How to prevent user to edit child object?
I have class with f.ex "orders" property. This is "BusinessBindingListBase" which contains "Order" objects.
I thought I can add "authorization rule" (AuthorizationActions.EditObject) that implements some logic. But it never executes. I can edit this child object and even save it. It looks wierd. How to prevent child object editing?
I think you need per property auth rules, I believe the type level ones only apply to the root object, not the children.
I think you need per property auth rules,
And this is the only way?
The default behavior implemented in CSLA is to check AuthorizationAction.EditObject in DataPortal.Update method on an object that has IsNew = false and this method is only ever called for "root" objects.
If you want to block the user from making any changes to the object you should either:
It is the base.CanWriteProperty that checks for AuthorixzationAction.WriteProperty but you can override and add your own custom logic.
Thanks JonnyBee. I've found your post about this: http://forums.lhotka.net/forums/p/10611/49658.aspx
Copyright (c) Marimer LLC