eimListUserAccess()--List EIM
User Access
Syntax
#include <eim.h>
int eimListUserAccess(EimHandle * eim,
EimAccessUser * accessUser,
unsigned int lengthOfListData,
EimList * listData,
EimRC * eimrc)
Service Program Name: QSYS/QSYEIM
Default Public Authority: *USE
Threadsafe: Yes
The eimListUserAccess() function lists the access groups of
which this user is a member.
Authorities and Locks
- EIM Data
- Access to EIM data is controlled by EIM access groups. LDAP administrators
also have access to EIM data. The access groups whose members have authority to
the EIM data for this API follow:
The list returned contains only the information that the user has authority
to access.
Parameters
- eim (Input)
- The EIM handle returned by a previous call to eimCreateHandle(). A valid
connection is required for this function.
- accessUser (Input)
- A structure that contains the user information for which to retrieve
access.
| EIM_ACCESS_LOCAL_USER |
Indicates a local user name on the system that the API
is run. The local user name will be converted to the appropriate access id for
this system. |
| EIM_ACCESS_KERBEROS |
Indicates a kerberos principal. The kerberos principal
will be converted to the appropriate access id. For example, petejones@therealm
will be converted to ibm-kn=petejones@threalm. |
The EimAccessUser structure layout follows:
enum EimAccessUserType {
EIM_ACCESS_DN,
EIM_ACCESS_KERBEROS,
EIM_ACCESS_LOCAL_USER
};
typedef struct EimAccessUser
{
union {
char * dn;
char * kerberosPrincipal;
char * localUser;
} user;
enum EimAccessUserType userType;
} EimAccessUser;
- lengthOfListData (Input)
- The number of bytes provided by the caller for the listData
parameter. The minimum size required is 20 bytes.
- listData (Output)
- A pointer to the EimList structure.
The EimList structure contains information about the returned data. The API
will return as much data as space has been provided. The data returned is a
linked list of EimUserAccess structures. firstEntry is used to get to the first
EimUserAccess structure in the linked list.
EimList structure:
typedef struct EimList
{
unsigned int bytesReturned; /* Number of bytes actually returned
by the API. */
unsigned int bytesAvailable; /* Number of bytes of available data
that could have been returned by
the API. */
unsigned int entriesReturned; /* Number of entries actually
returned by the API. */
unsigned int entriesAvailable; /* Number of entries available to be
returned by the API. */
unsigned int firstEntry; /* Displacement to the first linked
list entry. This byte offset is
relative to the start of the
EimList structure. */
} EimList;
EimUserAccess structure:
typedef struct EimUserAccess
{
unsigned int nextEntry; /* Displacement to next entry. This
byte offset is relative to the
start of this structure. */
enum EimAccessIndicator eimAdmin;
enum EimAccessIndicator eimRegAdmin;
enum EimAccessIndicator eimIdenAdmin;
enum EimAccessIndicator eimMappingLookup;
EimSubList registries; /* EimRegistryName sublist */
enum EimAccessIndicator eimCredentialData;
} EimUserAccess;
The registries EimSubList gives addressability to a linked list of
EimRegistryName structures.
EimRegistryName structure:
typedef struct EimRegistryName
{
unsigned int nextEntry; /* Displacement to next entry. This
byte offset is relative to the
start of this structure. */
EimListData name; /* Name */
} EimRegistryName;
EimSubList structure:
typedef struct EimSubList
{
unsigned int listNum; /* Number of entries in the list */
unsigned int disp; /* Displacement to sublist. This
byte offset is relative to the
start of the parent structure;
that is, the structure containing
this structure. */
} EimSubList;
EimListData structure:
typedef struct EimListData
{
unsigned int length; /* Length of data */
unsigned int disp; /* Displacement to data. This byte
offset is relative to the start of
the parent structure; that is, the
structure containing this
structure. */
} EimListData;
- eimrc (Input)
- The structure in which to return error code information. If the return
value is not 0, eimrc is set with additional information. This parameter may be
NULL. For the format of the structure, see EimRC--EIM
Return Code Parameter.
Return Value
The return value from the API. Following each return value is the list of
possible values for the messageCatalogMessageID field in the
eimrc parameter for that value.
- 0
- Request was successful.
- EACCES
- Access denied. Not enough permissions to access data.
| EIMERR_ACCESS (1) |
Insufficient access to EIM data. |
- EBADDATA
- eimrc is not valid.
- EBUSY
- Unable to allocate internal system object.
| EIMERR_NOLOCK (26) |
Unable to allocate internal system object. |
- ECONVERT
- Data conversion error.
| EIMERR_DATA_CONVERSION (13) |
Error occurred when converting data between code
pages. |
- EINVAL
- Input parameter was not valid.
| EIMERR_ACCESS_USERTYPE_INVAL
(3) |
Access user type is not valid. |
| EIMERR_EIMLIST_SIZE (16) |
Length of EimList is not valid. EimList must be
at least 20 bytes in length. |
| EIMERR_HANDLE_INVAL (17) |
EimHandle is not valid. |
| EIMERR_PARM_REQ (34) |
Missing required parameter. Please check API
documentation. |
| EIMERR_PTR_INVAL (35) |
Pointer parameter is not valid. |
| EIMERR_SPACE (41) |
Unexpected error accessing parameter. |
- ENOMEM
- Unable to allocate required space.
| EIMERR_NOMEM (27) |
No memory available. Unable to allocate required
space. |
- ENOTCONN
- LDAP connection has not been made.
| EIMERR_NOT_CONN (31) |
Not connected to LDAP. Use eimConnect() API and
try the request again. |
- EUNKNOWN
- Unexpected exception.
| EIMERR_LDAP_ERR (23) |
Unexpected LDAP error. %s |
| EIMERR_UNKNOWN (44) |
Unknown error or unknown system state. |
Related Information
Example
See Code disclaimer information
for information pertaining to code examples.
The following example lists all registries found.
#include <eim.h>
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
void printListResults(EimList * list);
void printSubListData(char * fieldName,
void * entry,
int offset);
void printListData(char * fieldName,
void * entry,
int offset);
int main(int argc, char *argv[])
{
int rc;
char eimerr[100];
EimRC * err;
EimHandle * handle;
EimAccessUser user;
char listData[5000];
EimList * list = (EimList * ) listData;
/* Get eim handle from input arg. */
/* This handle is already connected to EIM. */
handle = (EimHandle *)argv[1];
/* Set up error structure. */
memset(eimerr,0x00,100);
err = (EimRC *)eimerr;
err->memoryProvidedByCaller = 100;
/* Set up access user information */
user.userType = EIM_ACCESS_DN;
user.user.dn="cn=pete,o=ibm,c=us";
/* Get user accesses */
if (0 != (rc = eimListUserAccess(handle,
&user,
5000,
list,
err)))
{
printf("List user access error = %d", rc);
return -1;
}
/* Print the results */
printListResults(list);
return 0;
}
void printListResults(EimList * list)
{
int i;
EimUserAccess * entry;
EimListData * listData;
EimRegistryName * registry;
printf("___________\n");
printf(" bytesReturned = %d\n", list->bytesReturned);
printf(" bytesAvailable = %d\n", list->bytesAvailable);
printf(" entriesReturned = %d\n", list->entriesReturned);
printf(" entriesAvailable = %d\n", list->entriesAvailable);
printf("\n");
if (list->entriesReturned > 1)
printf("Unexpected number of entries returned.\n");
entry = (EimUserAccess *)((char *)list + list->firstEntry);
if (EIM_ACCESS_YES == entry->eimAdmin)
printf(" EIM Admin.\n");
if (EIM_ACCESS_YES == entry->eimRegAdmin)
printf(" EIM Reg Admin.\n");
if (EIM_ACCESS_YES == entry->eimIdenAdmin)
printf(" EIM Iden Admin.\n");
if (EIM_ACCESS_YES == entry->eimMappingLookup)
printf(" EIM Mapping Lookup.\n");
if (EIM_ACCESS_YES == entry->eimCredentialData)
printf(" EIM Credential Data.\n");
printf(" Registries:\n");
printSubListData("Registry names",
entry,
offsetof(EimUserAccess, registries));
printf("\n");
}
void printSubListData(char * fieldName,
void * entry,
int offset)
{
int i;
EimSubList * subList;
EimRegistryName * subentry;
/* Address the EimSubList object */
subList = (EimSubList *)((char *)entry + offset);
if (subList->listNum > 0)
{
subentry = (EimRegistryName *)((char *)entry + subList->disp);
for (i = 0; i < subList->listNum; i++)
{
/* Print out results */
printListData(fieldName,
subentry,
offsetof(EimRegistryName, name));
/* advance to next entry */
subentry = (EimRegistryName *)((char *)subentry +
subentry->nextEntry);
}
}
}
void printListData(char * fieldName,
void * entry,
int offset)
{
EimListData * listData;
char * data;
int dataLength;
printf(" %s = ",fieldName);
/* Address the EimListData object */
listData = (EimListData *)((char *)entry + offset);
/* Print out results */
data = (char *)entry + listData->disp;
dataLength = listData->length;
if (dataLength > 0)
printf("%.*s\n",dataLength, data);
else
printf("Not found.\n");
}
API introduced: V5R2