IMetabasePolicy.ESKMode

Syntax

ESKMode: Boolean;

ESKMode: System.Boolean;

Description

The ESKMode property determines whether it is possible to use compatibility mode to work with domain groups in Oracle DBMS.

Comments

The property is relevant only on working in repository based on Oracle DBMS. By default the property is set to False, in security manager only users can be added from domain. On setting to True, compatibility mode will be on that enables to add domain groups and to set up access permissions for it in a particular way. For details about granting permissions, see theDomain Authorization on Working With Oracle Server subsection.

To enable compatibility mode, the following conditions must be met:

Example

To execute the example, add links to the Metabase, ForeSystem (for the Fore.NET example) system assemblies.

Sub UserProc;
Var
    MB: IMetabase;
    Security: IMetabaseSecurity;
    Police: IMetabasePolicy;
    MandatoryAccess: IMetabaseMandatoryAccess;
    Category: ISecurityCategory;
    Lic: Object;
Begin
    MB := MetabaseClass.Active;
    
// Check out license to work with security manager
    Lic := MB.RequestLicense(UiLicenseFeatureType.Adm);
    Security := MB.Security;
    Police := Security.Policy;
    
// Enable compatibility mode
    Police.ESKMode := True;
    
//Enable mode of role distribution between information security administrator and application administrator
    Police.PromoteToIsaMode(Security.ResolveName(MB.Id + "_ISA"As IMetabaseUser);
    MandatoryAccess := Police.MandatoryAccess;
    
//Distribute access by levels
    MandatoryAccess.IsSimple := True;
    Category := MandatoryAccess.Category(
0);
    Category.AddLevel(
1"Guest");
    Category.AddLevel(
2"AllAccess");
    
// Save changes
    Security.Apply;
    
// Check in license
    Lic := Null;
End Sub UserProc;

Imports Prognoz.Platform.Interop.Metabase;
Imports Prognoz.Platform.Interop.ForeSystem;

Public Shared Sub Main(Params: StartParams);
Var
    MB: IMetabase;
    Security: IMetabaseSecurity;
    Police: IMetabasePolicy;
    MandatoryAccess: IMetabaseMandatoryAccess;
    Category: ISecurityCategory;
    Lic: Object;
Begin
    MB := Params.Metabase;
    
// Check out license to work with security manager
    Lic := MB.RequestLicense(UiLicenseFeatureType.lftAdm);
    Security := MB.Security;
    Police := Security.Policy;
    
// Enable compatibility mode
    Police.ESKMode := True;
    
//Enable mode of role distribution between information security administrator and application administrator
    Police.PromoteToIsaMode((Security.ResolveName(MB.Id + "_ISA"As IMetabaseUser), IsaModePromoteOptions.ismopropNone);
    MandatoryAccess := Police.MandatoryAccess;
    
//Distribute access by levels
    MandatoryAccess.IsSimple := True;
    Category := MandatoryAccess.Category[
0];
    Category.AddLevel(
1"Guest");
    Category.AddLevel(
2"AllAccess");
    
// Save changes
    Security.Apply();
    
// Check in license
    Lic := Null;
End Sub;

After executing the example the current repository security policy will be changed.

See also:

IMetabasePolicy