Creating Custom Attributes

NOTE. Custom attribute creation is available only to the administrator with the Changing User Permissions, Distributing Roles, Changing Policy privilege and the Changing Security Label and Access Control List of Any Object privilege. Each attribute must have unique name and identifier to prevent intersections of identical attributes between objects and subjects.

To add attributes to users, go to the Users section:

In the web application click the Attributes button on the toolbar.

In the desktop application select the User > User Attributes main menu item.

After executing operations, the Attributes dialog box opens to create, edit, delete user attributes.

Added attributes are contained in properties of a concrete user to edit its values.

To create user group attributes, go to the Groups section:

In the web application click the Attributes button on the toolbar.

In the desktop application select the Group > Group Attributes main menu item.

After executing operations the Attributes dialog box opens to create, edit, delete user group attributes.

The added attributes are contained in properties of a specific user group to edit its values.

Adding attributes is available to object classes and particular object type.

Attributes are added to object classes, next to particular object type. After custom attributes are added, object properties will contain object class attributes and object type attributes to edit its values.

To add attributes for object classes, go to the Object Classes section:

In the web application click the Attributes button on the toolbar.

In the desktop application select the Object Classes > Class Attributes main menu item.

After executing the operations, the Attributes dialog box opens to create, edit, delete object classes attributes. Added attributes will be contained in object properties to change values.

To add attributes for the selected object type in the Object Classes section:

In the web application use the Attributes tab on the Properties side panel.
In the desktop application select the Attributes tab in the Access Control Settings dialog box.

After executing one of the operations, create, edit or delete attributes of a particular object type in the same way as in the Attributes dialog box for object classes.

For details see the Adding Attributes to Particular Object Types section.

To add a new attribute, click the Add button. The Attribute Properties dialog box opens:

Specify attribute properties: name, identifier, data type, and default value.

To edit the existing attribute:

Select the required attribute in the list.
Click the Edit button.

After executing the operations, the Attribute Properties dialog box opens with the specified properties for change.

NOTE. In the edit mode, the Name and Default Value boxes are available.

To delete the existing attribute:

Select the required attribute in the list.
Click the Delete button.

After executing actions, the attribute will be deleted from the list.

Use the specified attribute values to check access to particular object types in properties of attribute-based access elements: objective, condition.