IMetabaseUpdate.AbacRulesNode

Syntax

AbacRulesNode: IMetabaseUpdateAbacRulesNode;

Description

The AbacRulesNode property returns the structure of attribute-based access control rules in the update.

Comments

If the update did not contain attribute-based access control structure, it is created.

Example

To execute the example, make sure that attribute-based access control structure contains a policies set with two nested policies, and the Update.pefx file is located on the C drive. Several attribute-based access rules are in the first policy.

Add links to the ABAC, Metabase system assemblies.

Sub UserProc;
Var
    MB: IMetabase;
    MS: IMetabaseSecurity;
    PolicyObject: IABACRootPolicyObject;
    PolicySet: IABACPolicySet;
    Policy: IABACPolicy;
    Update: IMetabaseUpdate;
    UpdateNode, AbacRulesNode: IMetabaseUpdateAbacRulesNode;
Begin
    // Get access to repository
    MB := MetabaseClass.Active;
    MS := MB.Security;
    Update := Mb.CreateUpdate;
    Update.LoadFromFileNF("C:\Update.pefx");
    // Check if update contains attribute-based access control rules
    UpdateNode := Update.FindAbacRulesNode;
    If UpdateNode <> Null Then
        Debug.WriteLine("Update contains ABAC rules");
    Else
        // Transfer all attributes
        Update.IncludeAbacAttributes := True;
        // Add attribute-based access control rules to update
        AbacRulesNode := Update.AbacRulesNode;
        AbacRulesNode.Label := "ABAC rules";
        // Get attribute-based access control structure
        PolicyObject := MB.Security.Policy.ABACRules;
        // Get the first policy in the first policies set
        PolicySet := PolicyObject.Policies.Item(0);
        Policy := PolicySet.Policies.Item(0);
        // Save statuses of the obtained policy and nested rules in the update
        AbacRulesNode.KeepActive := True;
        // Add a policy with nested rules to the update
        AbacRulesNode.Add(Policy, True);
    End If;
    Update.SaveToFileNF("C:\Update.pefx");
End Sub UserProc;

After executing the example, the first policy of attribute-based access control with nested rules will be added to the Update.pefx file. Statuses of policy and rules will be also saved to the update.

On repeat execution of the example the console displays the message:

The update contains ABAC rules

See also:

IMetabaseUpdate