Index Index for
Section 3
Index Alphabetical
listing for D
Bottom of page Bottom of
page		 

DL_GetDbAcl(3)


NAME

  DL_GetDbAcl, CSSM_DL_GetDbAcl - Get ACL description (CDSA)


SYNOPSIS

  # include <cdsa/cssm.h>

       API:
       CSSM_RETURN CSSMAPI CSSM_DL_GetDbAcl
       (CSSM_DL_DB_HANDLE DLDBHandle,
       const CSSM_STRING *SelectionTag,
       uint32 *NumberOfAclInfos,
       CSSM_ACL_ENTRY_INFO_PTR *AclInfos)
       SPI:
       CSSM_RETURN CSSMDLI DL_GetDbAcl
       (CSSM_DL_DB_HANDLE DLDBHandle,
       const CSSM_STRING *SelectionTag,
       uint32 *NumberOfAclInfos,
       CSSM_ACL_ENTRY_INFO_PTR *AclInfos)


LIBRARY

  Common Security Services Manager library (libcssm.so)


PARAMETERS

  DLDBHandle (input)
	  The handle pair that identifies the Data Storage service provider
	  to perform this operation and the target data store whose
	  associated ACL entries are scanned and returned.

  SelectionTag (input/optional)
	  A CSSM_STRING value matching the user-defined tag value associated
	  with one or more ACL entries for the target data base. To retrieve
	  a description of all ACL entries for the target data base, this
	  parameter must be NULL.

  NumberOfAclInfos (output)
	  The number of entries in the AclInfos array. If no ACL entry
	  descriptions are returned, this value is zero.

  AclInfos (output)
	  An array of CSSM_ACL_ENTRY_INFO structures. The unique handle
	  contained in each structure can be used during the current attach
	  session to reference the ACL entry for editing. The structure is
	  allocated by the service provider and must be released by the
	  caller when the structure is no longer needed. If no ACL entry
	  descriptions are returned, this value is NULL.


DESCRIPTION

  This function returns a description of zero or more ACL entries managed by
  the data storage service provider module and associated with the target
  database identified by DLDBHandle.DBHandle. The optional input SelectionTag
  restricts the returned descriptions to those ACL entries with a matching
  EntryTag value. If a SelectionTag value is specified and no matches are
  found, zero descriptions are returned. If no SelectionTag is specified, a
  description of all ACL entries associated with the target data base are
  returned by this function.

  Each AclInfo structure contains:

    ·  Public contents of an ACL entry

    ·  ACL EntryHandle, which is a unique value defined and managed by the
       service provider

  The public ACL entry information returned by this function includes:

  The subject type
	  A CSSM_LIST structure containing one element identifying the type
	  of subject stored in the ACL entry.

  Delegation flag
	  A CSSM_BOOL value indicating whether the subject can delegate the
	  permissions recorded in Authorization

  Authorization array
	  A CSSM_AUTHORIZATIONGROUP structure defining the set of operations
	  for which permission is granted to the Subject.

  Validity period
	  A CSSM_ACL_VALIDITY_PERIOD structure containing two elements, the
	  start time and the stop time for which the ACL entry is valid.

  ACL entry tag
	  A CSSM_STRING containing a user-defined value associated with the
	  ACL entry.


RETURN VALUE

  A CSSM_RETURN value indicating success or specifying a particular error
  condition. The value CSSM_OK indicates success. All other values represent
  an error condition.


ERRORS

  Errors are described in the CDSA technical standard.	See CDSA_intro(3).

       CSSMERR_DL_INVALID_DB_HANDLE


SEE ALSO

  Books

  Intel CDSA Application Developer's Guide (see CDSA_intro(3))

  Reference Pages

  Functions for the CSSM API:

  CSSM_DL_ChangeDbAcl(3)

  Functions for the DL SPI:

  DL_ChangeDbAcl(3)

Index Index for
Section 3
Index Alphabetical
listing for D
Top of page Top of
page