IMetabaseUpdateAbacRulesNode.Root

Syntax

Root: IABACRootPolicyObject;

Root: Prognoz.Platform.Interop.ABAC.ABACRootPolicyObject;

Description

The Root property determines the element located on the first level of hierarchy of attribute-based access control.

Example

To execute the example, make sure that attribute-based access control structure contains a policies set and the Update.pefx file is located on the C drive.

Add links to the ABAC, Metabase, ForeSystem (for the Fore.NET example) system assemblies.

Sub Main;
Var
    MB: IMetabase;
    MS: IMetabaseSecurity;
    PolicyObject, PolicyObjectPef: IABACRootPolicyObject;
    PolicySet, PolicySetPef: IABACEvaluatedObject;
    Policy: IABACPolicy;
    Update: IMetabaseUpdate;
    AbacRulesNode: IMetabaseUpdateAbacRulesNode;
    s: string;
Begin
    // Get access to repository
    MB := MetabaseClass.Active;
    MS := MB.Security;
    Update := Mb.CreateUpdate;
    Update.LoadFromFileNF("C:\Update.pefx");
    // Add attribute-based access control rules to update
    AbacRulesNode := Update.AbacRulesNode;
    AbacRulesNode.Label := "ABAC rules";
    // Get attribute-based access control structure
    PolicyObject := MB.Security.Policy.ABACRules;
    // Get policies set with the 0 index
    PolicySet := PolicyObject.Policies.Item(0);
    // Determine the element located on the first level of attribute-based access control
    PolicyObjectPef := AbacRulesNode.Root;
    PolicySetPef := PolicyObjectPef.FindByGuidStr(PolicySet.GuidStr);
    If PolicySetPef <> Null Then
        Debug.WriteLine("Policies set is already added to update");
        Return;
    End If;
    AbacRulesNode.Add(PolicySet, True);
    PolicySetPef := PolicyObjectPef.FindByGuidStr(PolicySet.GuidStr);
    If PolicySet <> Null Then
        Debug.WriteLine("Policies set is added to update");
    Else
        Debug.WriteLine("Policies set is not added to update");
    End If;
    Update.SaveToFileNF("C:\Update.pefx");
End Sub Main;

Imports Prognoz.Platform.Interop.Metabase;
Imports Prognoz.Platform.Interop.ABAC;
Imports Prognoz.Platform.Interop.Foresystem;

Public Shared Sub Main(Params: StartParams);
Var
    MB: IMetabase;
    MS: IMetabaseSecurity;
    PolicyObject, PolicyObjectPef: IABACRootPolicyObject;
    PolicySet, PolicySetPef: IABACEvaluatedObject;
    Policy: IABACPolicy;
    Update: IMetabaseUpdate;
    AbacRulesNode: IMetabaseUpdateAbacRulesNode;
    s: string;
Begin
    // Get access to repository
    MB := Params.Metabase;
    MS := MB.Security;
    Update := MB.CreateUpdate();
    Update.LoadFromFileNF("C:\" + "Update.pefx",  UpdateLoadMode.ulmReplace);
    // Add attribute-based access control rules to update
    AbacRulesNode := Update.AbacRulesNode;
    AbacRulesNode.Label := "ABAC rules";
    // Get attribute-based access control structure
    PolicyObject := MB.Security.Policy.ABACRules;
    // Get policies set with the 0 index
    PolicySet := PolicyObject.Policies.Item[0];
    // Determine the element located on the first level of attribute-based access control
    PolicyObjectPef := AbacRulesNode.Root;
    PolicySetPef := PolicyObjectPef.FindByGuidStr(PolicySet.GuidStr);
    If PolicySetPef <> Null Then
        System.Diagnostics.Debug.WriteLine("Policies set is already added to update");
        Return;
    End If;
    AbacRulesNode.Add(PolicySet, True);
    PolicySetPef := PolicyObjectPef.FindByGuidStr(PolicySet.GuidStr);
    If PolicySet <> Null Then
        System.Diagnostics.Debug.WriteLine("Policies set is added to update");
    Else
        System.Diagnostics.Debug.WriteLine("Policies set is not added to update");
    End If;
    Update.SaveToFileNF("C:\" + "Update.pefx");
End Sub;

After executing the example the console displays the message:

Policies set is added to update

Policies set is already added to update

See also:

IMetabaseUpdateAbacRulesNode