Sun Java System Calendar Server 6 2005Q4 Developer's Guide

API: csIAccessControl

Implement the methods in this interface to augment or override the default access control behavior of Calendar Server.

Methods

The csIAccessControl interface implements two methods:

Method: CheckAccess	Sets access control criteria for users.
Method: Init	Confirms that the interface was found and registered.

Description

Defines the types of access allowed. You must set the return code to specify whether you are using the default access control or overriding the default.

Method: CheckAccess

Purpose

Sets users’ calendar access.

Syntax

PRUint32 CheckAccess (char* aUser, 
                      char* aCalid, 
                      PRInt32 *aAccessRequest, 
                      PRInt32 *aAccessAllowed, 
                      PRInt32 *aReturnCode)=0;

Parameters

The method has the following five parameters:

`aUser`	The authenticated user making the request. For anonymous access, `pUserID` is “anonymous”.
`aCalid`	`calid` for the calendar being accessed.
`aAccessRequest`	A set of bit flags representing the requested access type.
`aAccessAllowed`	Output parameter. A set of bit flags representing the allowed accesses. The method checks only the bits specified in aAccessRequest.
`aReturnCode`	On return, contains a constant that determines whether the server should continue with the default authentication procedure. One of the following constants: `NS_CONTINUE_DEFAULT_PROCESSING` `NS_OVERRIDE_DEFAULT_PROCESSING`

Returns

NS_OK on success. A non-zero error code on failure.

Description

Use this method to request access types for this user. You send in the name of the user in the aUser parameter, and the access types requested in the aAccessRequest parameter (bitmask). The system checks for only those access types specified in the aAccessRequest bitmask. The returned bitmask, aAccessAllowed, represents the user’s allowed access for the types you requested.

For anonymous access, the user ID is “anonymous”.

ICS_ACCESSTYPE constants (bitmaps) that define available access types are as follows:

Access Types	Bitmaps
`ICS_ACCESSTYPE_NONE`	`0x00000000`
`ICS_ACCESSTYPE_READCOMPONENT`	`0x00000001`
`ICS_ACCESSTYPE_WRITECOMPONENT`	`0x00000002`
`ICS_ACCESSTYPE_CREATECOMPONENT`	`0x00000008`
`ICS_ACCESSTYPE_DELETECOMPONENT`	`0x00000010`
`ICS_ACCESSTYPE_READCALENDAR`	`0x00000020`
`ICS_ACCESSTYPE_WRITECALENDAR`	`0x00000040`
`ICS_ACCESSTYPE_CREATECALENDAR`	`0x00000080`
`ICS_ACCESSTYPE_DELETECALENDAR`	`0x00000100`
`ICS_ACCESSTYPE_SCHEDULE`	`0x00000200`
`ICS_ACCESSTYPE_FREEBUSY`	`0x00000400`
`ICS_ACCESSTYPE_SELF_ADMIN`	`0x00000800`
`ICS_ACCESSTYPE_ALL`	`0xFFFFFFFF`

Use this method to specify your own access control procedure. You can augment the native access control mechanism, performing your own processing first, then continuing with the default process, or you can completely replace the native access control mechanism.

Method: Init

Purpose

Confirms that the interface has been registered, and provides a reference to the server.

Syntax

PRUint32 Init (nsISupports *a Server)=0;

Parameters

The method has the following parameter:

aServer

On return, this location contains a reference to the server with which the module is registered.

Returns

NS_OK on success. A non-zero error code on failure.

Description

The server calls this method, after finding and registering the interface on module load, to confirm that the operation was successful. You can use the pointer returned in aServer to make calls out to the server.