Previous Topic: authorize- Command—Remove Access Authorities from a ResourceNext Topic: checklogin Command—Determine Login Information


check Command—Determine a User's Access Authority

Valid in the AC environment

Use the check command to determine if a user has access privileges to a particular resource. The command checks access according to the resource's ACL and default access property. However, it does not support PACLs; that is, it does not indicate whether the user can access a resource using a specific program.

Note: This command is not available when seos is down. For more information about PACLs, see the Endpoint Administration Guide for your OS.

To use this command you must have sufficient authority over the resource, as defined by any of the following conditions:

This command has the following format:

check className resourceName uid(userName) access(authority)
access(authority)

Defines the access authority to be checked for the accessor identified by the uid parameter.

Valid values depend on the resource being checked.

className

Defines the name of the class to which resourceName belongs.

resourceName

Defines the name of the resource record.

uid(userName)

Defines the name of the CA ControlMinder user whose authority to access resourceName is to be verified.

Example: Determine whether a user has access to a resource

To determine whether user Alain has write access to the resource testfile of class file, enter the following command:

check FILE /testfile uid(Alain) access(w)

The following sample output of this command indicates that user Alain has write access to the defined file because Alain is the resource's owner:

Access to FILE /testfile GRANTED
Stage: Resource OWNER check

More information:

Access Authority by Class