With the API it is very common that you will want to make a change to an object. Say you have some code that adds a pledge to a constituent when an event registrant is added. The user running the code may well have the rights to add an event registrant (participant) but they may not have the rights to add gifts.
When you program the code you will invariably do it as either the Supervisor user (in the case of VBA) or otherwise as a user with supervisor rights. This is possibly something that you will never consider as it has always worked for you.
When the user with limited rights tries to run the program it will at best crash nicely and at worst will crash bringing the whole of RE down with it. This is something we really want to avoid.
You can check security rights from the session context.
Dim oSecurity As IBBSecurityAccess
Set oSecurity = REApplication.SessionContext.Security
If Not oSecurity.AccessToGift(specificAccess:=SpecificAccess_ADD) Then
MsgBox "You do not have the rights to add gifts"
Exit Sub
End If
If you want to check that a user has a specific security group then this is not possible using the standard RE API. However it can be done by adding a DLL used by RE to your project. In references of your VB/VBA environment select the DLL “Blackbaud RE Security Data Objects 7.5”
Once you have done that you can access the CSecurityGroups and the CSecurityUser classes which give you a lot more control over the exact security groups that a user is in. This can be useful for creating your own security. Create a group and then check if the user is in that group before allowing them to do perform a certain macro or plugin (especially useful if you are in a Citrix environment where everyone has access to all the plugins). Note that these classes are not part of the regular API and are therefore not supported by Blackbaud.