IMetabasePolicy.MethodsCombineAlgorithm

Syntax

MethodsCombineAlgorithm: ControlMethodsCombineAlgorithm;

Description

The MethodsCombineAlgorithm property determines permission combination algorithm by attribute-based and discretionary access control method.

Comments

The property is relevant if attribute-based and discretionary access control methods are used simultaneously.

Example

To execute the example, add a link to the Metabase system assembly.

Copy example

Sub UserProc;
Var
    MB: IMetabase;
    MS: IMetabaseSecurity;
    Lic: Object;
Begin
    MB := MetabaseClass.Active;
    // Check out license to work with security manager
    Lic := MB.RequestLicense(UiLicenseFeatureType.Adm);
    MS := MB.Security;
    // Activate the use of discretionary and attribute-based access control
    MS.Policy.DiscretionaryAccessControl := True;
    MS.Policy.AttributeBasedAccessControl := True;
    // Set the OR combination algorithm
    MS.Policy.MethodsCombineAlgorithm := ControlMethodsCombineAlgorithm.Permit;
    // Save changes
    MS.Apply;
    // Check in license
    Lic := Null;
End Sub UserProc;

After executing the example the use of discretionary and attribute-based access control methods will be activated and the OR permission combination algorithm is set.

When the combination algorithm is set:

• If at least one access control method has allowed operation and access permissions are not determined for another method, the operation will be allowed as a result.

• If the operation is denied for one of access control methods, the operation is denied.

See also:

IMetabasePolicy

Copy page URL

Back to top

To report a found bug, please, select the text with the bug and click Report a Bug or CTRL+ENTER.

Help system 10.4 of 09/07/2024, © FORESIGHT