예제 #1
0
        private WXafRole CreateAdminRole()
        {
            WXafRole adminRole = ObjectSpace.FindObject <WXafRole>(new BinaryOperator("Name", "Administrators"));

            if (adminRole == null)
            {
                adminRole                  = ObjectSpace.CreateObject <WXafRole>();
                adminRole.Name             = "Administrators";
                adminRole.IsAdministrative = true;
            }
            return(adminRole);
        }
예제 #2
0
        private void CreateDefaultRole()
        {
            WXafRole defaultRole = ObjectSpace.FindObject <WXafRole>(new BinaryOperator("Name", "Default"));

            if (defaultRole == null)
            {
                defaultRole      = ObjectSpace.CreateObject <WXafRole>();
                defaultRole.Name = "Default";

                defaultRole.AddObjectPermission <WXafUser>(SecurityOperations.Read, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <WXafUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <WXafUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <WXafRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);
            }
        }