private WXafRole CreateAdminRole()
{
WXafRole adminRole = ObjectSpace.FindObject <WXafRole>(new BinaryOperator("Name", "Administrators"));
if (adminRole == null)
{
adminRole = ObjectSpace.CreateObject <WXafRole>();
adminRole.Name = "Administrators";
adminRole.IsAdministrative = true;
}
return(adminRole);
}
private void CreateDefaultRole()
{
WXafRole defaultRole = ObjectSpace.FindObject <WXafRole>(new BinaryOperator("Name", "Default"));
if (defaultRole == null)
{
defaultRole = ObjectSpace.CreateObject <WXafRole>();
defaultRole.Name = "Default";
defaultRole.AddObjectPermission <WXafUser>(SecurityOperations.Read, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <WXafUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <WXafUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <WXafRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);
}
}
