ReadOnlyBase implementation of IAuthorizeReadWrite

ReadOnlyBase implementation of IAuthorizeReadWrite

Old forum URL:

DanB posted on Thursday, July 15, 2010

I know the easy answer is that this question doesn't make sense...

but how does ReadOnlyBase<> implement IAuthorizeReadWrite without having any CanWriteProperty method?  Doesn't the compiler choke on the missing method?

Now, to my problem, if you must know:

I'm displaying a read-only object.  I have a button on the page to allow the user to toggle a property on the object being viewed.  In order to accomplish that, I load the editable object for making the change.

However, I want to hide the button if the user can't change that property, and I don't want to have to instantiate the editable object just to make this check. 

Yes, I understand it doesn't make sense to check if a property can be changed in a read-only object, but now I'm just confused / curious how this code is working. 

RockfordLhotka replied on Thursday, July 15, 2010

ReadOnlyBase has an implementation of all the interface methods. The interface implementation delegates to the "real" implementation for the methods that exist (CanReadProperty()), but just returns false for those that have no "real" implementation.

As long as your UI code uses IAuthorizeReadWrite, it should get the correct answer from any BB or ROB object.

DanB replied on Friday, July 16, 2010

Ah, I see the problem.

The CanWriteProperty implementation in ROB is explicit, so it wasn't showing up in intellisense. 

Interestingly, it also doesn't show up when you F12 / Go To Definition just using the object explorer (CSLA project is not included in solution, only referenced).  That's what really had me scratching my head.

Bu it's not virtual, and will always return false, so I think I'm at a dead end.

To be clear, I think all that is the "right" thing given it is a read-only object.  But for what I'd want to do I'd have to add my own member to my class.  Upon further consideration yesterday I concluded that  having essentially that same code in my UI isn't really any more of a business rule leak than adding it to the ROB, since the  ROB couldn't really be considered authoritative regarding the rule anyway.  I could even make the argument that's a cleaner separation between a true rule and just some UI helper.

Copyright (c) Marimer LLC