Marking
objects is contained in a MarkingSet
collection. A marking represents a single item in a set of markings. For example, if a set of markings is called Security Codes, items within the set might be Top Secret, Secret, Confidential, and so on. Each of those marking values contains a set of access permissions that define who can assign that specific value to an object property, who can modify or remove that specific value, and, once the value is assigned, who will have access to the object to which the value is assigned. You can assign one or more of these markings to an object. To then be able to access that object, a user must be granted sufficient access from all assigned markings. The set of all active markings (that is, those that are currently assigned to a given object) are contained in an
collection. To retrieve the active markings on a given object, get the value of its
property. You can then retrieve each marking and its value.
The user's access to an object is represented by an effective access mask. The effective access is calculated using the object's permission list and subtracting the constraint mask of the applied markings. The resulting effective access is used to control what that user can do with the object.
The following tables list the members exposed by IMarking.
Public Properties
Name | Description | |
---|---|---|
![]() | ConstraintMask | A bitmask defining the access permission associated with a given marking. If a given user does not have the appropriate rights to perform marking-related operations on the object, the access rights specified in the marking's |
![]() | Id | A representation of the Globally Unique Identifier (GUID), a unique 128-bit number, that is assigned to this Content Engine object when the object is created. When converted to a string, the Id property is typically depicted as 32 hexadecimal characters enclosed by brackets in the following format: {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}. For example, {3F2504E0-4F89-11D3-9A0C-0305E82C3301}. For For a given property representation, the Id property has the following characteristics:
For a newly created document object, you can override the Id property of its associated |
![]() | MarkingUseGranted | Contains a bit mask that identifies which access rights have been granted to the current user. A user can be granted "Use", "Remove", and "Add" rights. The "Remove" and "Add" rights determine if the current user can remove or add a marking value on an independent object. The primary use of this MarkingUseGranted property is to detect whether the current user has the "Use" right. The "Use" right determines whether the presence of the marking on an object constrains access to that object. If the user has "Use" right to the marking, access to associated independent objects will not be constrained by the value of the ConstraintMask property on the Marking object. The absence of the "Use" right means that the values in the ConstraintMask property will be subtracted from the associated object's effective access calculation (which is the value returned by the IndependentlyPersistableObject.GetAccessAllowed() method). In this case, the constraint mask of the marking identifies which rights cannot be granted, and will be ignored, which effectively removes those rights granted on the associated independent object's ACL. |
![]() | MarkingValue | Specifies the value to use when applying a Marking to an object that has a property associated with a MarkingSet. This value of a marking must be unique within a marking set. |
![]() | Permissions | Manages the discretionary permissions assigned to the object. |