The IPermission type exposes the following members.

ToggleProperties

Type NameDescription
Public propertyClassDescription
The ClassDescription object containing the property metadata for the EngineObject.
(Inherited from IEngineObject.)
Public propertyGranteeName
The distinguished name (DN) or short name of the user or group to whom an access permission is granted.
Public propertyGranteeType
Specifies whether a group or a user is being granted a permission.
Public propertyInheritableDepth
The maximum depth to which a permission (ACE) can be inherited. As the ACE gets inherited from a security parent, the value is decremented. Example values are as follows:
  • 0 - No inheritance (this object only).
  • 1 - This object and immediate children only.
  • -1 - This object and all children (infinite levels deep).
  • -2 - All children (infinite levels deep) but not this object.
  • -3 - Immediate children only; not this object.

A value of -2, -3, and less is only allowed on an ACE that is not inherited (that is, the PermissionSource value is SOURCE_DIRECT, SOURCE_DEFAULT, or SOURCE_TEMPLATE) and can be useful because that InheritableDepth value prevents the permission from affecting the security parent object itself. For instance, if the permission gave a user the DELETE right and the InheritableDepth value was -2, then the user would be able to delete security children objects that inherited that permission, but would not be able to delete the security parent object itself.

If the permission has been inherited (PermissionSource.SOURCE_PARENT), then the InheritableDepth value will always be 0, -1, 1, or other positive value greater than 1. The value will never be -2, -3, or other negative value less than -3.

For more information about inheritable depth values, see Security Inheritance.

Public propertyPermissionSource
Indicates the source of the given permission.

The source of access rights can be:

  • a security template
  • inheritance from a parent object
  • default access rights from the class from which the object was instantiated
  • direct application (that is, through programmatically setting permissions with a method call)
  • permissions originating from a security proxy
Public propertyProperties
The IProperties collection of properties for the EngineObject.
(Inherited from IEngineObject.)

ToggleSee Also