K2BTools GAM integration

Introduction

To integrate GAM in applications developed using K2BTools, the mechanisms described in K2BTools Security Model can be used.

This page describes a way of defining this integration so that K2BTools's Security API works based on the information cofigured in the GAM repository.

Implementing this integration can be useful when working on Knowledge Bases created using K2BTools. To see the benefits obtained by doing this, see Benefits of integrating K2BTools security in applications using GAM.

Permission mapping

To integrate K2BTools's security to GAM, a mapping between K2BTools activities and GAM permissions must be defined.

In K2BTools, each entity has the following activities associated to it:

<Entity>List
<Entity>Display
<Entity>Insert
<Entity>Update
<Entity>Delete

Where <Entity> is the entity's name.

On the other hand, GAM defines the following permissions for each object:
<Prefix>__FullControl
<Prefix>__Insert
<Prefix>__Update
<Prefix>__Delete
<Prefix>_Execute

Where <Prefix> is the value of the property "Permission Prefix" for the object. This property's default value is equal to the object's name, but it can be modified.

The mapping between these two paradigms should be as follows:

K2BTools Permission GAM Permission
<Entity>Insert <Prefix>__Insert
<Entity>Update <Prefix>__Update
<Entity>Delete <Prefix>__Delete
<Entity>List <Prefix>_Execute
<Entity>Display

The steps necessary to implement the permission mapping are:

  1. In K2BTools general settings, set the property "Set Permission Prefix" to "True". After this, K2BTools will set the value for the property "Permission Prefix" for all objects generated so that it matches the name of the transaction associated to the node caused the object's generation. (For example, the permission prefix for "WWCity" would be set to "City").
  2. Modify the implementation of K2BIsAuthorizedActivityList to reflect the mapping shown before. The final code would be:

For &activity in &activityList
&activityToCheck = K2BFSG.GetGAMPermissionNameForActivity.Udp(&activity.Activity)
&activity.IsAuthorized = GAMRepository.CheckPermission(&activityToCheck)

EndFor
K2BIsAuthorizedActivityList code

Note: The modified version of this object, with the code shown above, is available at K2BIsAuthorizedActivityList for GAM integration