Wiki

Case Status Kiln
Register Log In

Wiki

 
FogBugz Plugin Developers…  "How To" Guides»Access and modify FogBugz enti…»FogBugz Permissions in Plugins
  
Page Collections
Attributes
Hierarchy
  • RSS Feed

Last modified on 5/11/2009 7:18 PM by User.

Tags:
permissions, security

FogBugz Permissions in Plugins

Permissions Overview

For a general overview of FogBugz permissions, see Managing FogBugz Permissions.

Permissions in Plugins

By default, objects in the Plugin API enforce the permissions of the current user.  These permissions are enforced in two main ways.

Entity Member Security

FogBugz objects enforce permissions by throwing a FogBugzSecurityException when an operation is attempted and the current user does not have the required permission.  Permissions can be overridden for a particular object by calling object.IgnorePermissions = true.  For more information, see Entity Member Security.

Database Query Security

Database queries that reference FogBugz tables enforce permissions in one of two ways:

  • Any query method that directly exposes a database field from a FogBugz table is always considered to be unsafe (for example, CSelectQuery.GetDataSet).  Any call to these methods will throw a FogBugzSecurityException unless IgnorePermissions is set to true.

  • Query methods that return entity objects by default will only include objects that the current user can see (has read permissions on).  The objects returned will still enforce permissions as described in Entity Member Security.  The default behavior can be modified by setting ExcludeReadable, ExcludeWritable, or other similar properties.

For more information, see Database Query Security.