Skip to content

Permissions

Purpose

A collection of methods to check permissions from a given permissions set

Methods

Binding name: p6.permissions

hasPermissions

Checks if the action on the feature is allowed for the given permissions on the current instance.

Syntax

boolean p6.permissions.hasPermissions(String permissions, String feature, String action)
Example 
println p6.permissions.hasPermissions("instance:feature=action", "feature", "action")

hasPermissionsUsingPipelineRequest

Will retrieve the permissions from the pipeline reading the platform6.request.user.permissions entry and check if the action on the feature is allowed for the permissions on the current instance.

Syntax

boolean p6.permissions.hasPermissionsUsingPipelineRequest(String feature, String action)
Example 
println p6.permissions.hasPermissionsUsingPipelineRequest("scripts", "read")

hasAnyPermissions

Checks if the any of the actions is allowed for the given permissions on the current instance.

Syntax

boolean p6.permissions.hasAnyPermissions(String permissions, List[String] actions)
Example 
println p6.permissions.hasAnyPermissions("instance:feature=action", "otherFeature=action", "feature=action")

hasAnyPermissionsUsingPipelineRequest

Will retrieve the permissions from the pipeline reading the platform6.request.user.permissions entry and check if any action is allowed for the permissions on the current instance.

Syntax

boolean p6.permissions.hasAnyPermissionsUsingPipelineRequest(List[String] actions)
Example 
println p6.permissions.hasAnyPermissionsUsingPipelineRequest("scripts=edit", "scripts=delete")

appUpsert

Creates or overwrites a permission set for this instance using the given name and current application key (appKey):

  • [appKey].[name]

For example O2C.approver

Syntax

Tuple2<Boolean,String> p6.permissions.appUpsert(String name, String description, String... perms)

The given permissions (perms) are expressed as an array of name=value pairs

All parameters are mandatory

Returns true,"ok" if successful else false,"Error Message"

Note

This method can only be used from an application install script. The Current Logged in User requires the permsets=install permission to perform this function.

Warning

If you try calling this method or any of the other App Install/Uninstall methods for testing purposes you will get the error: This method can only be called from an application install script! To bypass this security check simply pass the app key in a pipeline variable called install.script.appkey as shown below:

install pipeline variable

Note

The appUpsert, appUninstall and appRemove DSL methods use the Currently Logged In User permissions for execution. This is unique to this DSL as the permissions to allow modification of application permissions pose a greater security risk if they are permissions associated with the instance Integration

Example 
println p6.permissions.appUpsert("approver", "Invoice Approver", "transactions=view", "transactions=allow('Work Items'('Assignee'='%USER.EMAIL%'))")

appUninstall

Remove all permissions sets previously created using the above appUpsert() method for the current application If users have been assigned these permission set(s), each user is modified to remove the permission set association before the permission set is removed.

Syntax

Tuple2<Boolean,String>  p6.permissions.appUninstall()

Returns true,"ok" if successful else false,"Error Message"

Note

This method can only be used from an application uninstall script. The Current Logged in User requires the permsets=install as well as users=edit/update permissions to perform this function.

Example 
println p6.permissions.appUninstall()

appRemove

Remove a single permissions set using the supplied name assuming it was previously created using the above appUpsert() method for the current application. If users have been assigned this permission set, each user is modified to remove this permission set association before the permission set is removed.

Syntax

Tuple2<Boolean,String> p6.permissions.appRemove(String name)

Returns true,"ok" if successful else false,"Error Message"

Note

This method can only be used from an application uninstall script. The Current Logged in User requires the permsets=install as well as users=edit/update permissions to perform this function.

Example 
println p6.permissions.appRemove("approver")

appUpsertEx

This is the same functionality as appUpsert() above, however, if an error occurs an exception is thrown

Syntax

void p6.permissions.appUpsertEx(String name, String description, String... perms) throws P6Exception
Example 
p6.permissions.appUpsertEx("approver", "Invoice Approver", "transactions=view", "transactions=allow('Work Items'('Assignee'='%USER.EMAIL%'))")

appUninstallEx

This is the same functionality as appUninstall() above, however, if an error occurs an exception is thrown

Syntax

void p6.permissions.appUninstallEx() throws P6Exception
Example 
p6.permissions.appUninstallEx()

appRemoveEx

This is the same functionality as appRemove() above, however, if an error occurs an exception is thrown

Syntax

void p6.permissions.appRemoveEx(String name) throws P6Exception
Example 
p6.permissions.appRemoveEx("approver")