Resources | developer.brewmp.com Resources | developer.brewmp.com

Developer

resources

Example - ACLs

This example is from the pim_efdbdevice.cif, which specifies the privileges required to access the PIM Contacts database.

The CIF includes the following files that define constants used in the ACL primitives:

include "pim_CEFSDBDevice.h"
include "pim_EFSDBDeviceService.bid"
include "efsdbpriv.h"
include "AEEPLPrivs.bid"
include "pim_ContactStore.bid"
include "version.cif

The CIF contains two ACL grants, one for both read and write access, and the other for read-only access:

-- Allow R/W access to our internal database file(s)
-- Direct clients of EFSDBDevice shall hold the pim_AEECLSID_CEFSDBDevice priv
-- while clients of IAddrBookShim will hold AEEPRIVID_PLAddrBook and 
-- clients of pim_ContactStore will hold pim_AEEPRIVID_ContactStore_Write
FS_ACL_Grant {
   {
      groups = {pim_AEECLSID_CEFSDBDevice, AEEPRIVID_PLAddrBook,
                    pim_AEEPRIVID_ContactStore_Write}, 
      perms = "r/rw"
   },
   path = "/"
}

-- Allow read-only access to our internal database file(s)
-- Direct clients of EFSDBDevice shall hold the pim_AEEPRIVID_PEFSDBDevice_ReadOnly
-- while clients of pim_ContactStore will hold pim_AEECLSID_ContactStore
FS_ACL_Grant {
   {
      groups = {pim_AEEPRIVID_PEFSDBDevice_ReadOnly, pim_AEECLSID_ContactStore}, 
      perms = "r/r"
   },
   path = "/"
}