Why no formal authorization rules for add/replace/remove collection items?

Why no formal authorization rules for add/replace/remove collection items?

Old forum URL: forums.lhotka.net/forums/t/10556.aspx


rxelizondo posted on Friday, July 22, 2011

Hello,

Just out of curiosity, I was wondering if anyone could let me know the reason why there is no formal CSLA way to enforce authorization rules when adding, replacing or removing items from a collection.

I really wish the CSLA had a built in way (well know way) to be able to enforce such actions. Note that I am not just taking about simple "is in role" authorization rules but more sophisticated rules that includes authorization based on a value on a parent object for example or some other criteria.

In essence, I wish we could attach a rule to an add, replace, remove collection action (just like we do for properties) and have the CSLA take it from there. As of now, I only know of workarounds that requires us to manually enforce such rules on our business objects.

Thank you.

RockfordLhotka replied on Saturday, July 23, 2011

This is a good idea. I will add it to the wish list.

RockfordLhotka replied on Saturday, July 23, 2011

http://www.lhotka.net/cslabugs/edit_bug.aspx?id=945

Copyright (c) Marimer LLC