Please see original post at StackOverflow.
I need some suggestions for how to implement a very basic mechanism that logs what multiple users are doing in an application to a database. When a feature is running I then need to change the application, to restrict functionality of other features.
Use Case Example
User can normaly edit unpaid records.If the application then runs a Payrun process (Long), I need to then change parts of the application to restrict functionality for a short period of time (eg. Make existing unpaid records readonly).
Any suggestions on how I can do this with the CSLA solutions?
The StackOverflow post recommends a central database repository that monitors a users application actions at the database level. Ok creating a CSLA BO to do the logging and checking is fairly easy. However I'm not sure how I then would integrate that information into business rules or authorization methods for the existing BO I want to implement this with. For some reason I can't think of the solution at the moment. TIA.
You can override CanReadProperty/CanWriteProperty/CanExecuteMethod in your business object (or your custom base class) and that's where, at a per-property level at least, you could leverage your additional authorization metadata to make things read-only or invisible.
On a per-type level there's no good answer in 3.8.
In CSLA 4 the authorization system is much more powerful, and you can just create custom authz rules for properties and types, and your custom authz rule can use your metadata instead of (or in addition to) roles.
Thanks for the advice. I must admit, from a VB perspective, the 4.0 business rules seem easier to follow than the 3.8 delegates approach. This new rules system looks ok to me. I'll have to start downloading the CSLA 4.0 nightly build and refactor all my existing business rules to see how I go.
I'll have to create some basic unit tests to review the logic needed to perform this style of business rule.
Copyright (c) Marimer LLC