Authorisation Interface

script cauth.cpl

interface Auth

COM progId Carapace.Auth

script	`cauth.cpl`
interface	`Auth`
COM progId	`Carapace.Auth`

The Carapace audit holds authorisation information for users. The Auth interface provides access to this information.

Auth Creation

An Admin is created by using the create function eg.

    (create Auth db)

where db is an Db object.

Auth Methods

The Auth interface has the following methods:

authorised check if the user is authorised to take on the supplied role

authorisedAux check if the user is authorised to take on the supplied role -- the check is made using selected characters from the user's password

canAccess check if the user can access the supplied resources

resourcesForRole return the list of resources which the supplied role is authorised access

roles return the list of configured roles

digits return a list of randomly chosen integers for checking those digits of a user's password

securityString convert a list of digits into a security string

securityDigits convert a security string into a list of digits

`authorised`

Check if the user is authorised to take on the supplied role. The list of resources which the user can access is returned.

Authentication failure is indicated by returning the empty list.

Arguments:

user String

password String

role String

Return type: List

`authorisedAux`

Check if the user is authorised to take on the supplied role -- the check is made using selected characters from the user's password. The list of resources which the user can access is returned.

The supplied list of digits indicates the letters of the password supplied. For example,

    (1 2 4)

indicates the supplied password fragment contains the 1st, 2nd and 4th letter of the user's password.

Authentication failure is indicated by returning the empty list.

Arguments:

user String

passwordFragment String

digits List

role String

Return type: List

`canAccess`

Check if the user can access the supplied resource when logged on with the supplied role.

Arguments:

user String

role String

resource String

Return type: Object

`resourcesForRole`

Return the list of resources which the supplied role is authorised access.

Arguments:

role String

Return type: List

`roles`

Return the list of configured roles.

Arguments: none

Return type: Object

`digits`

Return a list of randomly chosen integers for checking those digits of a user's password.

Arguments:

nRequired Integer

Return type: List

`securityString`

Convert a list of digits into a security string. For example the list

    (1 2 5)

is converted into the string

    "1st, 2nd and 5th"

to indicate the password characters required.

Arguments:

digits List

Return type: String

`securityDigits`

Convert a security string into a list of digits. For example the string

    "1st, 2nd and 5th"

is converted into the list

    (1 2 5)

to indicate the password characters required.

Arguments:

security Stirng

Return type: List

Contents Index Current topic: audit Related topics: databases

`authorised`	check if the user is authorised to take on the supplied role
`authorisedAux`	check if the user is authorised to take on the supplied role -- the check is made using selected characters from the user's password
`canAccess`	check if the user can access the supplied resources
`resourcesForRole`	return the list of resources which the supplied role is authorised access
`roles`	return the list of configured roles
`digits`	return a list of randomly chosen integers for checking those digits of a user's password
`securityString`	convert a list of digits into a security string
`securityDigits`	convert a security string into a list of digits

user	`String`
passwordFragment	`String`
digits	`List`
role	`String`