hello again :)
In my previous question (please see the link above) I've described some authorization-related declarative approach we've decided to follow for now. In short, the attributes are declared on a particular interface, they are processed in a special place and converted into appropriate authorization rules to be registered with "BusinessRules" class.
I would like to make the approach even more handy:
The problem I've encountered, is that AuthorizationRuleManager is internal. Which means that I can't check if a rule is already declared for the particular interface. Also another method which is very similar to BusinessRules.EnsureUniqueRule() would be highly anticipated (the only difference would be the return value of type bool and not throwing an exception).
Assuming that I've succeeded to put my thoughts in the right wording - here is another place to ask for a better practice to implement the approach described above. The only alternative I can see from my narrow point of view is to turn the class into public. Since changing the 3rd party source is not the best thing to do, it would be great to hear your thoughts: do you think it worth to make the class public or there a better implementation is still possible with the current API?
At some point I plan to implement authorization attributes that work in a manner similar to the DataAnnotations validation attributes. If you want your model to fit into some future version of CSLA that is the basic approach you should consider.
I am hopeful that Microsoft will actually define the base for such an attribute. While it took them years, they eventually did this for validation. In other words, I'm in a position where I can either act now and rip it all out if/when Microsoft does something, or do what I did with validation and wait patiently for them to provide a supported model.
I suspect however, that the success of DataAnnotations will likely spur them to try the idea in the area of authorization sooner than later, so I think the risk of me implementing something and having to rip it out (and break everyone) is fairly high.
thanks a lot again! also, glad to hear that I am thinking in the right direction.
So I'll change the source (a bit) for now till the well-formed solution will arrive from the CSLA incubator :)
Copyright (c) Marimer LLC