IMetabaseClassesSecurityDescriptors.ItemByClassId

Syntax

ItemByClassId(ClassId: MetabaseObjectClass): IMetabaseClassSecurityDescriptor;

ItemByClassId[Prognoz.Platform.Interop.Metabase.MetabaseObjectClass]: Prognoz.Platform.Interop.Metabase.IMetabaseClassSecurityDescriptor;

Parameters

ClassId. Object type.

Description

The ItemByClassId property returns parameters of security descriptor by object type.

Comments

The property is read-only.

Example

To execute the example make sure that security manager contains the USER user and administrator is allowed to execute all operations with the Express Report object type on setting up parameters of access control on the Discretionary Access Control tab.

Add links to the Metabase, ForeSystem (for Fore.NET example) system assemblies.

Sub UserProc;
Var
    MB: IMetabase;
    SecDescrs: IMetabaseClassesSecurityDescriptors;
    ClassSecDescr: IMetabaseClassSecurityDescriptor;
    MS: IMetabaseSecurity;
    SecDescr: ISecurityDescriptor;
    Lic: Object;
    Type: AceType;
    Sid: ISid;
Begin
    MB := MetabaseClass.Active;
    // Get license to work with security manager
    Lic := MB.RequestLicense(UiLicenseFeatureType.Adm);
    MS := MB.Security;
    // Get security parameters of the Express Report object type
    SecDescrs := MS.MetabaseClassesSecurityDescriptors;
    ClassSecDescr := SecDescrs.ItemByClassId(MetabaseObjectClass.KE_CLASS_EXPRESSREPORT);
    SecDescr := ClassSecDescr.Descriptor;
    SecDescr.Edit;
    // Deny any operations with express reports to the USER user
    Type := AceType.AccessDenied;
    Sid := MB.Security.ResolveName("USER").Sid;
    SecDescr.Acl.AddAce(Type, Sid, MetabaseObjectPredefinedRights.All);
    SecDescr.Apply(False);  
    // Save changes
    MS.Apply;
    // Check in license
    Lic := Null;
End Sub UserProc;

Imports Prognoz.Platform.Interop.Metabase;
Imports Prognoz.Platform.Interop.ForeSystem;

Public Shared Sub Main(Params: StartParams);
Var
    MB: IMetabase;
    SecDescrs: IMetabaseClassesSecurityDescriptors;
    ClassSecDescr: IMetabaseClassSecurityDescriptor;
    MS: IMetabaseSecurity;
    SecDescr: ISecurityDescriptor;
    Lic: Object;
    Type: AceType;
    Sid: MetabaseSid;
Begin
    MB := Params.Metabase;
    // Get license to work with security manager
    Lic := MB.RequestLicense(UiLicenseFeatureType.lftAdm);
    MS := MB.Security;
    // Get security parameters of the Express Report object type
    SecDescrs := MS.MetabaseClassesSecurityDescriptors;
    ClassSecDescr := SecDescrs.ItemByClassId[MetabaseObjectClass.KE_CLASS_EXPRESSREPORT];
    SecDescr := ClassSecDescr.Descriptor;
    SecDescr.Edit();
    // Deny any operations with express reports to the USER user
    Type := AceType.aceAccessDenied;
    Sid := MB.Security.ResolveName("USER").Sid;
    SecDescr.Acl.AddAce(Type, Sid, 1);
    SecDescr.Apply(False);
    // Save changes
    MS.Apply();
    // Check in license
    Lic := Null;
End Sub;

After executing the example the USER user will be forbidden to do any operations with express reports.

See also:

IMetabaseClassesSecurityDescriptors