Getting Description of Object Security

Below is the example of using the GetMbSec operation to get description of repository objects' security. The request contains the repository connection moniker and the collection of keys of objects, for which security description is obtained. The response contains information about the security subjects, for which any access permissions for the specified repository objects are set.

SOAP request:

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<GetMbSec xmlns="http://www.fsight.ru/PP.SOM.Som">
<tMbSec xmlns="">
  <id>S1!M</id>
  </tMbSec>
<tArg xmlns="">
<pattern>
  <objects>true</objects>
<objectsFilter>
<keys>
  <i>1</i>
  <i>73</i>
  </keys>
  </objectsFilter>
  </pattern>
  </tArg>
  </GetMbSec>
  </s:Body>
  </s:Envelope>

SOAP response:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<GetMbSecResult xmlns="http://www.fsight.ru/PP.SOM.Som" xmlns:q1="http://www.fsight.ru/PP.SOM.Som" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<id xmlns="">
  <id>S1!M</id>
  </id>
<meta xmlns="">
<objects>
<ods>
<its>
<d isShortcut="0" isLink="0" hf="0">
  <i>OBJ1</i>
  <n>Model1</n>
  <k>1</k>
  <c>5125</c>
  <p>66980</p>
  <h>0</h>
  <sdKey>66198</sdKey>
  <hasPrv>0</hasPrv>
  <ic>0</ic>
  </d>
<d isShortcut="0" isLink="0" hf="0">
  <i>OBJ2</i>
  <n>obj2</n>
  <k>73</k>
  <c>1537</c>
  <p>71</p>
  <h>0</h>
  <sdKey>197691</sdKey>
  <hasPrv>0</hasPrv>
  <ic>0</ic>
  </d>
  </its>
  </ods>
<sds>
<its>
<it>
  <k>66198</k>
  <isInherited>1</isInherited>
  <isSealed>0</isSealed>
<discrete>
<aces>
<it>
<subject>
  <k>2147483649</k>
  <id>ADMINISTRATORS</id>
  <n>ADMINISTRATORS</n>
  <vis>1</vis>
  <type>Group</type>
<sid>
  <sid>PS-2-1</sid>
  <type>Group</type>
  </sid>
  </subject>
  <allow>1</allow>
  </it>
<it>
<subject>
  <k>2147483649</k>
  <id>ADMIN</id>
  <n>User</n>
  <vis>1</vis>
  <type>User</type>
<sid>
  <sid>PS-1-1</sid>
  <type>User</type>
  </sid>
  </subject>
  <allow>1</allow>
  </it>
  </aces>
  </discrete>
<mandatory>
<accessToken>
<its>
<it>
<category>
  <k>1</k>
  <id>CATEGORY</id>
  <n>CATEGORY</n>
  <vis>1</vis>
  </category>
<level>
  <k>0</k>
  <id>No access</id>
  <n>No access</n>
  <vis>1</vis>
  </level>
  </it>
  </its>
  </accessToken>
  </mandatory>
  </it>
<it>
  <k>197691</k>
  <isInherited>0</isInherited>
  <isSealed>0</isSealed>
<discrete>
<aces>
<it>
<subject>
  <k>2147483649</k>
  <id>ADMIN</id>
  <n>User</n>
  <vis>1</vis>
  <type>User</type>
<sid>
  <sid>PS-1-1</sid>
  <type>User</type>
  </sid>
  </subject>
  <allow>1</allow>
  </it>
  </aces>
  </discrete>
<mandatory>
<accessToken>
<its>
<it>
<category>
  <k>1</k>
  <id>CATEGORY</id>
  <n>CATEGORY</n>
  <vis>1</vis>
  </category>
<level>
  <k>0</k>
  <id>No access</id>
  <n>No access</n>
  <vis>1</vis>
  </level>
  </it>
  </its>
  </accessToken>
  </mandatory>
  </it>
  </its>
  </sds>
  </objects>
  <bisearchEnable>Full</bisearchEnable>
<apply>
<onCredentialsRequired>
<logonParams>
  <descr>Enter user name and password of the user who has permissions to create tables in the 'Database' database</descr>
  <realm>OBJ21909</realm>
  <toAdmin>1</toAdmin>
<logonData>
  <driver>MSSQL2012</driver>
  <server>v-nrspo-mssql.dev.fs.fsight.world</server>
  <database>Warehouse</database>
  </logonData>
  </logonParams>
  </onCredentialsRequired>
  </apply>
  </meta>
  </GetMbSecResult>
  </soapenv:Body>
  </soapenv:Envelope>

JSON request:

{
"GetMbSec" :
{
"tMbSec" :
{
"id" : "S1!M"
},
"tArg" :
{
"pattern" :
{
"objects" : "true",
"objectsFilter" :
{
"keys" :
{
"i" :
[
"1",
"73"
]
}
}
}
}
}
}

JSON response:

{
"GetMbSecResult" :
{
"id" :
{
"id" : "S1!M"
},
"meta" :
{
"objects" :
{
"ods" :
{
"its" :
{
"d" :
[
{
"@isShortcut" : "0",
"@isLink" : "0",
"@hf" : "0",
"i" : "OBJ1",
"n" : "Model1",
"k" : "1",
"c" : "5125",
"p" : "66980",
"h" : "0",
"sdKey" : "66198",
"hasPrv" : "0",
"ic" : "0"
},
{
"@isShortcut" : "0",
"@isLink" : "0",
"@hf" : "0",
"i" : "OBJ2",
"n" : "obj2",
"k" : "73",
"c" : "1537",
"p" : "71",
"h" : "0",
"sdKey" : "197691",
"hasPrv" : "0",
"ic" : "0"
}
]
}
},
"sds" :
{
"its" :
{
"it" :
[
{
"k" : "66198",
"isInherited" : "1",
"isSealed" : "0",
"discrete" :
{
"aces" :
{
"it" :
[
{
"subject" :
{
"k" : "2147483649",
"id" : "ADMINISTRATORS",
"n" : "ADMINISTRATORS",
"vis" : "1",
"type" : "Group",
"sid" :
{
"sid" : "PS-2-1",
"type" : "Group"
}
},
"allow" : "1"
},
{
"subject" :
{
"k" : "2147483649",
"id" : "ADMIN",
"n" : "User",
"vis" : "1",
"type" : "User",
"sid" :
{
"sid" : "PS-1-1",
"type" : "User"
}
},
"allow" : "1"
}
]
}
},
"mandatory" :
{
"accessToken" :
{
"its" :
{
"it" :
[
{
"category" :
{
"k" : "1",
"id" : "CATEGORY",
"n" : "CATEGORY",
"vis" : "1"
},
"level" :
{
"k" : "0",
"id" : "No access",
"n" : "No access",
"vis" : "1"
}
}
]
}
}
}
},
{
"k" : "197691",
"isInherited" : "0",
"isSealed" : "0",
"discrete" :
{
"aces" :
{
"it" :
{
"subject" :
{
"k" : "2147483649",
"id" : "ADMIN",
"n" : "User",
"vis" : "1",
"type" : "User",
"sid" :
{
"sid" : "PS-1-1",
"type" : "User"
}
},
"allow" : "1"
}
}
},
"mandatory" :
{
"accessToken" :
{
"its" :
{
"it" :
[
{
"category" :
{
"k" : "1",
"id" : "CATEGORY",
"n" : "CATEGORY",
"vis" : "1"
},
"level" :
{
"k" : "0",
"id" : "No access",
"n" : "No access",
"vis" : "1"
}
}
]
}
}
}
}
]
}
}
},
"bisearchEnable" : "Full",
"apply" :
{
"onCredentialsRequired" :
{
"logonParams" :
{
"descr" : "Enter user name and password of the user who has permissions to create tables in the 'Database' database",
"realm" : "OBJ21909",
"toAdmin" : "1",
"logonData" :
{
"driver" : "MSSQL2012",
"server" : "v-nrspo-mssql.dev.fs.fsight.world",
"database" : "Warehouse"
}
}
}
}
}
}
}
public static GetMbSecResult GetObjectSecurityDescriptor(string mb, int[] objKeys)
{
var somClient = new SomPortTypeClient(); //Proxy object for operation execution
//Operation execution parameters
var getMbSec = new GetMbSec()
{
tArg = new GetMbSecArg()
{
pattern = new MbSecMdPattern()
{
objects = true,
objectsFilter = new MbSecOdFilter()
{
keys = objKeys
}
}
},
tMbSec = new MbId() { id = mb }
};
//Get description of object security
var result = somClient.GetMbSec(getMbSec);
return result;
}

See also:

GetMbSec: Operation