public BlogAuthorClassACL(BlogAuthor instance)
{
// allow the author himself to see his membership information
this.Add(new ACLAccount(instance.Account, DataOperation.Retreive));
// allow the blog owner to add/delete/view authors
this.Add(new ACLAccount(instance.Blog.Account, DataOperation.All));
// allow everyone to get information about this BlogAuthor
this.Add(new ACLEveryoneAllowRetrieve());
}
public void createBlogAuthor_Click(object sender, EventArgs e)
{
IdentityServiceMembershipUser user = (IdentityServiceMembershipUser)Membership.GetUser();
Blog blog = SessionManager.CurrentSession.Load<Blog>(Int32.Parse(Request["id"]));
BlogAuthor author = new BlogAuthor();
author.Account = SessionManager.CurrentSession.Load<Account>(Int32.Parse(listAccounts.SelectedValue));
author.Blog = blog;
SessionManager.CurrentSession.Save(author);
SessionManager.CurrentSession.Flush();
GetBlogAuthors();
}