Options
All
  • Public
  • Public/Protected
  • All
Menu

Namespace Security

Index

References

Interfaces

Type Aliases

Variables

Functions

References

Re-exports PermissionRoles
Re-exports PermissionTypes

Type Aliases

FolderType: { activeModules: string[]; defaultModule: string; description: string; label: string; name: string; preferredWebParts: FolderTypeWebParts[]; requiredWebParts: FolderTypeWebParts[]; workbookType: boolean }

Type declaration

  • activeModules: string[]

    Array of module names that are automatically active for this folder type

  • defaultModule: string

    Name of the module that provides the home screen for this folder type

  • description: string

    Short description of the folder type

  • label: string

    Name that's shown to the user for this folder type

  • name: string

    Cross-version stable name of the folder type

  • preferredWebParts: FolderTypeWebParts[]

    Array of web parts that are part of this folder type but may be removed

  • requiredWebParts: FolderTypeWebParts[]

    Array of web parts that are part of this folder type and cannot be removed

  • workbookType: boolean

    Indicates if this is specifically intended to use as a workbook type

FolderTypeWebParts: { name: string; properties: Record<string, any> }

Type declaration

  • name: string

    Name of the web part

  • properties: Record<string, any>

    Map of properties that are automatically set

GetFolderTypesResponse: {}

Type declaration

GetModulesModules: { active: boolean; enabled: boolean; name: string; requireSitePermission: boolean; required: boolean; tabName: string }

Type declaration

  • active: boolean

    whether this module should be active for this container

  • enabled: boolean

    whether this module should be enabled by default for this container

  • name: string

    Name of the module

  • requireSitePermission: boolean

    Indicates if this module requires site permission

  • required: boolean

    Whether this module is required in the folder type specified above

  • tabName: string

    name of the tab associated with this module

Variables

currentContainer: Partial<Container> = ...

Exposes limited information about the current container.

currentUser: Partial<UserWithPermissions> = ...

Exposes limited information about the current user.

effectivePermissions: { admin: PermissionTypes; del: PermissionTypes; insert: PermissionTypes; read: PermissionTypes; readOwn: PermissionTypes; update: PermissionTypes } = ...

A map of commonly used effective permissions supported in the LabKey Server. You can use these values with the hasEffectivePermission() method to test if a user or group has a particular permission. The values in this map are as follows:

  • read
  • insert
  • update
  • del
  • readOwn
deprecated

Use PermissionTypes instead. For example, to refer to the update permission, the syntax would be:

LABKEY.Security.effectivePermissions.update
permissions: { admin: number; all: number; del: number; deleteOwn: number; insert: number; read: number; readOwn: number; update: number; updateOwn: number } = ...

A map of the various permission bits supported in the LabKey Server. You can use these values with the hasPermission() method to test if a user or group has a particular permission. The values in this map are as follows:

  • read
  • insert
  • update
  • del
  • readOwn
  • updateOwn
  • deleteOwn
  • all
For example, to refer to the update permission, the syntax would be:
LABKEY.Security.permissions.update

Type declaration

  • admin: number
  • all: number
  • del: number
  • deleteOwn: number
  • insert: number
  • read: number
  • readOwn: number
  • update: number
  • updateOwn: number
roles: {} = ...

A map of the various permission roles exposed in the user interface. The members are as follows:

  • admin
  • editor
  • author
  • reader
  • restrictedReader
  • noPerms
For example, to refer to the author role, the syntax would be:
LABKEY.Security.roles.author

Type declaration

  • [key: string]: number
systemGroups: { administrators: number; developers: number; guests: number; users: number } = ...

A map of the special system group ids. These ids are assigned by the system at initial startup and are constant across installations. The values in this map are as follows:

  • administrators
  • users
  • guests
  • developers
For example, to refer to the administrators group, the syntax would be:
LABKEY.Security.systemGroups.administrators

Type declaration

  • administrators: number
  • developers: number
  • guests: number
  • users: number

Functions

  • Adds a new member to an existing group.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Creates a new container, which may be a project, folder, or workbook.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Creates a new group. The new group will be created at the project level when the current container is a folder or project, or will be created at the system level if the current container is the root.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Creates a new user account. To create more than one account, provide a semicolon separated list of email addresses. If all of the provided email addresses are valid, new accounts will be created for any email addresses that are not already registered users. Already existing accounts will still result in a call to the success handler with a message indicating that the user account already exists. If multiple accounts are being created and one or more result in an error but there was at least on successful account creation, the success handler will be called with the "users" information along with an array of "htmlErrors".

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Deletes an existing container, which may be a project, folder, or workbook.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Deletes a group.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Deletes the security policy for the requested resource id. This will cause resource to inherit its security policy from its parent resource.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Ensures that the current user is logged in.

    Note that if the current user is already logged in, the success function will be called immediately, passing the current user information from {@link LABKEY.Security.currentUser}.

    Parameters

    Returns XMLHttpRequest | void

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Returns information about the specified container, including the user's current permissions within that container. If the includeSubfolders config option is set to true, it will also return information about all descendants the user is allowed to see.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Retrieves the full set of folder types that are available on the server.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Get the effective permissions for all groups within the container, optionally recursing down the container hierarchy.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • getHomeContainer(): string
  • Returns the name of the home container, which is automatically created when your server is set up. It is usually 'home'

    Returns string

    The name of the home container automatically created on this server.

  • Retrieves the full set of modules that are installed on the server.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Retrieves the security policy for the requested resource id. Note that this will return the policy in effect for this resource, which might be the policy from a parent resource if there is no explicit policy set on the requested resource. Use the isInherited method on the returned policy object to determine if the policy is inherited or not. Note that the securable resource must be within the current container, or one of its descendants.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • getRole(perms: number): string
  • Returns the name of the security role represented by the permissions passed as 'perms'. The return value will be the name of a property in the LABKEY.Security.roles map. This is a local function, and does not make a call to the server.

    deprecated

    Do not use this anymore. Use the roles array in the various responses and the getRoles() method to obtain extra information about each role.

    Parameters

    • perms: number

      The permissions set

    Returns string

  • Returns the complete set of roles defined on the server, along with the permissions each role grants.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • EXPERIMENTAL! gets permissions for a set of tables within the study schema. Currently only study tables have individual permissions so only works on the study schema

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Returns the tree of securable resources from the current container downward.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • getSharedContainer(): string
  • Returns the name of the shared container, which is automatically created when your server is setup. It is usually 'Shared'

    Returns string

    The name of the shared container automatically created on this server.

  • Returns information about a user's permissions within a container. If an user id is not specified, then this will return information about the current user.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Returns a list of users given selection criteria. This may be called by any logged-in user.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Retrieves the set of users that have all of a specified set of permissions. A group may be provided and only users within that group will be returned. A name (prefix) may be provided and only users whose email or display name starts with the prefix will be returned. This will not return any deactivated users (since they do not have permissions of any sort).

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • hasEffectivePermission(effectivePermissions: string[], desiredPermission: string): boolean
  • Returns true if the permission passed in 'desiredPermission' is in the permissions array passed as 'effectivePermissions'. This is a local function and does not make a call to the server.

    Parameters

    • effectivePermissions: string[]

      The permission set, typically retrieved for a given user or group.

    • desiredPermission: string

      A specific permission bit to check for.

    Returns boolean

  • hasPermission(perms: number, perm: number): number
  • Returns 1 if the permission passed in 'perm' is on in the permissions set passed as 'perms'. This is a local function and does not make a call to the server.

    Parameters

    • perms: number

      The permission set, typically retrieved for a given user or group.

    • perm: number

      A specific permission bit to check for.

    Returns number

  • Removes a member from an existing group.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Renames a group.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

  • Saves the supplied security policy. This method will completely overwrite the existing policy for the resource. If another user has changed the policy in between the time it was selected and this method is called, the save will fail with an optimistic concurrency exception. To force your policy over the other, call the setModified() method on the policy passing null.

    Parameters

    Returns XMLHttpRequest

    In client-side scripts, this method will return a transaction id for the async request that can be used to cancel the request. In server-side scripts, this method will return the JSON response object (first parameter of the success or failure callbacks.)

Generated using TypeDoc