The privileges defined for a specific privilege object (optionally with inherited privileges) and the effective privileges that a specific user or user group has on a specific privilege object can be queried from the Application Server.
However for querying privileges the the querying user also needs specific permissions. These permissions depend on the privilege object type, table 1 lists the required permissions.
Privilege object type |
Permissions required |
System |
none; every user can query privileges and effective permissions of any user or user group on the system privilege object. |
Domain |
The accessing user must have Read (0) rights for the queried domain. |
View |
The accessing user must have List views (3) permission for the queried view |
Feature |
The accessing user must have Read (0) rights for the queried feature |
Feature type |
none; every user can query privileges and effective permissions of any user or user group on any feature type; |
Table 1: Permissions needed to query privileges and effective privileges
