I need to implement role-based authorization on a commandbase object. i.e does this user have rights to do a DataPortal_Execute on this command object. Can someone point me in the direction of a sample or explanation? I have searched the forum/book.
Thanks much
Ranjini
Add the following
protected static void AddObjectAuthorizationRules() { BusinessRules.AddRule(typeof(CommandName), new Csla.Rules.CommonRules.IsInRole(AuthorizationActions.EditObject, "role1", "role2")); }
Thanks! I wasnt aware that DataPortal_Execute checks the CanUpdate flag.
This is good, the "CommandBase" example on the ebook (Creating Business Object Rev 04 page 70) goes something like this:
public static bool Execute()
{
if (!CanExecuteCommand())
throw new System.Security.SecurityException("Not authorized to execute command");
...
...
}
Basically, the authorization on the example is handled manually rather than automatically like Jonny suggests.
Perhaps the example should be updated to show authorization they way Jonny suggested in this post. The way is shown now is more confusing than help full unless I am missing something.
Thanks.
Hi Rene,
If you are referring to Table 15 -page 71 in Using CSLA4 Creating Business Objects version 1.0 then the code has been updated to just use the automatic check:
#if !SILVERLIGHT
public static bool Execute()
{
CommandObject cmd = new CommandObject();
cmd.BeforeServer();
cmd = DataPortal.Execute<CommandObject>(cmd);
cmd.AfterServer();
return cmd.Result;
}
#endif
public static void BeginExecute(EventHandler<DataPortalResult<CommandObject>> callback)
{
CommandObject cmd = new CommandObject();
cmd.BeforeServer();
DataPortal.BeginExecute<CommandObject>(cmd, (o, e) =>
{
if (e.Error != null)
throw e.Error;
e.Object.AfterServer();
callback(o, e);
});
}
Copyright (c) Marimer LLC