Just wanted to check my code is implemented correctly. I've found that if I don't create a method "AddObjectAuthorizationRules" any application menu logic that tests for permission will fail.
Me.ClientSearchToolStripMenuItem.Visible = _
Csla.Security.AuthorizationRules.CanGetObject(GetType(MyVIP.Library.Client))
#Region "Authorization Rules" #If Not SILVERLIGHT Then ''' <summary> ''' Allows the specification of CSLA based authorization rules. Specifies what roles can ''' perform which operations for a given business object ''' </summary> Private Shared Sub AddObjectAuthorizationRules() ''More information on these rules can be found here (http://www.devx.com/codemag/Article/40663/1763/page/2). 'Dim canWrite As String() = { "AdminUser", "RegularUser" } Dim canRead As String() = {"AdminUser", "RegularUser", "ReadOnlyUser"} 'Dim admin As String() = { "AdminUser" } 'AuthorizationRules.AllowCreate(GetType(Client), admin) 'AuthorizationRules.AllowDelete(GetType(Client), admin) 'AuthorizationRules.AllowEdit(GetType(Client), canWrite) AuthorizationRules.AllowGet(GetType(Client), canRead) End Sub Protected Overrides Sub AddAuthorizationRules() MyBase.AddAuthorizationRules() ''Identification 'AuthorizationRules.AllowRead(_identificationProperty, canRead) ''Guid 'AuthorizationRules.AllowWrite(_guidProperty, canWrite) 'AuthorizationRules.AllowRead(_guidProperty, canRead) ''Address1 'AuthorizationRules.AllowWrite(_address1Property, canWrite) 'AuthorizationRules.AllowRead(_address1Property, canRead) ''Address2 'AuthorizationRules.AllowWrite(_address2Property, canWrite) 'AuthorizationRules.AllowRead(_address2Property, canRead) ''Suburb 'AuthorizationRules.AllowWrite(_suburbProperty, canWrite) 'AuthorizationRules.AllowRead(_suburbProperty, canRead) ''State 'AuthorizationRules.AllowWrite(_stateProperty, canWrite) 'AuthorizationRules.AllowRead(_stateProperty, canRead) ''PostCode 'AuthorizationRules.AllowWrite(_postCodeProperty, canWrite) 'AuthorizationRules.AllowRead(_postCodeProperty, canRead) ''Phone 'AuthorizationRules.AllowWrite(_phoneProperty, canWrite) 'AuthorizationRules.AllowRead(_phoneProperty, canRead) ''Fax 'AuthorizationRules.AllowWrite(_faxProperty, canWrite) 'AuthorizationRules.AllowRead(_faxProperty, canRead) ''Mobile 'AuthorizationRules.AllowWrite(_mobileProperty, canWrite) 'AuthorizationRules.AllowRead(_mobileProperty, canRead) ''Email 'AuthorizationRules.AllowWrite(_emailProperty, canWrite) 'AuthorizationRules.AllowRead(_emailProperty, canRead) ''ObsoletePassword 'AuthorizationRules.AllowWrite(_obsoletePasswordProperty, canWrite) 'AuthorizationRules.AllowRead(_obsoletePasswordProperty, canRead) ''LastUpdatedDate 'AuthorizationRules.AllowWrite(_lastUpdatedDateProperty, canWrite) 'AuthorizationRules.AllowRead(_lastUpdatedDateProperty, canRead) ''LastUpdatedByUserID 'AuthorizationRules.AllowWrite(_lastUpdatedByUserIDProperty, canWrite) 'AuthorizationRules.AllowRead(_lastUpdatedByUserIDProperty, canRead) ''IsInternational 'AuthorizationRules.AllowWrite(_isInternationalProperty, canWrite) 'AuthorizationRules.AllowRead(_isInternationalProperty, canRead) ''FullName 'AuthorizationRules.AllowWrite(_fullNameProperty, canWrite) 'AuthorizationRules.AllowRead(_fullNameProperty, canRead) End Sub #End If
Protected Overrides Sub AddBusinessRules() ' Call the base class, if this call isn't made than any declared System.ComponentModel.DataAnnotations rules will not work. MyBase.AddBusinessRules() If AddBusinessValidationRules() Then Exit Sub ValidationRules.AddRule(AddressOf Global.Csla.Validation.CommonRules.StringMaxLength, New CommonRules.MaxLengthRuleArgs(_address1Property, 100)) ValidationRules.AddRule(AddressOf Global.Csla.Validation.CommonRules.StringMaxLength, New CommonRules.MaxLengthRuleArgs(_address2Property, 100)) ValidationRules.AddRule(AddressOf Global.Csla.Validation.CommonRules.StringMaxLength, New CommonRules.MaxLengthRuleArgs(_suburbProperty, 50)) ValidationRules.AddRule(AddressOf Global.Csla.Validation.CommonRules.StringMaxLength, New CommonRules.MaxLengthRuleArgs(_stateProperty, 3)) ValidationRules.AddRule(AddressOf Global.Csla.Validation.CommonRules.StringMaxLength, New CommonRules.MaxLengthRuleArgs(_postCodeProperty, 12)) ValidationRules.AddRule(AddressOf Global.Csla.Validation.CommonRules.StringMaxLength, New CommonRules.MaxLengthRuleArgs(_phoneProperty, 50)) ValidationRules.AddRule(AddressOf Global.Csla.Validation.CommonRules.StringMaxLength, New CommonRules.MaxLengthRuleArgs(_faxProperty, 50)) ValidationRules.AddRule(AddressOf Global.Csla.Validation.CommonRules.StringMaxLength, New CommonRules.MaxLengthRuleArgs(_mobileProperty, 20)) ValidationRules.AddRule(AddressOf Global.Csla.Validation.CommonRules.StringMaxLength, New CommonRules.MaxLengthRuleArgs(_emailProperty, 100)) End Sub
How does it fail? Does CanGetObject throw an exception?
Rocky,
It doesn't generate an error, I thought it was generating the wrong true/false result. After much *pie on face* I determined that the VS2010 debug environment is incorrectly returning the value for the Strip Menu Item Visible property. Looks like rollover variable declaration, debug window and Locals report the default value as "False" rather than the value I have configured. DOH!
Me.ClientSearchToolStripMenuItem.Visible
So CanGetObject returns the correct value. So the code in CodeSmith Generator is correct for AddAuthorizationRule and the issue I suggested is wrong.
Protected Overrides Sub AddAuthorizationRules() ''More information on these rules can be found here (http://www.devx.com/codemag/Article/40663/1763/page/2). 'Dim canWrite As String() = { "AdminUser", "RegularUser" } Dim canRead As String() = {"AdminUser", "RegularUser", "ReadOnlyUser"} 'Dim admin As String() = { "AdminUser" } 'AuthorizationRules.AllowCreate(GetType(Client), admin) 'AuthorizationRules.AllowDelete(GetType(Client), admin) 'AuthorizationRules.AllowEdit(GetType(Client), canWrite) AuthorizationRules.AllowGet(GetType(Client), canRead) ''Identification 'AuthorizationRules.AllowRead(_identificationProperty, canRead) ''Guid 'AuthorizationRules.AllowWrite(_guidProperty, canWrite) 'AuthorizationRules.AllowRead(_guidProperty, canRead)
End Sub
Drags tail between legs....Thanks for the prompt to prove myself wrong...again.
Copyright (c) Marimer LLC