Newbie -- Validation / Authorization Question

raspa posted on Friday, February 23, 2007

I have the following business rule

A "visitor" role can create an event as long as the date is not in the past. An "agent" or "administrator" role can do any date.

A have an Event object which is created in a "Booking" page. The event date is passed as a query string parameter to the page so I would like to validate the rule before the user enters all the data and submits the form.

Not sure if the approach I used is correct:

I overloaded the Book CanAddObject and put a call to the Booking Page

In Booking page:

private void ApplyAuthorizationRules()
{
   if (!Book.CanAddObject(_eventDate) )
   {
      ... hide form and display message   
   }
}

public static bool CanAddObject(DateTime eventDate)
{
   if (eventDate < DateTime.Now)
      return (Csla.ApplicationContext.User.IsInRole("Agent") || Csla.ApplicationContext.User.IsInRole("Administrator"));
   else
{
   // otherwise do a regular validation
   return CanAddObject();
}

Is that the correct approach? I wanted to implement a validation rule without instantiating the object but I'm not sure how to do it.

Thank you for your time

Rafael

 

ajj3085 replied on Monday, February 26, 2007

Hi,

A cleaner way might be to create a static rule method which checks the date and role.  You could then have a broken rule which checks the value and role.

That of course assumes that EventDate is ediable after the object is created.

Andy