AbacRulesNode: IMetabaseUpdateAbacRulesNode;
The AbacRulesNode property returns the structure of attribute-based access control rules in the update.
If the update did not contain attribute-based access control structure, it is created.
To execute the example, make sure that attribute-based access control structure contains a policies set with two nested policies, and the Update.pefx file is located on the C disc. Several attribute-based access rules are in the first policy.
Add links to the ABAC, Metabase system assemblies.
Sub UserProc;
Var
MB: IMetabase;
MS: IMetabaseSecurity;
PolicyObject: IABACRootPolicyObject;
PolicySet: IABACPolicySet;
Policy: IABACPolicy;
Update: IMetabaseUpdate;
UpdateNode, AbacRulesNode: IMetabaseUpdateAbacRulesNode;
Begin
// Get access to repository
MB := MetabaseClass.Active;
MS := MB.Security;
Update := Mb.CreateUpdate;
Update.LoadFromFileNF("C:\Update.pefx");
// Check if update contains attribute-based access control rules
UpdateNode := Update.FindAbacRulesNode;
If UpdateNode <> Null Then
Debug.WriteLine("Update contains ABAC rules");
Else
// Transfer all attributes
Update.IncludeAbacAttributes := True;
// Add attribute-based access control rules to update
AbacRulesNode := Update.AbacRulesNode;
AbacRulesNode.Label := "ABAC rules";
// Get attribute-based access control structure
PolicyObject := MB.Security.Policy.ABACRules;
// Get the first policy in the first policies set
PolicySet := PolicyObject.Policies.Item(0);
Policy := PolicySet.Policies.Item(0);
// Save statuses of the obtained policy and nested rules in the update
AbacRulesNode.KeepActive := True;
// Add a policy with nested rules to the update
AbacRulesNode.Add(Policy, True);
End If;
Update.SaveToFileNF("C:\Update.pefx");
End Sub UserProc;
After executing the example, the first policy of attribute-based access control with nested rules will be added to the Update.pefx file. Statuses of policy and rules will be also saved to the update.
On repeat execution of the example the console displays the message:
The update contains ABAC rules
See also: