Instance Authorization and AddInstanceAuthorizationRules()Instance Authorization and AddInstanceAuthorizationRules()
Old forum URL: forums.lhotka.net/forums/t/3733.aspx
triplea posted on Wednesday, October 17, 2007
I have a number of objects where authorization is instance specific. So I have my static methods CannAddObject(), CanEditObject(), CanDeleteObject() methods as well as my AddAuthorizationRules() override but need to be more specific based on the stage at which my object (e.g. Order) is.
What I did was create CanEditInstance() which does first checks CanEditObject() and then does all other checks and also check with CanEditInstance() in my Save method. But is that the way to go? Or should I rather bundle it within AddInstanceAuthorizationRules()?
Any ideas and/or suggestions would be welcome.
ajj3085 replied on Wednesday, October 17, 2007
It sounds like it should be bundled with AddInstananceAuthorizationRules. You can then check CanReadProperty, CanWriteProperty and CanExecuteMethod (for example, to prevent calling Save) to limit access.
triplea replied on Wednesday, October 17, 2007
Thanks. Unfortunately I have not yet migrated to CSLA 3 so cannot really use CanExecuteMethod yet... But I see how that would work.
ajj3085 replied on Wednesday, October 17, 2007
Its easy enough to back port to an earlier version. I did this before Rocky integrated the concept himself.
Copyright (c) Marimer LLC
