Security: Difference between revisions
From MXMS Wiki
Jump to navigationJump to search
| Line 11: | Line 11: | ||
== Attributes == | == Attributes == | ||
To further limit access is by using the Availability attribute. This attribute defines the maximum available permissions for a property. The options are None, Writeonly and Readonly. | To further limit access if access modifiers are not feasible is by using the Availability attribute. This attribute defines the maximum available permissions for a property. The options are None, Writeonly and Readonly. | ||
<pre> | <pre> | ||
Revision as of 05:51, 3 April 2026
Access modifiers
The maximum allowed permissions for a property or method is based on the access modifiers of the property. Only public access modifiers can be accessed by users. This is based on the getter (read access) and the setter (write access).
public virtual string ExampleProperty
{
get;
protected set;
}
Attributes
To further limit access if access modifiers are not feasible is by using the Availability attribute. This attribute defines the maximum available permissions for a property. The options are None, Writeonly and Readonly.
[Availability(Availability.ReadOnly)]
public virtual string Name
{
get; set;
}
Roles
A role defines which classes, properties and methods the user has access to. A user can be added in multiple roles and the cummultative permission set of classes, properties and methods will be the users final access profile.
public class ExampleAccessProfile : CodedAccessProfile
{
protected override void Configure()
{
Set<Class1>()
.AllowAllCreate()
.AllowAllUpdate();
Set<Class2>()
.AllowAllCreate()
.AllowAllUpdate()
.AllowDelete();
Set<Class2>()
.AllowAllCreate()
.AllowAllUpdate()
.AllowDelete();
}
}
Claims
public class ExampleClaim : Claim<CustomEntity>
{
protected override bool CanApply(CustomEntity entity)
{
return entity.BooleanCheck;
}
protected override void Set(CodedAccessPolicyBuilder<CustomEntity> policy)
{
policy.DenyMethod(i => i.MyMethod());
}
}
