Cookies improve the way our website works, by using this website you are agreeing to our use of cookies. For more information see our privacy policy. OK

CRecordUserDbRevokeRightFromRole

Revoke a right from a role in the user database.

This message belongs to the Session Manager API.
The Session Manager is part of the NY_Session2PlugIn plugin. 

{
  "id": "07da6820-ac45-4071-9296-950b17e5dfbd",
  "name": "USER_DB_REVOKE_RIGHT_FROM_ROLE",
  "description": "Remove a right from a role.",
  "slots": [
    {
      "key": "1",
      "name": "ROLE_ID",
      "direction": "REQUEST",
      "mandatory": "true",
      "type": "STRING",
      "description": "The id of the role."
    },
    {
      "key": "2",
      "name": "RIGHT_ID",
      "direction": "REQUEST",
      "mandatory": "true",
      "type": "STRING",
      "description": "The id of the right."
    },
    {
      "key": "3",
      "name": "RIGHT_IDS",
      "direction": "REQUEST",
      "mandatory": "true",
      "type": "STRING_ARRAY",
      "description": "An array of right ids to revoke from a role."
    }
  ]
}

Usage

Sending the request

You need the microservice ID of the session manager: 

public static final IId SESSION_MICROSERVICE_ID = CIdFactory.fromObject("ccf168c1-f18b-4229-85f9-24461a19ee6a");

The own SessionToken is needed to verify the authorization for the change. You need the permission NY_RevokeRight. In addition, the role id and the right id are required. If you want to revoke several rights from the role, you can use the setRightIds() method. 

private void revokeRightFromRole(final byte[] aToken,
                                 @NotNull final String aRoleId,
                                 @NotNull final String aRight) throws CException
{
    final CEnvelope env = CEnvelope.forMicroService(SESSION_MICROSERVICE_ID);
    env.setSessionToken(aToken);

    final CRecord record = CRecordUserDbRevokeRightFromRole.create();
    CRecordUserDbRevokeRightFromRole.setRoleId(record,
                                               aRoleId);
    CRecordUserDbRevokeRightFromRole.setRightId(record,
                                                aRight);
    sendRequest(env,
                record);
}

Dealing with the response

To catch the response of the request, we need a message handler. We add it in the constructor of the message handler registry. 

// constructor:
addMessageHandler(CRecordUserDbRevokeRightFromRole.ID,
                  this::asyncRevokeRightFromRole);

private boolean asyncRevokeRightFromRole(@NotNull final CEnvelope aEnvelope,
                                         @NotNull final CRecord aRecord)
{
    if (aEnvelope.isAnswer())
    {
        final int resultCode = aEnvelope.getResultCode();
        if (resultCode == CResultCode.SUCCESS)
        {
            // ...
        }
        return true;
    }
    return false;
}