IABACTarget.SecondAttrId

Syntax

SecondAttrId: String;

Description

The SecondAttrId property determines a value as a custom attribute to compare with the specified attribute.

Comments

The property is relevant for comparing of custom attributes of subjects or objects. The first attribute is set using the IABACTarget.AttributeId property. The second attribute is set using the SecondAttrId property and automatically sends value as a custom attribute to the IABACTarget.AttributeValue property.

Example

To execute the example, make sure that attribute-based access control structure contains a policies set.

Add links to the ABAC and Metabase system assemblies.

Sub UserProc;
Var
    PolicyObject: IABACRootPolicyObject;
    PolicySet: IABACPolicySet;
    Policy: IABACPolicy;
    MB: IMetabase;
    MS: IMetabaseSecurity;
    Lic: Object;
Begin
    MB := MetabaseClass.Active;
    // Get license to be able to work with the security manager
    Lic := MB.RequestLicense(UiLicenseFeatureType.Adm);
    MS := MB.Security;
    // Get attribute-based access control
    PolicyObject := MB.Security.Policy.ABACRules;
    // Add a policy in the first policies set
    PolicySet := PolicyObject.Policies.Item(0);
    Policy := PolicySet.Policies.Add;
    Policy.Name(MB.CurrentLocale) := "Test policy";
    // Set policy objective
    Policy.Target.AttributeId := "SUBJECT.CUSTOM_ATTR1";
    Policy.Target.Operation := ABACTargetOperation.Equal;
    Policy.Target.SecondAttrId := "OBJECT.CUSTOM_ATTR2";
    // Apply changes in security manager
    MS.Apply;
    // Check in license
    Lic := Null;
End Sub UserProc;

After executing the example the policy with the specified objective is added to the first policies set. The attribute-based access control structure will look as follows:

See also:

IABACTarget

Copy page URL

Back to top

To report a found bug, please, select the text with the bug and click Report a Bug or CTRL+ENTER.

Help system 10.4 of 09/07/2024, © FORESIGHT