Executing the example requires an MDM dictionary with the RDS_DICT identifier. The dictionary should contain a custom attribute with the USERATTRIBUT identifier.
The list of platform access subjects must include two additional users (except for the basic ADMIN user and ADMINISTRATORS group). The dictionary should have security labels created for additional users.
Add links to the Metabase, Rds system assemblies.
Sub UserProc;
Var
MB: IMetabase;
MObj: IMetabaseObject;
Dict: IRdsDictionary;
Attrs: IRdsAttributes;
Attr: IRdsAttribute;
SecLab: ISecurityLabels;
Admin, User1, User2: ISecuritySubject;
Begin
MB := MetabaseClass.Active;
// Get MDM dictionary
MObj := MB.ItemById("RDS_DICT").Edit;
Dict := MObj As IRdsDictionary;
SecLab := MObj.SecurityDescriptor.LabelSecurity;
// Users
Admin := SecLab.Mapping(0); //The Admin user
User1 := SecLab.Mapping(2); //The first additional user
User2 := SecLab.Mapping(3); //The second additional user
// Permissions for the Name attribute
Attrs := Dict.Attributes;
Attr := Attrs.Name;
Attr.ReadAccess := SecLab.Value(Admin) + SecLab.Value(User1);
Attr.WriteAccess := SecLab.Value(User1) + SecLab.Value(User2);
// Permissions for the USERATTRIBUT custom attribute
Attr := Attrs.FindById("USERATTRIBUT");
Attr.ReadAccess := SecLab.Value(Admin) + SecLab.Value(User2);
Attr.WriteAccess := SecLab.Value(User2);
// Save changes
MObj.Save;
End Sub UserProc;
After executing the example access permissions for the Name and USERATTRIBUT attributes are changed in the dictionary. Permissions for the Name attribute: read - ADMIN user and the first additional user; write - the second and third additional users. Permissions for the USERATTRIBUT attribute: read - ADMIN user and the second additional user; write - the second additional user.
See also: