· Jan 29, 2018

Custom Operation for make ip address and port read only based on the user role

Is there any possibility to implementing a custom TCP Operation (or any other possible way) which can enable/disable (readonly) the controllers such as ipaddress and port. This need to be done based on the role of the user logged in to the management portal.

Appreciate if anyone can provide sample code around this...

Discussion (8)2
Log in or sign up to continue

You can give user %EnsRole_Operator role:
Role for operation staff managing the day-to-day status of a particular production. Users assigned to this role have the Read permission on the current configuration to determine what settings and code are in effect, but do not have permissions to modify the configuration. Operations staff may start and stop interfaces, and may start and stop the production. They do not have access to the contents of messages, but may resend messages which cause issues. Operators may view queue and job information, and may inspect the settings for purges, alerts, credentials, and lookup tables.

Other approach would be readonly access the tables of the Ens.Config package.

Can you please provide example of OnValidate?

Here's what I tried and it does not work:

Class Test.InboundAdapter Extends Ens.InboundAdapter

/// Stream class to store message body. Leave empty to use strings.
Property BodyClass As %Dictionary.CacheClassname;

Parameter SETTINGS = "BodyClass:Basic";

/// Does not get called.
Method OnValidate(args...)
    merge ^b = args
    quit $$$ERROR($$$GeneralError, "Some error")

/// Runtime only. And $username is always _Ensemble. ##super() is in Ens.Settings
Method AssignOneSetting(pProperty As %String, pValue As %String, pName As %String) As %Status
    set ^c($i(^c)) = $lb(pProperty, pValue, pName, $username)
    quit ##super(pProperty, pValue, pName)


I had a closer look, and it is not actually an "OnValidate" method per se that exists for use,..- but the feature does exist...

You need to create a <setting>IsValid() method. something like this:

 Class qmd.CustomAdapter Extends EnsLib.TCP.InboundAdapter [ ProcedureBlock ]

Parameter SETTINGS = "MyCustomSetting";

Property MyCustomSetting As %Integer;

ClassMethod MyCustomSettingIsValid(%val) As %Status
if %val'?1.n quit $$$ERROR(5001,"My Custom Setting should be an integer.")
Quit $$$OK


Hope this helps.



I've not validate this suggestion by trying this myself yet, just an idea:  I do know that when defining custom settings for an adapter, you are given an OnValidate callback of sorts to validate user input. 

You could put security checks (check if user holds a custom resources) in that method.

You may need to do a simple subclass of your to adapter to implement correctly though.