Options
All
  • Public
  • Public/Protected
  • All
Menu

Enumeration PathPermission

Permissions that are applied on a path

Index

Enumeration members

ACQUIRE_LOCK

ACQUIRE_LOCK: = "ACQUIRE_LOCK"

Acquire a session lock.

EDIT_OWN_TIME_SERIES_EVENTS

EDIT_OWN_TIME_SERIES_EVENTS: = "EDIT_OWN_TIME_SERIES_EVENTS"

Submit edits to time series topic events which have an author which is the same as the principal of the calling session.

This permission is a more restrictive alternative to `EDIT_TIME_SERIES_EVENTS`.

The `UPDATE_TOPIC` permission is required to update a time series topic. This permission is additionally required to submit edits to a time series topic where the event author is the same as the principal of the calling session.

EDIT_TIME_SERIES_EVENTS

EDIT_TIME_SERIES_EVENTS: = "EDIT_TIME_SERIES_EVENTS"

EXPOSE_BRANCH

EXPOSE_BRANCH: = "EXPOSE_BRANCH"

Expose a branch of the topic tree as a virtual session tree.

The EXPOSE_BRANCH path permission is powerful since it allows a session to expose a whole branch of the topic tree under a different set of path permissions.

A session granted EXPOSE_BRANCH for a particular path effectively has the permission for all descendant paths. From a security perspective, if a role grants EXPOSE_BRANCH at branch X it is ineffectual for it also to deny EXPOSE_BRANCH at a child branch X/Y because a branch mapping to X can still expose paths below X/Y.

MODIFY_TOPIC

MODIFY_TOPIC: = "MODIFY_TOPIC"

Add or remove topics

QUERY_OBSOLETE_TIME_SERIES_EVENTS

QUERY_OBSOLETE_TIME_SERIES_EVENTS: = "QUERY_OBSOLETE_TIME_SERIES_EVENTS"

Evaluate queries that return a non-current view of a time series topic.

The `READ_TOPIC` permission is required to evaluate any type of `Query` for a time series topic. This permission is additionally required for queries that potentially return a non-current view of all or part of a time series. Such queries include value range queries that specify an edit range, and all types of edit range query.

READ_TOPIC

READ_TOPIC: = "READ_TOPIC"

Required to receive information from a topic.

If a session does not have read_path permission for a topic, the topic will be excluded from the results of subscription or fetch operations for the session, and the topic's details cannot be retrieved by the session.

SELECT_TOPIC

SELECT_TOPIC: = "SELECT_TOPIC"

Use a topic selector that selects a topic path.

To fetch or subscribe using a topic selector, a session must have SELECT_TOPIC permission for each individual path that the selector may match. This allows SELECT_TOPIC to be granted to a branch of the topic tree and explicitly revoked for specific sub-branches.

For full path pattern topic selectors, the model is even more restrictive: SELECT_TOPIC permission is required for all paths, at and below the path prefix of the selector. This is necessary to prevent circumvention using advanced regular expressions.

When the subscription or fetch request completes, the resulting topics are further filtered based on the PathPermission.READ_TOPIC permission.

A session that has READ_TOPIC but not SELECT_TOPIC for a particular topic path cannot subscribe directly to topics belonging to the path. However, the session can be independently subscribed by a control session that has GlobalPermission.MODIFY_SESSION permission in addition to the appropriate SELECT_TOPIC permission.

since

5.7

SEND_TO_MESSAGE_HANDLER

SEND_TO_MESSAGE_HANDLER: = "SEND_TO_MESSAGE_HANDLER"

Send a message to a handler registered with the server

SEND_TO_SESSION

SEND_TO_SESSION: = "SEND_TO_SESSION"

Send a message another session

UNKNOWN_PATH_PERMISSION

UNKNOWN_PATH_PERMISSION: = "UNKNOWN_PATH_PERMISSION"

A permission that is unsupported by the session

UPDATE_TOPIC

UPDATE_TOPIC: = "UPDATE_TOPIC"

Update topics