IABACPolicySet.CombineAlgorithm

Syntax

CombineAlgorithm: ABACCombineAlgorithm;

Description

The CombineAlgorithm property determines a combination algorithm of policies set.

Example

To execute the example, add links to the ABAC and Metabase system assemblies.

Sub UserProc;
Var
    PolicyObject: IABACRootPolicyObject;
    PolicySet: IABACPolicySet;
    MB: IMetabase;
    MS: IMetabaseSecurity;
    Lic: Object;
Begin
    MB := MetabaseClass.Active;
    // Get license to be able to work with the security manager
    Lic := MB.RequestLicense(UiLicenseFeatureType.Adm);
    MS := MB.Security;
    // Activate the use of attribute-based access control
    MS.Policy.AttributeBasedAccessControl := True;
    // Clear attribute-based access control structure
    PolicyObject := MB.Security.Policy.ABACRules;
    PolicyObject.Policies.Clear;
    // Add a policies set
    PolicySet := PolicyObject.Policies.Add;
    PolicySet.Active := True;
    PolicySet.CombineAlgorithm := ABACCombineAlgorithm.PermitOverride;
    PolicySet.Description(MB.CurrentLocale) := "Test policies set";
    PolicySet.Id := "POLICY_SET";
    PolicySet.Name(MB.CurrentLocale) := "Policies set";
    // Set policies set objective
    PolicySet.Target.AttributeId := "OPERATION";
    PolicySet.Target.Operation := ABACTargetOperation.Equal;
    PolicySet.Target.AttributeValue := 2;
    // Apply changes in security manager
    MS.Apply;
    // Check in license
    Lic := Null;
End Sub UserProc;

After executing the example the security manager activates the use of attribute-based access control, in which a policies set with the specified parameters is added and activated:

See also:

IABACPolicySet