AbacRulesNode: IMetabaseUpdateAbacRulesNode;
AbacRulesNode: Prognoz.Platform.Interop.Metabase.IMetabaseUpdateAbacRulesNode;
The AbacRulesNode property returns the structure of attribute-based access control rules in the update.
If the update did not contain attribute-based access control structure, it is created.
To execute the example, make sure that attribute-based access control structure contains a policies set with two nested policies, and the Update.pefx file is located on the C drive. Several attribute-based access rules are in the first policy.
Add links to the ABAC, Metabase system assemblies.
Sub Main;
Var
MB: IMetabase;
MS: IMetabaseSecurity;
PolicyObject: IABACRootPolicyObject;
PolicySet: IABACPolicySet;
Policy: IABACPolicy;
Update: IMetabaseUpdate;
UpdateNode, AbacRulesNode: IMetabaseUpdateAbacRulesNode;
Begin
// Get access to repository
MB := MetabaseClass.Active;
MS := MB.Security;
Update := Mb.CreateUpdate;
Update.LoadFromFileNF("C:\Update.pefx");
// Check if update contains attribute-based access control rules
UpdateNode := Update.FindAbacRulesNode;
If UpdateNode <> Null Then
Debug.WriteLine("The ABAC Rules are in the update");
Else
// Add attribute-based access control rules to update
AbacRulesNode := Update.AbacRulesNode;
AbacRulesNode.Label := "ABAC rules";
// Get attribute-based access control structure
PolicyObject := MB.Security.Policy.ABACRules;
// Get the first policy in the first set of policies
PolicySet := PolicyObject.Policies.Item(0);
Policy := PolicySet.Policies.Item(0);
// Save statuses of obtained policy and nested rules in the update
AbacRulesNode.KeepActive := True;
// Add policy with nested rules to update
AbacRulesNode.Add(Policy, True);
End If;
Update.SaveToFileNF("C:\Update.pefx");
End Sub Main;
Imports Prognoz.Platform.Interop.Metabase;
Imports Prognoz.Platform.Interop.ABAC;
…
Public Shared Sub Main(Params: StartParams);
Var
MB: IMetabase;
MS: IMetabaseSecurity;
PolicyObject: IABACRootPolicyObject;
PolicySet: IABACPolicySet;
Policy: IABACPolicy;
Update: IMetabaseUpdate;
UpdateNode, AbacRulesNode: IMetabaseUpdateAbacRulesNode;
Begin
// Get access to repository
MB := Params.Metabase;
MS := MB.Security;
Update := MB.CreateUpdate();
Update.LoadFromFileNF("C:\" + "Update.pefx", UpdateLoadMode.ulmReplace);
// Check if update contains attribute-based access control rules
UpdateNode := Update.FindAbacRulesNode();
If UpdateNode <> Null Then
System.Diagnostics.Debug.WriteLine("The update contains ABAC rules");
Else
// Add attribute-based access control rules to update
AbacRulesNode := Update.AbacRulesNode;
AbacRulesNode.Label := "ABAC rules";
// Get attribute-based access control structure
PolicyObject := MB.Security.Policy.ABACRules;
// Get the first policy in the first set of policies
PolicySet := PolicyObject.Policies.Item[0];
Policy := PolicySet.Policies.Item[0];
// Save statuses of obtained policy and nested rules in the update
AbacRulesNode.KeepActive := True;
// Add a policy with nested rules to update
AbacRulesNode.Add(Policy, True);
End If;
Update.SaveToFileNF("C:\" + "Update.pefx");
End Sub;
After executing the example, a new policy of attribute-based access with nested rules will be added to the Update.pefx file.Statuses of policy and rules will be also saved to the update.
On repeat execution of the example the console displays the message:
The update contains ABAC rules
See also: