Whether the below authroization rules allow save but not delete is applicable for CSLA.NET 3.8.3 WINDOWS FORMS ?
The new rules concept is part of CSLA 4, so it is not available in 3.8.
But if you move your Windows Forms application to .NET 4, then you can use CSLA 4, and yes, the new rules concept will work with Windows Forms.
I would like to confirm whether we can achieve this in CSLA 3.8 Framework version by the method.".IsInRole()" checks inside the appropriate shared methods (GetObject(), Save(), and Delete()).
CSLA 3.8 has the same authorization model as described in Expert 2008 Business Objects. This includes per-type authorization rules that are registered on the Csla.Security.AuthorizationRules type. Those rules are automatically enforced by the data portal, much in the way the CSLA 4 rules are enforced. Usually you don't need to implement the authorization checks yourself, just associate the appropriate roles with each possible action (create/get/edit/delete).
The big difference between 3.8 and 4, is that 3.8 is only role based, while 4 allows you to create rules that do things other than just check roles.
Copyright (c) Marimer LLC