FilterClass(ClassID: Integer): Integer;
ClassId. Number identifier of object class.
The FilterClass property determines a mask of operations for which the access auditing will be executed.
To specify object class in the ClassId parameter, use the MetabaseObjectClass enumeration type values.
Access auditing by the specified operations will be executed for all objects of the specified class. Auditing of operations that were activated for the classes, is more priority than the auditing of operations, the were deactivated for the particular object. The AddAce method and the AccessMask property are used to set the access of the operations auditing for the particular object.
To form and check mask value it is necessary to use a value of the enumeration type MetabaseObjectPredefinedRights. This enumeration contains basic and additional operations on which permissions can be given and access audit can be led. The specific operations are available for defined classes of objects. Depending on the class of object, the values of the following enumerations can be used in the mask:
AuditLogSpecificRights are specific operations available for access protocol.
CalculatedCubeSpecificRights are specific operations available for calculated cubes.
CubeLoaderSpecificRights are specific operations available for loading data in a cube.
CubeSpecificRights are specific operations available for different types of cubes.
CustomObjectSpecificRights are specific operations available for objects of custom classes.
DataBaseSpecificRights are specific operations available for repository object - Database.
DictionarySpecificRights are specific operations available for repository objects - MDM Dictionary and Composite MDM dictionary.
MDCalcSpecificRights are specific operations available for repository object - Multidimensional calculation on DB server.
ProblemSpecificRights are specific operations available for an object of modeling container - Modeling task.
ProcedureSpecificRights are specific operations available for repository object - Procedure.
ScenarioDimensionSpecificRights are specific operations available for the repository object - Modeling Scenario.
ScheduledTaskSpecificRights are specific operations available for tasks created in scheduled tasks container.
SecuritySpecificRights are specific operations available for security policy.
TableSpecificRights are specific operations available for the following repository objects - Table, View, Log, External table.
UpdateObjectSpecificRights are specific operations available for repository object - Update.
ValidationSpecificRights - specific operations that are available to the repository objects - Validation rule and Validation group.
Basic, additional and specific operations available for specified objects types are shown in theLogged Operations section.
To analyze a mask value it is necessary to implement a custom function that enables the comparison of separate mask bits with relevant enumerations values. The example of work with access mask is given in the Working with Access Mask section.
To execute the example, add a link to the Metabase system assembly.
Sub UserProc;
Var
MB: IMetabase;
MS: IMetabaseSecurity;
AuditPolicy: IMetabaseAuditPolicy;
Lic: Object;
Begin
MB := MetabaseClass.Active;
// Check out license to work with security manager
Lic := MB.RequestLicense(UiLicenseFeatureType.Adm);
MS := MB.Security;
// Change audit of the Shortcut object type
AuditPolicy := MS.Policy.AuditPolicy;
AuditPolicy.FilterClass(MetabaseObjectClass.KE_CLASS_SHORTCUT_AUDIT) := MetabaseObjectPredefinedRights.Write;
// Save changes
MS.Apply;
// Check in license
Lic := Null;
End Sub UserProc;
After executing the example the audit of the Shortcut object type in the change mode is enabled.
See also: