private void CreateSecurityObjects() { var defaultRole = (SecuritySystemRole)ObjectSpace.GetDefaultRole(); if (ObjectSpace.IsNewObject(defaultRole)) { var adminRole = ObjectSpace.GetAdminRole("Admin"); var adminUser = (XpandUser)adminRole.GetUser("Admin", ConfigurationManager.AppSettings["AdminDefaultPass"]); adminUser.Email = "*****@*****.**"; var anonymousRole = ObjectSpace.GetAnonymousRole("Anonymous"); anonymousRole.GetAnonymousUser(); var userRole = (XpandRole)ObjectSpace.GetRole("User"); var typeInfos = XafTypesInfo.Instance.PersistentTypes.Where(info => typeof(DocsBaseObject).IsAssignableFrom(info.Type)); foreach (var typeInfo in typeInfos) { userRole.EnsureTypePermissions(typeInfo.Type, SecurityOperations.ReadOnlyAccess); userRole.Permissions.Add(IOActionPermission()); anonymousRole.Permissions.Add(IOActionPermission()); anonymousRole.EnsureTypePermissions(typeInfo.Type, SecurityOperations.ReadOnlyAccess); if (typeof(ModuleArtifact).IsAssignableFrom(typeInfo.Type)) { userRole.AddMemberAccessPermission(typeInfo.Type, "Text,Author,Url", SecurityOperations.Write, "Creator=CurrentUserId() or Text Is Null"); } } var user = (SecuritySystemUser)userRole.GetUser("user"); user.Roles.Add(defaultRole); } }
public override void UpdateDatabaseAfterUpdateSchema() { base.UpdateDatabaseAfterUpdateSchema(); var anonymousRole = ObjectSpace.GetAnonymousRole("Anonymous"); anonymousRole.GetAnonymousUser(); //add project specific permissions // anonymousRole.SetTypePermissions<Customer>(SecurityOperations.ReadOnlyAccess, SecuritySystemModifier.Allow); }