BOB: Business Objects Board
Not endorsed by or affiliated with SAP

Register | Login 

Want to sponsor BOB? 
Want to sponsor BOB? (Opens a new window)  

General Notice: No events within the next 45 days.

SeeSec - security detail for XIr2 and XI3
1 members found this topic helpful
Goto page 1, 2  Next
 
Search this topic... | Search BOB's Downloads... | Search Box
Register or Login to Post    Forum Index -> BOB's Downloads  Previous TopicPrint TopicNext Topic
Author Message
joepeters
Forum Fanatic
Forum Fanatic



Joined: 29 Aug 2002

Posts: 6546
Location: Connecticut, USA


flag
PostPosted: Fri Feb 04, 2011 3:45 pm 
Post subject: SeeSec - security detail for XIr2 and XI3

Title: SeeSec
Author: Joe Peters
Author notes:
Quote:
SeeSec is a utility that displays the detail on all explicitly-assigned rights in an XIr2 or XI3 environment. I wrote it to help me validate the security of objects that I migrated from XIr2 to XI3. Although the security model is drastically different, this was still very useful for finding objects that didn't have the correct security applied.

Both XIr2 and XI3 scripts will produce a raw extract of explicitly-assigned rights as tab-delimited text output. The two versions display the access detail differently, however:
For XIr2: if the object has a predefined access level (View, VoD, etc.), then the output will display that access level name. If the principal has Advanced access, then the output will display one line for each assigned Advanced right, and a "Granted/Denied" flag.
For XI3: Since principals can have one or more access levels, or multiple advanced rights (or both), the display is different. The "Access Levels" column displays a comma-separated list of any and all assigned access levels. If the principal has advanced rights, (whether or not there are access levels as well) then the rights are displayed in multiple lines.

Both versions have a variable "showAdvancedDetail" that can be set to false to display the number of assigned advanced rights, rather than the detail.

The CMS query in the script excludes some object types that I didn't care about. You may need to adjust what is included, to fit your needs.


Platform: Java
Version: 1.0
Disclaimer: I have not exhaustively tested the results of these scripts. It's possible (likely) that there there are assigned rights in the system that are not displayed.

XIr2 code:
Code:
import com.crystaldecisions.sdk.occa.infostore.*;
import com.crystaldecisions.sdk.framework.*;
import com.crystaldecisions.sdk.exception.SDKException;
import com.crystaldecisions.sdk.plugin.desktop.folder.*;
import java.util.*;

/* Classpath:
   C:\Program Files\Business Objects\common\3.5\java\lib\ebus405.jar
   C:\Program Files\Business Objects\common\3.5\java\lib\boconfig.jar
   C:\Program Files\Business Objects\common\3.5\java\lib\cecore.jar
   C:\Program Files\Business Objects\common\3.5\java\lib\celib.jar
   C:\Program Files\Business Objects\common\3.5\java\lib\ceplugins.jar
   C:\Program Files\Business Objects\common\3.5\java\lib\cesession.jar
   C:\Program Files\Business Objects\common\3.5\java\lib\ceutils.jar
   C:\Program Files\Business Objects\common\3.5\java\lib\corbaidl.jar
   C:\Program Files\Business Objects\common\3.5\java\lib\rascore.jar
   C:\Program Files\Business Objects\common\3.5\java\lib\Serialization.jar
*/

public class SeeSec
{
   // Set the following three variables with logon info the the CMS.
   public static String strUser = "<user name>";
   public static String strCMS = "<cms name>";
   public static String strPwd = "<user password>";
   
   // Set this to true to display all advanced rights; false will just display a count of assigned rights if the access level is "advanced"
   public static Boolean showAdvancedDetail = false;

   
   public static IInfoStore infoStore;

   public static void main(String[] args)
   throws SDKException
   {
      System.out.println ("Connecting to: " + strCMS);
      
      // Print out header
      if(showAdvancedDetail)
         System.out.println("Principal\tObject ID\tObject Kind\tPath\tAccess Level\tGranted/Denied\tAdvanced Right");
      else
         System.out.println("Principal\tObject ID\tObject Kind\tPath\tAccess Level\tCount of Advanced Rights");

      // Log in to CMS and get infoStore
      ISessionMgr oSessionMgr;
      IEnterpriseSession oEnterpriseSession;
      oSessionMgr = CrystalEnterprise.getSessionMgr();
      oEnterpriseSession = oSessionMgr.logon(strUser, strPwd, strCMS, "secEnterprise");
      infoStore = (IInfoStore)oEnterpriseSession.getService("", "InfoStore");

      // Hold the last ID in each batch, so we know where to start the next one.
       Integer theID = new Integer(0);
      
       while(true)
       {
          IInfoObjects iObjects = infoStore.query("SELECT TOP 1000 si_path,si_id,si_kind,si_parentid FROM CI_infoobjects,ci_systemobjects,ci_appobjects where si_kind not in ('personalcategory','MetaData.DataDBField','MetaData.BusinessField','AuditEventInfo','BIWidgets','ClientAction','ClientActionSet','ClientActionUsage') and si_kind not like 'Encyclopedia%' and si_instance = 0 and si_id > " + theID + " order by si_id");
          // Run until there are no more objects.
         if(iObjects.size() == 0)
            break;
            
         theID = printEm(infoStore,iObjects);
      }
   }
   
   static Integer printEm(IInfoStore oInfoStore,IInfoObjects iObjects)
   throws SDKException
   {
      Integer maxID = new Integer(99999999);
       for(int i = 0; i < iObjects.size(); i++)
       {
           IInfoObject iObject = (IInfoObject) iObjects.get(i);
          maxID = new Integer(iObject.getID());
          
          // Get SecurityInfo for the object
           ISecurityInfo objectSecurityInfo = iObject.getSecurityInfo();
          
           // And get the principals that have assigned rights
           IObjectPrincipals iEPs = objectSecurityInfo.getObjectPrincipals();
          
           // Loop through each principal
           for(Iterator<IObjectPrincipal> iopi = iEPs.iterator(); iopi.hasNext();)
           {
              IObjectPrincipal iEP = iopi.next();
              
             if ((iObject.getKind().equals("Inbox") || iObject.getKind().equals("FavoritesFolder") || iObject.getKind().equals("PersonalCategory"))
                    && iEP.getName().toLowerCase().equals(iObject.getTitle().toLowerCase()))
             {
                continue; // skip inbox & favorites folders for their owners.
             }

              if (iEP.getRights().size() == 0 &&  iEP.isInherited())
                continue; // nothing to see here (no rights assigned, inheriting folders & groups)
            
              ISecurityRights iERights = iEP.getRights();
            
              String outString = iEP.getName() + "\t" + iObject.getID() + "\t" + iObject.getKind() + "\t" + getObjectPath(iObject) + "\t";
              outString += iEP.getRole().getDescription(Locale.getDefault()) + "\t";
              // If "Advanced" rights, and we're showing detail, then show each individual right; otherwise
              // just show a count of assigned rights.
              if (("Advanced".equals(iEP.getRole().getDescription(Locale.getDefault()))))
              {
                 if(showAdvancedDetail)
                 {
                    if (iERights.size() == 0)
                    {
                       System.out.println(outString + "No rights assigned!");
                    }
                    else
                    {
                       for(Iterator<ISecurityRight> itRight = iERights.iterator(); itRight.hasNext();)
                       {
                          ISecurityRight isRight = itRight.next();
                          System.out.println ( outString + (isRight.isGranted() ? "Granted\t" : "Denied\t" ) + isRight.getDescription(Locale.getDefault()) );
                       }
                    }
                 }
                 else // Advanced, just show count
                 {
                    System.out.println(outString += iERights.size());
                 }
              }
              else // Not advanced rights
                 System.out.println (outString);
           }
      }
      return maxID;
   }
   
   // Get the full path of an object
   static String getObjectPath(IInfoObject inObject)
   throws SDKException
   {
      IInfoObject oIO = inObject;
      String path = "";
      
      while(true)
      {
         // If the current object is a folder, get its "si_path" info; otherwise just iterate up through the objects' parents
         if ("Folder".equals(oIO.getKind()))
         {
            oIO = (IInfoObject) infoStore.query("select si_id,si_path from CI_infoobjects,ci_systemobjects,ci_appobjects where si_id = " + oIO.getID()).get(0);
            path = oIO.getTitle() +  path;
            try {
               if ( oIO.getParentID() != 0)
                  for(String pathPart : ((IFolder)oIO).getPath() )
                     path = pathPart + "/" + path;
            }
            catch (Exception wtf)
            {
               // This shouldn't happen since we're checking for path count of 0 above, but just in case...
               return "<" + oIO.getID() + ">" + "/" + path + oIO.getTitle();
            }
            return path;
         }
         else
            path = path + "/" + oIO.getTitle();
         oIO = oIO.getParent();
      }
   }
   
}


XI3 code:
Code:

import com.crystaldecisions.sdk.occa.infostore.*;
import com.crystaldecisions.sdk.occa.security.CeSecurityOptions;
import com.crystaldecisions.sdk.framework.*;
import com.crystaldecisions.sdk.exception.SDKException;
import com.crystaldecisions.sdk.plugin.desktop.folder.*;
import java.util.*;

/* Classpath:
   C:\Program Files\Business Objects\BusinessObjects Enterprise 12.0\classes\cesession.jar
   C:\Program Files\Business Objects\BusinessObjects Enterprise 12.0\classes\cecore.jar
   C:\Program Files\Business Objects\BusinessObjects Enterprise 12.0\classes\celib.jar
   C:\Program Files\Business Objects\BusinessObjects Enterprise 12.0\classes\ceplugins_core.jar
   C:\Program Files\Business Objects\BusinessObjects Enterprise 12.0\classes\ebus405.jar
   C:\Program Files\Business Objects\BusinessObjects Enterprise 12.0\classes\corbaidl.jar
   C:\Program Files\Business Objects\common\4.0\java\lib\logging.jar
   C:\Program Files\Business Objects\BusinessObjects Enterprise 12.0\classes\boconfig.jar
*/


public class SeeSec
{
   // Set the following three variables with logon info the the CMS.
   public static String strUser = "<user name>";
   public static String strCMS = "<cms name>";
   public static String strPwd = "<user password>";
   
   // Set this to true to display all advanced rights; false will just display a count of assigned rights if the access level is "advanced"
   public static Boolean showAdvancedDetail = true;
   
   public static IInfoStore infoStore;

   public static void main(String[] args)
   throws SDKException
   {
      System.out.println ("Connecting to: " + strCMS);
      
      // Print out header
      if(showAdvancedDetail)
         System.out.println("Principal\tObject ID\tObject Kind\tPath\tAccess Level(s)\tInheriting Folder\tInheriting Group\tAdvanced Right Access\tAdvanced Right Scope\tAdvanced Right Description");
      else
         System.out.println("Principal\tObject ID\tObject Kind\tPath\tAccess Level(s)\tInheriting Folder\tInheriting Group\tAdvanced Right Count");

      // Log in to CMS and get infoStore
      ISessionMgr oSessionMgr;
      IEnterpriseSession oEnterpriseSession;
      oSessionMgr = CrystalEnterprise.getSessionMgr();
      oEnterpriseSession = oSessionMgr.logon(strUser, strPwd, strCMS, "secEnterprise");
      infoStore = (IInfoStore)oEnterpriseSession.getService("", "InfoStore");

      // Hold the last ID in each batch, so we know where to start the next one.
       Integer theID = new Integer(0);
      
       while(true)
       {
          IInfoObjects iObjects = infoStore.query("SELECT TOP 1000 si_path,si_id,si_kind,si_parentid FROM CI_infoobjects,ci_systemobjects,ci_appobjects where si_kind not in ('personalcategory','MetaData.DataDBField','MetaData.BusinessField','AuditEventInfo','BIWidgets','ClientAction','ClientActionSet','ClientActionUsage') and si_kind not like 'Encyclopedia%' and si_instance = 0 and si_id > " + theID + " order by si_id");
   
         if(iObjects.size() == 0)
            break;
            
         theID = printEm(infoStore,iObjects);
      }
   }
   
   static Integer printEm(IInfoStore oInfoStore,IInfoObjects iObjects)
   throws SDKException
   {
      Integer maxID = new Integer(99999999);
       for(int i = 0; i < iObjects.size(); i++)
       {
           IInfoObject iObject = (IInfoObject) iObjects.get(i);
          maxID = new Integer(iObject.getID());
          
           ISecurityInfo2 objectSecurityInfo = iObject.getSecurityInfo2();
           IExplicitPrincipals iEPs = objectSecurityInfo.getExplicitPrincipals();
          
           for(Iterator<IExplicitPrincipal> iopi = iEPs.iterator(); iopi.hasNext();)
           {
              IExplicitPrincipal iEP = (IExplicitPrincipal)iopi.next();
              
             if ((iObject.getKind().equals("Inbox") || iObject.getKind().equals("FavoritesFolder") || iObject.getKind().equals("PersonalCategory"))
                    && iEP.getName().toLowerCase().equals(iObject.getTitle().toLowerCase()))
             {
                continue; // skip inbox & favorites folders for their owners.
             }

              if (iEP.getRights().size() == 0 && iEP.getRoles().size() == 0 && iEP.isInheritFolders() && iEP.isInheritGroups())
                continue; // nothing to see here (no rights assigned, inheriting folders & groups)
            
              IExplicitRights iERights = iEP.getRights();
            
              String outString = iEP.getName() + "\t" + iObject.getID() + "\t" + iObject.getKind() + "\t" + getObjectPath(iObject) + "\t";

              IExplicitRoles iERoles = iEP.getRoles();
              for(Iterator<IExplicitRole> itERole = iERoles.iterator(); itERole.hasNext();)
              {
                 IExplicitRole iERole = (IExplicitRole)itERole.next();
                 outString += iERole.getTitle() + ",";
              }
              if(iERoles.size() > 0)
                 outString = outString.substring(0,outString.length()-1);

              outString += "\t" + (iEP.isInheritFolders() ? "Y\t" : "N\t")
                              + (iEP.isInheritGroups() ? "Y\t" : "N\t");
              
              if(showAdvancedDetail)
              {
                 if (iERights.size() != 0)
                 {
                    for(Iterator<IExplicitRight> itRight = iERights.iterator(); itRight.hasNext();)
                    {
                       Boolean displayIt = true;
                       IExplicitRight isRight = itRight.next();
                       RightDescriptor iRD = new RightDescriptor(isRight.getRightDescriptor());
                       String myScope = "";
                       
                       // XI3 has separate access for Objects and SubObjects, and each one is a separate IExplicitRight.
                       // We want to collapse them into the same line, and display whether it applies to the Object
                       // or Subobject.  So, if this is the "object" ("this") right, then check if there is a subobject right too.
                       if (isRight.getRightDescriptor().scope.equals(CeSecurityOptions.RightScope.CURRENT_OBJECT))
                       {
                          iRD.scope = CeSecurityOptions.RightScope.DESCENDANTS;
                          IExplicitRight iERKids = iERights.get(iRD);
                          if(!(iERKids==null))
                          {
                             if(iERKids.isGranted() == isRight.isGranted())
                                myScope = "Object & Subobjects";
                             else // descendants have different access
                                myScope = "Object only";
                          }
                          else // descendants have unassigned access
                             myScope = "Object only";
                       }
                       else // scope is "descendants"; if access matches "this", then don't print anything (since we already printed "this,descendants"
                       {
                          iRD.scope = CeSecurityOptions.RightScope.CURRENT_OBJECT;
                          IExplicitRight iERKids = iERights.get(iRD);
                          if(!(iERKids==null))
                          {
                             if(iERKids.isGranted() != isRight.isGranted())
                                myScope = "Subobjects only";
                             else // descendants have SAME access - don't print this line
                                displayIt = false;
                          }
                          else // "this" has unassigned access, but descendants do - print it
                             myScope = myScope = "Subobjects only";
                       }
                       if(displayIt)
                          System.out.println ( outString + (isRight.isGranted() ? "Granted\t" : "Denied\t" ) + myScope + "\t" + isRight.getDescription(Locale.getDefault()) );
                    }
                 }
                 else // no advanced rights
                    System.out.println(outString);
              }
              else // Just show count
              {
                 System.out.println(outString += iERights.size());
              }
              
           }

      }
      return maxID;
   }
   
   // Get the full path of an object
   static String getObjectPath(IInfoObject inObject)
   throws SDKException
   {
      IInfoObject oIO = inObject;
      String path = "";
      
      while(true)
      {
         // If the current object is a folder, get its "si_path" info; otherwise just iterate up through the objects' parents
         if ("Folder".equals(oIO.getKind()))
         {
            oIO = (IInfoObject) infoStore.query("select si_id,si_path from CI_infoobjects,ci_systemobjects,ci_appobjects where si_id = " + oIO.getID()).get(0);
            path = oIO.getTitle() +  path;
            try {
               if ( oIO.getParentID() != 0)
                  for(String pathPart : ((IFolder)oIO).getPath() )
                     path = pathPart + "/" + path;
            }
            catch (Exception wtf)
            {
               // This shouldn't happen since we're checking for path count of 0 above, but just in case...
               return "<" + oIO.getID() + ">" + "/" + path + oIO.getTitle();
            }
            return path;
         }
         else
            path = path + "/" + oIO.getTitle();
         oIO = oIO.getParent();
      }
   }
   
}


Last edited by joepeters on Fri Feb 20, 2015 7:23 am, edited 1 time in total
Back to top
adrian.rutter
Senior Member
Senior Member



Joined: 21 Aug 2002

Posts: 34
Location: Coventry


flag
PostPosted: Mon Jan 27, 2014 5:22 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

It would be useful to include information on how to use this script ?
Back to top
joepeters
Forum Fanatic
Forum Fanatic



Joined: 29 Aug 2002

Posts: 6546
Location: Connecticut, USA


flag
PostPosted: Mon Jan 27, 2014 8:29 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

Are you familiar with Eclipse, or Java programming in general?
Back to top
adrian.rutter
Senior Member
Senior Member



Joined: 21 Aug 2002

Posts: 34
Location: Coventry


flag
PostPosted: Mon Jan 27, 2014 8:37 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

I am, but at a basic level.
The use of the phrase "The CMS query in the script excludes some object types that I didn't care about. You may need to adjust what is included, to fit your needs. " made me think it was a .js or .java file not something to build into a development framework.
Back to top
joepeters
Forum Fanatic
Forum Fanatic



Joined: 29 Aug 2002

Posts: 6546
Location: Connecticut, USA


flag
PostPosted: Mon Jan 27, 2014 8:44 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

That's correct, this is just meant to be run as a freestanding application; not incorporated into BO in any way.

To implement:
1) Create a new project in Eclipse.
2) At the top of the script I list a bunch of jar files. Add these to the project's Java Build Path
3) Create a new class named SeeSec; paste in the entire script
4) Run!
Back to top
adrian.rutter
Senior Member
Senior Member



Joined: 21 Aug 2002

Posts: 34
Location: Coventry


flag
PostPosted: Mon Jan 27, 2014 8:58 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

Thanks for the clarification.
Back to top
chipdale2010
Senior Member
Senior Member



Joined: 15 Oct 2010

Posts: 38
Location: Leicestershire, UK


flag
PostPosted: Fri Feb 06, 2015 9:26 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

Hi Joe

any chance you can update this to BI4.0 or BI4.1?

It is throwing this error when I try to do it myself

Quote:
Exception in thread "main" java.lang.NoClassDefFoundError: org/aspectj/lang/Signature
at SeeSec.main(SeeSec.java:35)
Caused by: java.lang.ClassNotFoundException: org.aspectj.lang.Signature
at java.net.URLClassLoader$1.run(URLClassLoader.java:372)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:360)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
... 1 more



for this line

oSessionMgr = CrystalEnterprise.getSessionMgr();


I had a best guess at setting the Java Build Path. The original says

C:\Program Files\Business Objects\common\3.5\java\lib\

so I use

C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib

but was not too sure about which logging.jar to use so I used the one from the same folder as the others


it also wanted to add @SuppressWarnings("unchecked") in several places (to the rights querying) so I let it


many thanks
Andrew[/quote]
Back to top
joepeters
Forum Fanatic
Forum Fanatic



Joined: 29 Aug 2002

Posts: 6546
Location: Connecticut, USA


flag
PostPosted: Fri Feb 06, 2015 2:12 pm 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

Hi, Andrew.

Signature is in aspectjrt.jar. I use a common user library for all my BI4.1 projects; the list is at the end of this post. The project doesn't need all of them, but it doesn't hurt to include them all.

Regarding the SuppressWarnings message -- that's just a Type Safety warning; you can ignore it or let it add the SuppressWarnings annotation. Either way, it doesn't change the behavior of the code.

Joe

C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\boconfig.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\cecore.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\celib.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\ceplugins_core.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\cesession.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\corbaidl.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\ebus405.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\logging.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\aspectjrt.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\ceaspect.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\TraceLog.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\bcm.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\sdk.core.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\sdk.core.session.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\sdk.core.server.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\sdk.core.server.common.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\sdk.core.server.corba.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\sdk.core.session.cms.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\inproc_container.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\CTPlugin_idl.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\cdz_cluster_mgmt_types_idl.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\cvom.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\dsl_sdk_services.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\org.eclipse.emf.ecore_2.4.2.v200902171115.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\org.eclipse.emf.common_2.4.0.v200902171115.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\cdzidl.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\GenericContainer_proxy.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\GenericContainer_idl.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\IEPlugin_idl.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\ie_proxies.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\commons-codec-1.3.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\cryptojFIPS.jar
C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\java\lib\ccis.jar
Back to top
chipdale2010
Senior Member
Senior Member



Joined: 15 Oct 2010

Posts: 38
Location: Leicestershire, UK


flag
PostPosted: Mon Feb 09, 2015 5:17 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

thanks Joe the script is running now

in the XIR3 code there is extra code that stops the loop from repeating
Code:
// Hold the last ID in each batch, so we know where to start the next one.
...snip...
if(true) break;


Also this shows up as faulty
Code:
else // "this" has unassigned access, but descendants do - print it
myScope = myScope = "Subobjects only";

Quote:
The assignment to variable myScope has no effect


thanks again

regards
Andrew
Back to top
viru4808
Principal Member
Principal Member



Joined: 09 Jan 2008
ASUG Icon
Posts: 139
Location: somewhere in universe


flag
PostPosted: Fri Feb 20, 2015 1:38 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

Thanks Joe for sharing the script.

It works fine if the folder hierarchy is up to two levels however i wanted to see if it see through more than two levels

Appreciate your help

Viru
Back to top
joepeters
Forum Fanatic
Forum Fanatic



Joined: 29 Aug 2002

Posts: 6546
Location: Connecticut, USA


flag
PostPosted: Fri Feb 20, 2015 7:24 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

Probably because of the artifact debugging code that Andrew found ("if(true) break"). You should get more complete data if you remove it (I updated my post).

Joe
Back to top
viru4808
Principal Member
Principal Member



Joined: 09 Jan 2008
ASUG Icon
Posts: 139
Location: somewhere in universe


flag
PostPosted: Sun Feb 22, 2015 6:46 pm 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

joepeters wrote:
Probably because of the artifact debugging code that Andrew found ("if(true) break"). You should get more complete data if you remove it (I updated my post).


Thanks Joe,

I remember trying this earlier with //"if(true) break") commented but it still didn't work, maybe it will work with the new code. Will let you know how it goes.

Cheers
Viru
Back to top
BusObjGuy2
Senior Member
Senior Member



Joined: 27 May 2005

Posts: 41
Location: Kansas City


flag
PostPosted: Thu Mar 19, 2015 3:04 pm 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

Has anyone got an update for BOBJ 4.1 ?
Back to top
joepeters
Forum Fanatic
Forum Fanatic



Joined: 29 Aug 2002

Posts: 6546
Location: Connecticut, USA


flag
PostPosted: Fri Mar 20, 2015 8:39 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

My XI3 code above works with BI4, as long as you are using the BI4 libraries.
Back to top
Jibc
Forum Member
Forum Member



Joined: 20 Jul 2011

Posts: 27


flag
PostPosted: Mon Dec 07, 2015 3:55 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

For those who are not familiar with Eclipse or Java, this post is very useful :
https://busintblog.wordpress.com/2014/06/27/discover-business-objects-xi-with-java-sdk/
Back to top
Display posts from previous:   
Register or Login to Post    Forum Index -> BOB's Downloads  Previous TopicPrint TopicNext Topic
Page 1 of 2 All times are GMT - 5 Hours
Goto page 1, 2  Next
 
Jump to:  

Index | About | FAQ | RAG | Privacy | Search |  Register |  Login 

Get community updates via Twitter:

Not endorsed by or affiliated with SAP
Powered by phpBB © phpBB Group
Generated in 0.0399 seconds using 17 queries. (SQL 0.0033 Parse 0.0010 Other 0.0357)
CCBot/2.0 (https://commoncrawl.org/faq/)
Hosted by ForumTopics.com | Terms of Service
phpBB Customizations by the phpBBDoctor.com
Shameless plug for MomentsOfLight.com Moments of Light Logo