Security: Difference between revisions

From MXMS Wiki
Jump to navigationJump to search
← Older editNewer edit →
Line 29: Line 29:
public class ExampleClaim : Claim<CustomEntity>
public class ExampleClaim : Claim<CustomEntity>
{
{
protected override bool CanApply(CustomEntity entity)
    protected override bool CanApply(CustomEntity entity)
{
    {
return entity.BooleanCheck;
        return entity.BooleanCheck;
}
    }


protected override void Set(CodedAccessPolicyBuilder<CustomEntity> policy)
    protected override void Set(CodedAccessPolicyBuilder<CustomEntity> policy)
{
    {
policy.DenyMethod(i => i.MyMethod());
        policy.DenyMethod(i => i.MyMethod());
}
    }
}
}
</pre>
</pre>

Revision as of 05:46, 3 April 2026

Roles

A role defines which classes, properties and methods the user has access to. A user can be added in multiple roles and the cummultative permission set of classes, properties and methods will be the users final access profile. 

public class ExampleAccessProfile : CodedAccessProfile
{
    protected override void Configure()
    {

        Set<Class1>()
            .AllowAllCreate()
            .AllowAllUpdate();

        Set<Class2>()
            .AllowAllCreate()
            .AllowAllUpdate()
            .AllowDelete();

        Set<Class2>()
            .AllowAllCreate()
            .AllowAllUpdate()
            .AllowDelete();
    }
}

Claims

public class ExampleClaim : Claim<CustomEntity>
{
    protected override bool CanApply(CustomEntity entity)
    {
        return entity.BooleanCheck;
    }

    protected override void Set(CodedAccessPolicyBuilder<CustomEntity> policy)
    {
        policy.DenyMethod(i => i.MyMethod());
    }
}

Attributes

Another way to limit access is by using the Availability attribute. This attribute defines the maximum available permissions for a property. The options are None, Writeonly and Readonly. 

[Availability(Availability.ReadOnly)]
public virtual string Name
{
    get; set;
}
Retrieved from "http://wiki.mxms.ltd/index.php?title=Security&oldid=243"