Extension Mechanism Development

As we promised within the earlier article, we’re step by step growing the performance of the extension mechanism and bettering the diagnostics of their healthy being.

Including your roles

Beforehand, it could vary the roles of a typical configuration by borrowing them and including objects created within the extension to them. Now you can create your roles in wings.

We see two predominant situations for utilizing customized roles. First, they might be required to create atomic or complicated units of rights to these objects that the extension brings to the configuration, with none binding to the roles already current within the structure.

Second, they can be utilized to create atomic or complicated units of rights to configuration objects, which consider the revision’s specifics.

You possibly can add roles created in extensions to a consumer solely programmatically. For instance, on this method:

The consumer whose roles have been supplemented by the extension is displayed within the configurator with a particular new icon.

Within the configurator, you may delete consumer roles that might be added to him by extensions. However, not alone, all collectively. To do that, the consumer on the tab Different merchandise appeared Roles added by configuration extensions… To take away roles, you want to uncheck this merchandise.

If the extension that added the position sooner or later stops passing the applicability verify and turns into inactive, then the situation added from it continues to be out there by gathering Person Roles as a daily metadata object. Utilizing the built-in language, you may take it away from consumer roles or add one other consumer to the set of functions.

If you delete an extension, then all roles added by it are also far away from the consumer position lists.

Extending Configuration Roles

Now, within the borrowed roles of the extension, you may set or, conversely, take away entry rights for objects of the primary configuration.

This characteristic will enable you to create complicated units of rights to configuration objects and extensions, which can take into consideration the specifics of the revision. It shall be tied to the roles already current within the configuration.

And secondly, the growth of configuration roles will scale back the set of rights for configuration roles, making an allowance for the specifics of the revision.

When modifying the rights to the borrowed object, you now have the choice to change the checkbox to the third state – The worth from the extensible position is used… All rights to borrowed objects have this that means by default. And for the borrowed part, above the ownership checklist, we added a button to Shade all checkboxes, which units all checkboxes to the third state.

Additionally, when modifying the borrowed position, the phrase “personal” is added to the names of the flags positioned within the decrease a part of the window:

  • Set rights for brand spanking new personal objects;
  • Selected rights on your attributes and default tabular sections.

Along with setting rights, you can too describe information entry restrictions and create restriction templates. The distinctiveness of template names is managed by the platform and is ensured by the truth that templates created in extension roles comprise an extension prefix.

Native and Borrowed Function Limitations

Native extension roles have a lot of limitations. Initially, these are “design” restrictions, that are that such positions can not grant the consumer the rights out there for the foundation configuration merchandise.

However, the extension’s roles might be restricted by the settings of the cluster safety profiles. This characteristic, in our opinion, shall be in demand in configurations working within the service mannequin. With its assistance, you may create a task that provides all configuration objects, except these accountable for service and administrative capabilities. You assign this position to a task that restricts the escalation of entry rights for the Protected Mode profile and the profiles posted to particular extensions.

If such a task shouldn’t be supplied, you may specify as a restriction a listing of roles that present entry to things that might be secure from the standpoint of the service.

To implement these options, we added to the safety profile, to the group Full entry allowed, flag to broaden entry rights… As well as, we said, the sector Roles are proscribing entry rights growth… Utilizing this discipline, you may specify a listing of roles, separated by the image “;”.

If a profile is impacted when the extension is working, the platform interprets the brand new parameters.

If the sector worth is specified, then the position modified or added by the extension grants only these entry rights to configuration objects that are one of many roles defined within the discipline grants.

If the sector worth shouldn’t be specified and the complete entry flag shouldn’t be set, then the rights to configuration objects will not be prolonged. At the same time, you continue to have the chance to take away some rights to things.

Suppose it seems that the Safety Profile restricts granting a sure proper to a particular position contained within the attachment when the extension begins. In that case, the consumer will obtain a message like this: “The” SomeRight “proper to the” SomeObject “object for the” someone “position is restricted by the safety profile.”

Checking the applicability

Some particular extensions could not at all times be utilized to some specific configuration. For instance, as a result, it incorporates errors in modules. Or as a result, the values ​​of the managed properties of the borrowed objects don’t match.

The primary downside is solved even earlier than launch by checking the plug-ins. However, you would solely discover the second downside after launching the appliance and connecting the extension. If the second thing is mistaken with the objects being accessed, the platform reported this and didn’t join the extension.

To scale back the complexity of creating extensions, we analyzed the present scenario, barely modified the habits of the system, and applied a lot of checks.

Now, new diagnostic instruments can help you check the applicability of extensions earlier than truly working them together with the configuration.

When beginning the consumer software

The change in habits is that now, in the course of the launch of the consumer software, the earlier messages about connection issues are not displayed. Within the new implementation, if errors had been recognized in the startup course of connecting an extension, the platform shows a pop-up alert window with a hyperlinked message.

Once you click on the hyperlink, a window opens. Info for technical help… It’s to this window, additionally opened from the dialogue About this system, now all error messages are added.

Now you can diagnose all such errors upfront and elsewhere.

Within the Configurator

The primary place diagnostics can be found in the configurator. Within the Windows Configuration extensions, we now have added two new instructions: Checking the applicability and Checking the relevance of all attachments.

These instructions verify the applicability of the chosen extension (or all extensions) to the given Infobase. At the same time, the verification considers even these modifications in extensions and configurations which were made. However, they haven’t been utilized to the Infobase.

You possibly can carry out the same verification if you batch run the configurator. For this, we now have added a brand new command line parameter /CheckCanApplyConfigurationExtensions.

In embedded language

The second-place such diagnostics can be found to you is within the built-in language. V Extension Supervisor, we added a brand new technique CheckPossibilityAll ()… And into the article ExtensionConfigurations – technique CheckApplicationPossibility ()… Utilizing these strategies, you may verify the applicability of all (or one) Infobase extensions within the present information space within the order of loading, making an allowance for the extensions which have already been examined.

A necessary and fascinating risk right here is that the strategy CheckApplicationPossibility () permits you to check the applicability of the brand new model of the extension even earlier than it’s loaded immediately into the Infobase. You possibly can go the brand new extension model to this technique as binary information.

In standard processing, “Handle Configuration Extensions.”

And at last, the final place new diagnostics can be found is in standard processing. Configuration extensions administration… Right here, we now have added a checkbox Examine applicability when including and loading extensions… Whether put in or by default, the relevance shall be checked earlier than having or earlier than loading the extension.

Within the menu Extra, we have added two instructions that can help you check the applicability of these extensions, which might be already on the checklist.


Related Articles

Latest Articles