FieldData)The following methods return a list of objects:
GetAll()GetMatching(string FieldName, string FieldData)GetByRequestLine(integer RequestID, integer LineID)GetField(integer RequestID, integer LineID, string FieldName)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| RequestLine | RequestLine (read-only) | The request line this data relates to. |
List of pre-requisites and conflicting roles for each resource role
| Column | Type | Description |
| ResourceRoleID | integer (read-only) | ID of the resource role |
| ResourceRoleVersion | integer (read-only) | Version of the resource role |
| RequirementType | string(128) | Type of requirement: prerequisite, conflict, override |
| RequirementRoleID | integer (read-only) | ID of the resource role required |
| RequirementRoleVersion | integer (read-only) | Version of the resource role required |
New objects of this class are constructed with:
new RBAC.Requirement(int ResourceRoleID, int ResourceRoleVersion, int RequirementRoleID, int RequirementRoleVersion)new RBAC::Requirement($ResourceRoleID, $ResourceRoleVersion, $RequirementRoleID, $RequirementRoleVersion)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ResourceRoleID, integer ResourceRoleVersion, integer RequirementRoleID, integer RequirementRoleVersion)The following methods return a list of objects:
GetAll()GetRequirementsOfRole(integer ResourceRoleID, integer ResourceRoleVersion)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| RequirementRole | ResourceRole (read-only) | The resource role that is required. |
| ResourceRole | ResourceRole (read-only) | The resource role this is a requirement for. |
List of resources
| Column | Type | Description |
| ID | autoid (read-only) | ID of the resource |
| DepartmentID | integer (optional) | ID of the department owning this resource; if NULL, available to all departments |
| RootOU | string(128) | The top-most OU to which this resource is available. |
| Name | string(128) | Name of the resource |
| Comment | string(128) | Descriptive comment |
New objects of this class are constructed with:
new RBAC.Resource()new RBAC::Resource()The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ID)LookupByName(string Name)The following methods return a list of objects:
GetAll()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Department | Department | The department owning the resource. |
Resource-role specific details
| Column | Type | Description |
| RoleID | integer (read-only) | ID of the role |
| RoleVersion | integer | All resource roles have a version of 0 |
| ResourceID | integer | ID of the associated resource |
| ManualExecutorID | integer (optional) | ID of the user responsible for manual execution. |
New objects of this class are constructed with:
new RBAC.ResourceRole(int RoleID)new RBAC::ResourceRole($RoleID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer RoleID)The following methods return a list of objects:
GetAll()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Resource | Resource | The resource the role relates to. |
| Role | Role (read-only) | The common role data for the role. |
| ManualExecutor | User | The user responsible for manual execution. |
Details common to both resource roles and compound roles
| Column | Type | Description |
| ID | autoid (read-only) | ID of the role |
| Version | integer (read-only) | Version of the role |
| VersionState | string(1) | Whether a version is current or not -- A for Active, I for Inactive |
| Name | string(128) | Role name |
| Comment | string(255) | A comment |
| RoleType | string(10) | Compound, resource or RBAC |
| ApprovalDeadline | integer | Number of days to wait for approval |
| ExecutionDeadline | integer | Number of days to wait for execution |
New objects of this class are constructed with:
new RBAC.Role(int Version)new RBAC::Role($Version)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ID, integer Version)LookupByNameAndVersion(string Name, integer Version)The following methods return a list of objects:
GetAll()GetActiveRolesForDepartment(integer DepartmentID)GetAllVersions(string Name)GetAllVersionsOfID(integer ID)GetAllActiveRoles()GetByPartialName(string LikeName)GetActiveRolesByResource(integer ResourceID)GetActiveVersionFromID(integer RoleID)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.List of WAR commands to be issued for each resource role
| Column | Type | Description |
| ResourceRoleID | integer (read-only) | ID of the resource role this defines |
| ResourceRoleVersion | integer (read-only) | Version of the resource role this defines |
| WARInstanceID | integer | ID of the WAR instance this command should be run on |
| CommandName | string(128) | Name of the command to be executed |
| ExecutionOrder | integer (read-only) | Order within the command list |
New objects of this class are constructed with:
new RBAC.RoleAction(int ResourceRoleID, int ResourceRoleVersion, int ExecutionOrder)new RBAC::RoleAction($ResourceRoleID, $ResourceRoleVersion, $ExecutionOrder)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ResourceRoleID, integer ResourceRoleVersion, integer ExecutionOrder)The following methods return a list of objects:
GetAll()GetActionsForRole(integer ResourceRoleID, integer ResourceRoleVersion)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| WARInstance | WARInstance | The WAR instance this command should be run on. |
| Command | CommandInfo | The command to be executed. |
| ResourceRole | ResourceRole (read-only) | The resource role this action implements. |
List of role priority groups, defining the role hierarchy.
| Column | Type | Description |
| ID | autoid (read-only) | ID of the priority group |
| Name | string(128) | Name of the priority group |
New objects of this class are constructed with:
new RBAC.RolePriorityGroup()new RBAC::RolePriorityGroup()The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ID)LookupByName(string Name)The following methods return a list of objects:
GetAll()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.List of roles within a priority group.
| Column | Type | Description |
| GroupID | integer (read-only) | ID of the priority group |
| RoleID | integer | ID of the role |
| RoleVersion | integer | Version of the role -- FIXME! |
| Priority | integer (read-only) | Priority of the role within the group |
New objects of this class are constructed with:
new RBAC.RolePriorityList(int GroupID, int Priority)new RBAC::RolePriorityList($GroupID, $Priority)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer GroupID, integer Priority)LookupRoleWithinGroup(integer GroupID, integer RoleID)The following methods return a list of objects:
GetAll()GetGroupsForRole(integer RoleID)GetRolesInGroup(integer GroupID)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Role | Role | |
| Group | RolePriorityGroup (read-only) |
Site-specific configuration parameters.
| Column | Type | Description |
| ParamName | string(128) (read-only) | Name of the parameter. |
| ParamValue | string(128) | Parameter value. |
New objects of this class are constructed with:
new RBAC.SiteParameter(string ParamName)new RBAC::SiteParameter($ParamName)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(string ParamName)The following methods return a list of objects:
GetAll()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.User profile data
| Column | Type | Description |
| UserID | integer (optional, read-only) | ID of the user whose profile this is. NULL for system defaults. |
| PreferredEmailAddress | string(128) (optional) | E-mail address the user would like notifications sent to. |
| DigestNextDue | datetime (optional) | Time the user's notification digest is next due to be sent. |
| DigestInterval | integer | Time, in hours, between digests. 0 = no digesting. |
| RequestorRequested | integer | Notification setting: to requestor when request confirmed |
| RequestorRescinded | integer | Notification setting: to requestor when request rescinded |
| RequestorAuthOverdue | integer | Notification setting: to requestor when authorization overdue |
| RequestorExecOverdue | integer | Notification setting: to requestor when execution overdue |
| RequestorApproved | integer | Notification setting: to requestor when request approved |
| RequestorRejected | integer | Notification setting: to requestor when request rejected |
| RequestorFinished | integer | Notification setting: to requestor when request finished |
| RequestorFailed | integer | Notification setting: to requestor when request failed |
| RequesteeRequested | integer | Notification setting: to requestee when request confirmed |
| RequesteeRescinded | integer | Notification setting: to requestee when request rescinded |
| RequesteeAuthOverdue | integer | Notification setting: to requestee when authorization overdue |
| RequesteeExecOverdue | integer | Notification setting: to requestee when execution overdue |
| RequesteeApproved | integer | Notification setting: to requestee when request approved |
| RequesteeRejected | integer | Notification setting: to requestee when request rejected |
| RequesteeFinished | integer | Notification setting: to requestee when request finished |
| RequesteeFailed | integer | Notification setting: to requestee when request failed |
| AuthorizerRequested | integer | Notification setting: to authorizer when request confirmed |
| AuthorizerRescinded | integer | Notification setting: to authorizer when request rescinded |
| AuthorizerAuthOverdue | integer | Notification setting: to authorizer when authorization overdue |
| AuthorizerExecOverdue | integer | Notification setting: to authorizer when execution overdue |
| ManagerFinished | integer | Notification setting: to resource manager when request finished |
| ManagerFailed | integer | Notification setting: to resource manager when request failed |
| ManagerActionFailed | integer | Notification setting: to resource manager when action failed |
| ExecutorRequired | integer | Notification setting: to manual executor when execution required |
| MetadataActionFailed | integer | Notification setting: to metadata manager when action failed |
New objects of this class are constructed with:
new RBAC.UserProfile(int? UserID)new RBAC::UserProfile($UserID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer UserID)The following methods return a list of objects:
GetAll()GetOverdueForDigest(date/time CurrentTime)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| User | User (read-only) | The user whose profile this is. |
List of roles currently granted to users
| Column | Type | Description |
| UserID | integer (read-only) | ID of the user |
| RoleID | integer (read-only) | ID of the role |
| RoleVersion | integer | Version of the role |
New objects of this class are constructed with:
new RBAC.UserRole(int UserID, int RoleID)new RBAC::UserRole($UserID, $RoleID)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer UserID, integer RoleID)The following methods return a list of objects:
GetAll()GetAllRolesForUser(integer UserID)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Role | Role (read-only) | The role the user has. |
| User | User (read-only) | The user having the role. |
List of users – sourced from Active Directory / Subscriber DB
| Column | Type | Description |
| ID | autoid (read-only) | RBAC User ID |
| Username | string(128) | Username |
| AuthenticationType | string(128) | Authentication type -- RBAC, Active Directory etc. |
| Authentication | string(128) | If using RBAC authentication, a hash of the user's password. If using Active Directory etc. authentication, the relevant data; e.g. account DN. |
| DepartmentID | integer | ID of the user's department |
| BadgeNumber | string(128) | User's badge number from subscriber DB |
| LogonScreen | string(128) | Screen to present after logging on |
New objects of this class are constructed with:
new RBAC.User()new RBAC::User()The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ID)LookupByBadgeNumber(string BadgeNumber)LookupByUsername(string Username)The following methods return a list of objects:
GetAll()GetByDepartmentName(string DepartmentName)GetByDepartment(integer DepartmentID)GetUsersOfResource(integer ResourceID)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Department | Department | The department the user is a member of. |
List of agents available to each WAR instance.
| Column | Type | Description |
| InstanceID | integer (read-only) | ID of the WAR instance owning this agent. |
| Name | string(64) (read-only) | Name of the agent within SEM. |
| FriendlyName | string(128) | Display name for the agent. |
| Comment | string(255) (optional) | Optional comment. |
New objects of this class are constructed with:
new RBAC.WARAgent(int InstanceID, string Name)new RBAC::WARAgent($InstanceID, $Name)The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer InstanceID, string Name)The following methods return a list of objects:
GetAll()GetByName(string Name)Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.| Object | Type | Description |
| Instance | WARInstance (read-only) | The WAR instance this agent is reachable through. |
List of WAR instances RBAC can interface to.
| Column | Type | Description |
| ID | autoid (read-only) | Unique identifier for the instance. |
| Name | string(64) | Display name of the WAR instance. |
| DSN | string(128) | Name of the DSN used to access this instance. |
New objects of this class are constructed with:
new RBAC.WARInstance()new RBAC::WARInstance()The following methods return a single object, or a null reference if the requested object was not found:
Lookup(integer ID)LookupByDSN(string DSN)LookupByName(string Name)The following methods return a list of objects:
GetAll()Other methods:
Save() -- save the object to the database.Delete() -- delete the object from the database.Error() (Perl only) -- get error message from last operation, if any.