Ticket S38477
Visible to All Users

Security.MemberLevel - Allow to configure access to members by criteria

created 13 years ago

See Also:
Member and Object Permission with new Security strategy
Proposed Solution:
Chris Pitt said in Q369671:
"…I think it makes sense to be able to apply both permissions to an object at the same time. Personally I would say that the object permission has the overriding permission in that you are limiting the access to the object from an object level, then if you have access to the object you can then limit the access to the members of the object and not the other way around."

Comments (1)
Dennis Garavsky (DevExpress) 12 years ago

    Hello,
    I just wanted to provide a quick update on this feature for XAF developers interested in this functionality. We decided to keep this item Active, until more demos and complete documentation is available on this feature. Currently (in 13.1), we will only have a small demo in the SecurityDemo app (see the attached screenshot). You can see the configuration for this scenario in the Updater.cs file:

    C#
    // Member By Criteria Operation Permissions securityDemoRole.EnsureTypePermissions<MemberByCriteriaSecurityObject>(SecurityOperations.Navigate); securityDemoRole.AddMemberAccessPermission<MemberByCriteriaSecurityObject>("Name", SecurityOperations.ReadWriteAccess, "[Name] <> 'No Read Access Object'"); securityDemoRole.AddMemberAccessPermission<MemberByCriteriaSecurityObject>("Property1;ReferenceProperty;Oid;oid", SecurityOperations.ReadWriteAccess, "[Name] = 'Fully Accessible Property Object'"); securityDemoRole.AddMemberAccessPermission<MemberByCriteriaSecurityObject>("Property1;ReferenceProperty;Oid;oid", SecurityOperations.Read, "[Name] = 'Read-Only Property Object'");

    We will officially announce this feature and mark this ticket as closed once we are done with the learning materials. Please stay tuned!

    Disclaimer: The information provided on DevExpress.com and affiliated web properties (including the DevExpress Support Center) is provided "as is" without warranty of any kind. Developer Express Inc disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. Please refer to the DevExpress.com Website Terms of Use for more information in this regard.

    Confidential Information: Developer Express Inc does not wish to receive, will not act to procure, nor will it solicit, confidential or proprietary materials and information from you through the DevExpress Support Center or its web properties. Any and all materials or information divulged during chats, email communications, online discussions, Support Center tickets, or made available to Developer Express Inc in any manner will be deemed NOT to be confidential by Developer Express Inc. Please refer to the DevExpress.com Website Terms of Use for more information in this regard.