8 years ago · 16e8874b69
--- a/esp/bindings/http/platform/httpbinding.cpp
+++ b/esp/bindings/http/platform/httpbinding.cpp
@@ -967,7 +967,19 @@ int EspHttpBinding::onGetSoapBuilder(IEspContext &context, CHttpRequest* request
 
				 int EspHttpBinding::onFeaturesAuthorize(IEspContext &context, MapStringTo<SecAccessFlags> & pmap, const char *serviceName, const char *methodName)
			
 
				 {
			
 
				     if (!context.validateFeaturesAccess(pmap, false))
			
 
				-        throw MakeStringException(-1, "%s::%s access denied.", serviceName, methodName);
			
 
				+    {
			
 
				+        StringBuffer features;
			
 
				+        HashIterator iter(pmap);
			
 
				+        int index = 0;
			
 
				+        ForEach(iter)
			
 
				+        {
			
 
				+            IMapping &cur = iter.query();
			
 
				+            const char * key = (const char *)cur.getKey();
			
 
				+            SecAccessFlags val = *pmap.getValue(key);
			
 
				+            features.appendf("%s%s:%s", (index++ == 0 ? "" : ", "), key, getSecAccessFlagName(val));
			
 
				+        }
			
 
				+        throw MakeStringException(-1, "%s::%s access denied - Required features: %s.", serviceName, methodName, features.str());
			
 
				+    }
			
 
				     return 0;
			
 
				 }
			
 
				 
			
--- a/esp/scm/ws_access.ecm
+++ b/esp/scm/ws_access.ecm
@@ -791,7 +791,7 @@ ESPresponse [nil_remove] UserAccountExportResponse
 
				     [http_content("application/octet-stream")] binary Result;
			
 
				 };
			
 
				 
			
 
				-ESPservice [version("1.10"), requiredaccess("NONE"), exceptions_inline("./smc_xslt/exceptions.xslt")] ws_access
			
 
				+ESPservice [version("1.10"), auth_feature("NONE"), exceptions_inline("./smc_xslt/exceptions.xslt")] ws_access
			
 
				 {
			
 
				     ESPmethod [client_xslt("/esp/xslt/access_users.xslt")] Users(UserRequest, UserResponse);
			
 
				     ESPmethod [client_xslt("/esp/xslt/access_useredit.xslt")] UserEdit(UserEditRequest, UserEditResponse);
			
--- a/system/security/shared/seclib.hpp
+++ b/system/security/shared/seclib.hpp
@@ -59,6 +59,28 @@ enum SecAccessFlags
 
				     SecAccess_Full = 255
			
 
				 };
			
 
				 
			
 
				+static const char * getSecAccessFlagName(SecAccessFlags flag)
			
 
				+{
			
 
				+	switch (flag)
			
 
				+	{
			
 
				+		case SecAccess_Unavailable:
			
 
				+			return "Unavailable";
			
 
				+		case SecAccess_None:
			
 
				+			return "None";
			
 
				+		case SecAccess_Access:
			
 
				+			return "Access";
			
 
				+		case SecAccess_Read:
			
 
				+			return "Read";
			
 
				+		case SecAccess_Write:
			
 
				+			return "Write";
			
 
				+		case SecAccess_Full:
			
 
				+			return "Full";
			
 
				+		case SecAccess_Unknown:
			
 
				+		default:
			
 
				+			return "Unknown";
			
 
				+			break;
			
 
				+	}
			
 
				+}
			
 
				 
			
 
				 
			
 
				 enum SecResourceType