IMetabaseUpdateAbacRulesNode.Root

Syntax

Root: IABACRootPolicyObject;

Root: Prognoz.Platform.Interop.ABAC.ABACRootPolicyObject;

Description

The Root property determines the element located on the first level of attribute-based access control hierarchy.

Example

To execute the example, make sure that attribute-based access control structure contains a policies set, and the C drive contains the Update.pefx udpate file.

Add links to the ABAC, Metabase, ForeSystem (for the Fore.NET example) system assemblies.

Sub Main;
Var
    MB: IMetabase;
    MS: IMetabaseSecurity;
    PolicyObject, PolicyObjectPef: IABACRootPolicyObject;
    PolicySet, PolicySetPef: IABACEvaluatedObject;
    Policy: IABACPolicy;
    Update: IMetabaseUpdate;
    AbacRulesNode: IMetabaseUpdateAbacRulesNode;
    s: string;
Begin
    
// Get access to repository
    MB := MetabaseClass.Active;
    MS := MB.Security;
    Update := Mb.CreateUpdate;
    Update.LoadFromFileNF(
"C:\Update.pefx");
    
// Add attribute-based access control rules to update
    AbacRulesNode := Update.AbacRulesNode;
    AbacRulesNode.Label := 
"ABAC rules";
    
// Get attribute-based access control structure
    PolicyObject := MB.Security.Policy.ABACRules;
    
// Get policies set with the 0 index
    PolicySet := PolicyObject.Policies.Item(0);
    
// Determine the element located on the first level of attribute-based access control
    PolicyObjectPef := AbacRulesNode.Root;
    PolicySetPef := PolicyObjectPef.FindByGuidStr(PolicySet.GuidStr);
    
If PolicySetPef <> Null Then
        Debug.WriteLine(
"Policies set is already added to update");
        
Return;
    
End If;
    AbacRulesNode.Add(PolicySet, 
True);
    PolicySetPef := PolicyObjectPef.FindByGuidStr(PolicySet.GuidStr);
    
If PolicySet <> Null Then
        Debug.WriteLine(
"Policies set is added to update");
    
Else
        Debug.WriteLine(
"Policies set is not added to update");
    
End If;
    Update.SaveToFileNF(
"C:\Update.pefx");
End Sub Main;

Imports Prognoz.Platform.Interop.Metabase;
Imports Prognoz.Platform.Interop.ABAC;
Imports Prognoz.Platform.Interop.Foresystem;

Public Shared Sub Main(Params: StartParams);
Var
    MB: IMetabase;
    MS: IMetabaseSecurity;
    PolicyObject, PolicyObjectPef: IABACRootPolicyObject;
    PolicySet, PolicySetPef: IABACEvaluatedObject;
    Policy: IABACPolicy;
    Update: IMetabaseUpdate;
    AbacRulesNode: IMetabaseUpdateAbacRulesNode;
    s: string;
Begin
    
// Get access to repository
    MB := Params.Metabase;
    MS := MB.Security;
    Update := MB.CreateUpdate();
    Update.LoadFromFileNF(
"C:\" + "Update.pefx",  UpdateLoadMode.ulmReplace);
    
// Add attribute-based access control rules to update
    AbacRulesNode := Update.AbacRulesNode;
    AbacRulesNode.Label := 
"ABAC rules";
    
// Get attribute-based access control structure
    PolicyObject := MB.Security.Policy.ABACRules;
    
// Get policies set with the 0 index
    PolicySet := PolicyObject.Policies.Item[0];
    
// Determine the element located on the first level of attribute-based access control
    PolicyObjectPef := AbacRulesNode.Root;
    PolicySetPef := PolicyObjectPef.FindByGuidStr(PolicySet.GuidStr);
    
If PolicySetPef <> Null Then
        System.Diagnostics.Debug.WriteLine(
"Policies set is already added to update");
        
Return;
    
End If;
    AbacRulesNode.Add(PolicySet, 
True);
    PolicySetPef := PolicyObjectPef.FindByGuidStr(PolicySet.GuidStr);
    
If PolicySet <> Null Then
        System.Diagnostics.Debug.WriteLine(
"Policies set is added to update");
    
Else
        System.Diagnostics.Debug.WriteLine(
"Policies set is not added to update");
    
End If;
    Update.SaveToFileNF(
"C:\" + "Update.pefx");
End Sub;

After executing the example the console displays the message:

Policies set is added to update

Policies set is already added to update

See also:

IMetabaseUpdateAbacRulesNode