private void CreateSecurityObjects()
{
var defaultRole = (SecuritySystemRole)ObjectSpace.GetDefaultRole();
if (ObjectSpace.IsNewObject(defaultRole))
{
var adminRole = ObjectSpace.GetAdminRole("Admin");
var adminUser = (XpandUser)adminRole.GetUser("Admin", ConfigurationManager.AppSettings["AdminDefaultPass"]);
adminUser.Email = "*****@*****.**";
var anonymousRole = ObjectSpace.GetAnonymousRole("Anonymous");
anonymousRole.GetAnonymousUser();
var userRole = (XpandRole)ObjectSpace.GetRole("User");
var typeInfos = XafTypesInfo.Instance.PersistentTypes.Where(info => typeof(DocsBaseObject).IsAssignableFrom(info.Type));
foreach (var typeInfo in typeInfos)
{
userRole.EnsureTypePermissions(typeInfo.Type, SecurityOperations.ReadOnlyAccess);
userRole.Permissions.Add(IOActionPermission());
anonymousRole.Permissions.Add(IOActionPermission());
anonymousRole.EnsureTypePermissions(typeInfo.Type, SecurityOperations.ReadOnlyAccess);
if (typeof(ModuleArtifact).IsAssignableFrom(typeInfo.Type))
{
userRole.AddMemberAccessPermission(typeInfo.Type, "Text,Author,Url", SecurityOperations.Write, "Creator=CurrentUserId() or Text Is Null");
}
}
var user = (SecuritySystemUser)userRole.GetUser("user");
user.Roles.Add(defaultRole);
}
}
public override void UpdateDatabaseAfterUpdateSchema()
{
base.UpdateDatabaseAfterUpdateSchema();
var anonymousRole = ObjectSpace.GetAnonymousRole("Anonymous");
anonymousRole.GetAnonymousUser();
//add project specific permissions
// anonymousRole.SetTypePermissions<Customer>(SecurityOperations.ReadOnlyAccess, SecuritySystemModifier.Allow);
}
