TsgcWSAPIKeyManager › Methods › HasScope
Returns True if the key carries the given scope.
function HasScope(const aKey, aScope: string): Boolean;| Name | Type | Description |
|---|---|---|
aKey | const string | Raw plaintext key to inspect (re-hashed internally to locate the entry). |
aScope | const string | Case-sensitive scope identifier to check for. |
True when the key exists, its scope list contains aScope, and the matching Scopes catalog entry is itself enabled. False in every other case (unknown key, scope absent, catalog entry disabled). (Boolean)
Pure lookup, no side effects. Used internally by ValidateKey and IsRequestAuthorized when a aRequiredScope is supplied; you can also call it directly for fine-grained branches inside a request handler ("this endpoint needs write:orders, escalate error message if only read:orders is present"). A disabled Scopes.Scopes[x] entry causes HasScope to return False even when the scope is attached — that is how the catalog's own Enabled flag revokes a scope company-wide.
if not sgcWSAPIKeyManager1.HasScope(vKey, 'write:orders') then
Response.StatusCode := 403;