CheckAndAuditLabel(Operation: Integer; Comment: String; Var Label: ISecurityDocumentLabel);
Operation.Mask that determines operations, the availability of rights to which it is necessary to check for the current user. It is necessary to use values of the enumeration type MetabaseObjectPredefinedRights to form mask value. This enumeration contains basic and additional operations on which permissions can be given and access audit can be led. The specific operations are available for defined classes of objects. To use specific operations depending on the object class in a mask there is a possibility to use values of the following enumerations:
CalculatedCubeSpecificRights are specific operations available for calculated cubes.
CubeLoaderSpecificRights are specific operations available for loading data in a cube.
CubeSpecificRights are specific operations available for different types of cubes.
CustomObjectSpecificRights are specific operations available for objects of custom classes.
DataBaseSpecificRights are specific operations available for repository object - Database.
DictionarySpecificRights are specific operations available for repository objects - MDM Dictionary and Composite MDM dictionary.
MDCalcSpecificRights are specific operations available for repository object - Multidimensional calculation on DB server.
ProblemSpecificRights are specific operations available for an object of modeling container - Modeling task.
ProcedureSpecificRights are specific operations available for repository object - Procedure.
ScenarioDimensionSpecificRights are specific operations available for the repository object - Modeling Scenario.
TableSpecificRights are specific operations available for the following repository objects - Table, View, Log, External table.
ValidationSpecificRights are specific operations available for repository object - Validation rule and Validation group.
Comment. The comment that is entered in the access protocol.
Label. The variable, to which the parameters of security label will be placed.
The CheckAndAuditLabel method checks the access permissions of the current user for the specified operations and writes the record into the access protocol with the specified comment and also calculates parameters of the security label that is used when printing and exporting the repository objects.
Security label is calculated if the mandatory access to objects is active.
If the current user does not have rights even to one of checked operations, the record with failed result will be entered in the access protocol and the exceptional condition will be generated.
Executing the example requires that the repository contains an object with the Obj_1 identifier.
Sub UserProc;
Var
MB: IMetabase;
MObj: IMetabaseObjectDescriptor;
SecLabel: ISecurityDocumentLabel;
Begin
MB := MetabaseClass.Active;
MObj := MB.ItemById("Obj_1");
MObj.CheckAndAuditLabel(
MetabaseObjectPredefinedRights.Delete Or
MetabaseObjectPredefinedRights.Access,
"Check of availability of rights of the current user to Removal and Rights change operations",
SecLabel);
If SecLabel.IsON Then
Debug.WriteLine(SecLabel.Label);
Debug.WriteLine(SecLabel.LabelDescription);
Debug.WriteLine(SecLabel.TreatSectionAsDocument);
Debug.WriteLine(SecLabel.User.Name);
End If;
End Sub UserProc;
After executing this example the availability of the rights of the current user to remove and change access permissions of the Obj_1 object is checked. The appropriate record is added to the access protocol. If the mandatory access control was activated in the repository and the level, for which the marking of objects is provided when exporting and printing, was specified to the object, the Lab variable would contain parameters of the security label that is used for marking. These parameters are displayed in the development environment console.
See also: