IMetabaseObjectDescriptor.SecurityDescriptor

Syntax

SecurityDescriptor: ISecurityDescriptor;

SecurityDescriptor: Prognoz.Platform.Interop.Metabase.ISecurityDescriptor;

Description

The SecurityDescriptor property returns the control parameters of access to the current object.

Example

Executing the example requires that the repository contains an object with the OBJECT identifier.

Add links to the Metabase, ForeSystem (for the Fore.NET example) system assemblies.

Sub UserProc;
Var
    MB: IMetabase;
    ObjDesc: IMetabaseObjectDescriptor;
    SecDesc: ISecurityDescriptor;
    AcessCL: IAccessControlList;
    ACE: IAccessControlEntry;
    MS: IMetabaseSecurity;
    SS: ISecuritySubject;
    Lic: Object;
Begin
    MB := MetabaseClass.Active;
    // Check out license to work with security manager
    Lic := MB.RequestLicense(UiLicenseFeatureType.Adm);
    // Get object
    ObjDesc := MB.ItemById("OBJECT");
    SecDesc := ObjDesc.SecurityDescriptor;
    MS := MB.Security;
    // Get user
    SS := MS.AllUsers.Item(10);
    SecDesc.Edit;
    // Enable full user access to object
    AcessCL := SecDesc.Acl;
    ACE := AcessCL.AddAce(AceType.AccessAllowed, SS.Sid, 131071);
    SecDesc.Apply(True);
    // Save changes
    MS.Apply;
    // Check in license
    Lic := Null;
End Sub UserProc;

Imports Prognoz.Platform.Interop.Metabase;
Imports Prognoz.Platform.Interop.ForeSystem;

Public Shared Sub Main(Params : StartParams);
Var
    MB: IMetabase;
    ObjDesc: IMetabaseObjectDescriptor;
    SecDesc: ISecurityDescriptor;
    AcessCL: IAccessControlList;
    ACE: IAccessControlEntry;
    MS: IMetabaseSecurity;
    SS: ISecuritySubject;
    Lic: Object;
Begin
    MB := Params.Metabase;
    // Check out license to work with security manager
    Lic := MB.RequestLicense(UiLicenseFeatureType.lftAdm);
    // Get object
    ObjDesc := MB.ItemById["OBJECT"];
    SecDesc := ObjDesc.SecurityDescriptor;
    MS := MB.Security;
    // Get user
    SS := MS.AllUsers.Item[10];
    SecDesc.Edit();
    // Enable full user access to object
    AcessCL := SecDesc.Acl;
    ACE := AcessCL.AddAce(AceType.aceAccessAllowed, SS.Sid, 131071);
    SecDesc.Apply(True);
    // Save changes
    MS.Apply();
    // Check in license
    Lic := Null;
End Sub;

The user is added to the specified object after executing this example. User will get permissions according to the 131071 mask (full access) in additional security parameters.

See also:

IMetabaseObjectDescriptor