IMetabaseUpdate.AbacRulesNode

Syntax

AbacRulesNode: IMetabaseUpdateAbacRulesNode;

AbacRulesNode: Prognoz.Platform.Interop.Metabase.IMetabaseUpdateAbacRulesNode);

Description

The AbacRulesNode property returns structure of attribute-based access control rules in the update.

Comments

If the update did not contain attribute-based access control structure, it is created.

Example

To execute the example, make sure that attribute-based access control structure contains a policies set with two nested policies, and the Update.pefx file is located on the C drive.

Add links to the ABAC, Metabase system assemblies.

Sub Main;
Var
    MB: IMetabase;
   MS: IMetabaseSecurity;
    PolicyObject: IABACRootPolicyObject;
    PolicySet: IABACPolicySet;
    Policy: IABACPolicy;
    Update: IMetabaseUpdate;
    UpdateNode, AbacRulesNode: IMetabaseUpdateAbacRulesNode;
Begin
    // Get access to repository
    MB := MetabaseClass.Active;
    MS := MB.Security;
    Update := Mb.CreateUpdate;
    Update.LoadFromFileNF("C:\Update.pefx");
    // Check if update contains attribute-based access control rules
    UpdateNode := Update.FindAbacRulesNode;
    If UpdateNode <> Null Then
        Debug.WriteLine("Update contains ABAC rules");
    Else
        // Add attribute-based access control rules to update
        AbacRulesNode := Update.AbacRulesNode;
        AbacRulesNode.Label := "ABAC rules";
        // Get attribute-based access control structure
        PolicyObject := MB.Security.Policy.ABACRules;
        // Get policy with the 0 index in the first policies set
        PolicySet := PolicyObject.Policies.Item(0);
        Policy := PolicySet.Policies.Item(0);
        // Add a policy with nested rule to update
        AbacRulesNode.Add(Policy, True);
    End If;
    Update.SaveToFileNF("C:\Update.pefx");
End Sub Main;

Imports Prognoz.Platform.Interop.Metabase;
Imports Prognoz.Platform.Interop.ABAC;
Imports Prognoz.Platform.Interop.Foresystem;

Public Shared Sub Main(Params: StartParams);
Var
    MB: IMetabase;
   MS: IMetabaseSecurity;
    PolicyObject: IABACRootPolicyObject;
    PolicySet: IABACPolicySet;
    Policy: IABACPolicy;
    Update: IMetabaseUpdate;
    UpdateNode, AbacRulesNode: IMetabaseUpdateAbacRulesNode;
Begin
    // Get access to repository
    MB := Params.Metabase;
    MS := MB.Security;
    Update := MB.CreateUpdate();
    Update.LoadFromFileNF("C:\" + "Update.pefx", UpdateLoadMode.ulmReplace);
    // Check if update contains attribute-based access control rules
    UpdateNode := Update.FindAbacRulesNode();
    If UpdateNode <> Null Then
        System.Diagnostics.Debug.WriteLine("Update contains ABAC rules");
    Else
        // Add attribute-based access control rules to update
        AbacRulesNode := Update.AbacRulesNode;
        AbacRulesNode.Label := "ABAC rules";
        // Get attribute-based access control structure
        PolicyObject := MB.Security.Policy.ABACRules;
        // Get policy with the 0 index in the first policies set
        PolicySet := PolicyObject.Policies.Item[0];
        Policy := PolicySet.Policies.Item[0];
        // Add a policy with nested rule to update
        AbacRulesNode.Add(Policy, True);
    End If;
    Update.SaveToFileNF("C:\" + "Update.pefx");
End Sub;

After executing the example the specified policy with the 0 index is added to the Update.pefx update file:

The repeated example execution displays the message in the console:

Specified policy is already added to update

See also:

IMetabaseUpdate