The Root property determines the element located on the first level of attribute-based access control hierarchy.
To execute the example, make sure that attribute-based access control structure contains a policies set, and the C drive contains the Update.pefx udpate file.
Add links to the ABAC, Metabase, ForeSystem (for the Fore.NET example) system assemblies.
Sub Main;
Var
MB: IMetabase;
MS: IMetabaseSecurity;
PolicyObject, PolicyObjectPef: IABACRootPolicyObject;
PolicySet, PolicySetPef: IABACEvaluatedObject;
Policy: IABACPolicy;
Update: IMetabaseUpdate;
AbacRulesNode: IMetabaseUpdateAbacRulesNode;
s: string;
Begin
// Get access to repository
MB := MetabaseClass.Active;
MS := MB.Security;
Update := Mb.CreateUpdate;
Update.LoadFromFileNF("C:\Update.pefx");
// Add attribute-based access control rules to update
AbacRulesNode := Update.AbacRulesNode;
AbacRulesNode.Label := "ABAC rules";
// Get attribute-based access control structure
PolicyObject := MB.Security.Policy.ABACRules;
// Get policies set with the 0 index
PolicySet := PolicyObject.Policies.Item(0);
// Determine the element located on the first level of attribute-based access control
PolicyObjectPef := AbacRulesNode.Root;
PolicySetPef := PolicyObjectPef.FindByGuidStr(PolicySet.GuidStr);
If PolicySetPef <> Null Then
Debug.WriteLine("Policies set is already added to update");
Return;
End If;
AbacRulesNode.Add(PolicySet, True);
PolicySetPef := PolicyObjectPef.FindByGuidStr(PolicySet.GuidStr);
If PolicySet <> Null Then
Debug.WriteLine("Policies set is added to update");
Else
Debug.WriteLine("Policies set is not added to update");
End If;
Update.SaveToFileNF("C:\Update.pefx");
End Sub Main;
Imports Prognoz.Platform.Interop.Metabase;
Imports Prognoz.Platform.Interop.ABAC;
Imports Prognoz.Platform.Interop.Foresystem;
…
Public Shared Sub Main(Params: StartParams);
Var
MB: IMetabase;
MS: IMetabaseSecurity;
PolicyObject, PolicyObjectPef: IABACRootPolicyObject;
PolicySet, PolicySetPef: IABACEvaluatedObject;
Policy: IABACPolicy;
Update: IMetabaseUpdate;
AbacRulesNode: IMetabaseUpdateAbacRulesNode;
s: string;
Begin
// Get access to repository
MB := Params.Metabase;
MS := MB.Security;
Update := MB.CreateUpdate();
Update.LoadFromFileNF("C:\" + "Update.pefx", UpdateLoadMode.ulmReplace);
// Add attribute-based access control rules to update
AbacRulesNode := Update.AbacRulesNode;
AbacRulesNode.Label := "ABAC rules";
// Get attribute-based access control structure
PolicyObject := MB.Security.Policy.ABACRules;
// Get policies set with the 0 index
PolicySet := PolicyObject.Policies.Item[0];
// Determine the element located on the first level of attribute-based access control
PolicyObjectPef := AbacRulesNode.Root;
PolicySetPef := PolicyObjectPef.FindByGuidStr(PolicySet.GuidStr);
If PolicySetPef <> Null Then
System.Diagnostics.Debug.WriteLine("Policies set is already added to update");
Return;
End If;
AbacRulesNode.Add(PolicySet, True);
PolicySetPef := PolicyObjectPef.FindByGuidStr(PolicySet.GuidStr);
If PolicySet <> Null Then
System.Diagnostics.Debug.WriteLine("Policies set is added to update");
Else
System.Diagnostics.Debug.WriteLine("Policies set is not added to update");
End If;
Update.SaveToFileNF("C:\" + "Update.pefx");
End Sub;
After executing the example the console displays the message:
If the update did not contain a policies set:
Policies set is added to update
If the update contained policies set:
Policies set is already added to update
See also: