public override void UpdateDatabaseAfterUpdateSchema() { base.UpdateDatabaseAfterUpdateSchema(); var defaultRole = (PermissionPolicyRole)ObjectSpace.GetDefaultRole(); var adminRole = ObjectSpace.GetAdminRole("Admin"); adminRole.GetUser("Admin"); var userRole = (PermissionPolicyRole)ObjectSpace.GetRole("User"); var user = (PermissionPolicyUser)userRole.GetUser("User"); user.Roles.Add(defaultRole); user = (PermissionPolicyUser)userRole.GetUser("user2"); user.Roles.Add(defaultRole); userRole.AddTypePermission <RoleModelObject>(SecurityOperations.FullAccess, SecurityPermissionState.Allow); userRole.AddTypePermission <UserModelObject>(SecurityOperations.FullAccess, SecurityPermissionState.Allow); userRole.AddTypePermission <ApplicationModelObject>(SecurityOperations.FullAccess, SecurityPermissionState.Allow); var modelRole = (PermissionPolicyRole)ObjectSpace.GetDefaultModelRole("ModelRole"); user.Roles.Add(modelRole); ObjectSpace.CommitChanges(); }
public override void UpdateDatabaseAfterUpdateSchema() { base.UpdateDatabaseAfterUpdateSchema(); var defaultRole = (SecuritySystemRole)ObjectSpace.GetDefaultRole(); var adminRole = ObjectSpace.GetAdminRole("Admin"); adminRole.GetUser("Admin"); var userRole = ObjectSpace.GetRole("User"); var user = (SecuritySystemUser)userRole.GetUser("user"); user.Roles.Add(defaultRole); var modelRole = (SecuritySystemRole)ObjectSpace.GetDefaultModelRole("ModelRole"); user.Roles.Add(modelRole); ObjectSpace.CommitChanges(); }
public override void UpdateDatabaseAfterUpdateSchema() { base.UpdateDatabaseAfterUpdateSchema(); // Administrative role SecuritySystemRole adminRole = ObjectSpace.FindObject <SecuritySystemRole>( new BinaryOperator("Name", SecurityStrategy.AdministratorRoleName)); if (adminRole == null) { adminRole = ObjectSpace.CreateObject <SecuritySystemRole>(); adminRole.Name = SecurityStrategy.AdministratorRoleName; adminRole.IsAdministrative = true; } // Administrator user SecuritySystemUser adminUser = ObjectSpace.FindObject <SecuritySystemUser>( new BinaryOperator("UserName", "Administrator")); if (adminUser == null) { adminUser = ObjectSpace.CreateObject <SecuritySystemUser>(); adminUser.UserName = "******"; adminUser.SetPassword(""); adminUser.Roles.Add(adminRole); } var modelRole = (SecuritySystemRole)ObjectSpace.GetDefaultModelRole("ModelRole"); // A role whith type-level permissions SecuritySystemRole contactsManagerRole = ObjectSpace.FindObject <SecuritySystemRole>( new BinaryOperator("Name", "Contacts Manager")); if (contactsManagerRole == null) { contactsManagerRole = ObjectSpace.CreateObject <SecuritySystemRole>(); contactsManagerRole.Name = "Contacts Manager"; SecuritySystemTypePermissionObject contactTypePermission = ObjectSpace.CreateObject <SecuritySystemTypePermissionObject>(); contactTypePermission.TargetType = typeof(Contact); contactTypePermission.AllowCreate = true; contactTypePermission.AllowDelete = true; contactTypePermission.AllowNavigate = true; contactTypePermission.AllowRead = true; contactTypePermission.AllowWrite = true; contactsManagerRole.TypePermissions.Add(contactTypePermission); } SecuritySystemUser userSam = ObjectSpace.FindObject <SecuritySystemUser>( new BinaryOperator("UserName", "Sam")); if (userSam == null) { userSam = ObjectSpace.CreateObject <SecuritySystemUser>(); userSam.UserName = "******"; userSam.SetPassword(""); userSam.Roles.Add(contactsManagerRole); userSam.Roles.Add(modelRole); } // A role with object-level permissions SecuritySystemRole basicUserRole = ObjectSpace.FindObject <SecuritySystemRole>( new BinaryOperator("Name", "Basic User")); if (basicUserRole == null) { basicUserRole = ObjectSpace.CreateObject <SecuritySystemRole>(); basicUserRole.Name = "Basic User"; SecuritySystemTypePermissionObject userTypePermission = ObjectSpace.CreateObject <SecuritySystemTypePermissionObject>(); userTypePermission.TargetType = typeof(SecuritySystemUser); SecuritySystemObjectPermissionsObject currentUserObjectPermission = ObjectSpace.CreateObject <SecuritySystemObjectPermissionsObject>(); currentUserObjectPermission.Criteria = "[Oid] = CurrentUserId()"; currentUserObjectPermission.AllowNavigate = true; currentUserObjectPermission.AllowRead = true; userTypePermission.ObjectPermissions.Add(currentUserObjectPermission); basicUserRole.TypePermissions.Add(userTypePermission); } SecuritySystemUser userJohn = ObjectSpace.FindObject <SecuritySystemUser>( new BinaryOperator("UserName", "John")); if (userJohn == null) { userJohn = ObjectSpace.CreateObject <SecuritySystemUser>(); userJohn.UserName = "******"; userJohn.SetPassword(""); userJohn.Roles.Add(basicUserRole); userJohn.Roles.Add(modelRole); } // A role with member-level permissions SecuritySystemRole contactViewerRole = ObjectSpace.FindObject <SecuritySystemRole>( new BinaryOperator("Name", "Contact Viewer")); if (contactViewerRole == null) { contactViewerRole = ObjectSpace.CreateObject <SecuritySystemRole>(); contactViewerRole.Name = "Contact Viewer"; SecuritySystemTypePermissionObject contactLimitedTypePermission = ObjectSpace.CreateObject <SecuritySystemTypePermissionObject>(); contactLimitedTypePermission.TargetType = typeof(Contact); contactLimitedTypePermission.AllowNavigate = true; SecuritySystemMemberPermissionsObject contactMemberPermission = ObjectSpace.CreateObject <SecuritySystemMemberPermissionsObject>(); contactMemberPermission.Members = "Name"; contactMemberPermission.AllowRead = true; contactLimitedTypePermission.MemberPermissions.Add(contactMemberPermission); contactViewerRole.TypePermissions.Add(contactLimitedTypePermission); } SecuritySystemUser userBill = ObjectSpace.FindObject <SecuritySystemUser>( new BinaryOperator("UserName", "Bill")); if (userBill == null) { userBill = ObjectSpace.CreateObject <SecuritySystemUser>(); userBill.UserName = "******"; userBill.SetPassword(""); userBill.Roles.Add(contactViewerRole); userBill.Roles.Add(modelRole); } // Contact objects are created for demo purposes Contact contactMary = ObjectSpace.FindObject <Contact>( new BinaryOperator("Name", "Mary Tellitson")); if (contactMary == null) { contactMary = ObjectSpace.CreateObject <Contact>(); contactMary.Name = "Mary Tellitson"; contactMary.Email = "*****@*****.**"; } Contact contactJohn = ObjectSpace.FindObject <Contact>( new BinaryOperator("Name", "John Nilsen")); if (contactJohn == null) { contactJohn = ObjectSpace.CreateObject <Contact>(); contactJohn.Name = "John Nilsen"; contactJohn.Email = "*****@*****.**"; } }