Authorization Rules at Method levelAuthorization Rules at Method level
Old forum URL: forums.lhotka.net/forums/t/6678.aspx
Slayer posted on Thursday, March 26, 2009
Hi,
The authorization rules at property level is brilliant, so I can use the CanReadProperty() method in my GUI.
But what if I have a method called ImportCustomer() and only users with administrator roles can access this method. Does any of the new csla frameworks include support for this type of authorization ?
My current solution is : I have a CanImportCustomer() method which returns a boolean accordingly.
ThanksRockfordLhotka replied on Thursday, March 26, 2009
Yes, there's the CanExecuteMethod() method, that you can call at the top of the method you want to protect. And when you set up your authz rules, you use AllowExecute() and DenyExecute() to specify the roles that can/can't execute that method.Copyright (c) Marimer LLC