public static SecuritySystemRole AddObjectAccessPermissionFluent <T>(this SecuritySystemRole securityRole, SecurityOperationsFluentExtension securityOperation, string criteria)
{
if (String.IsNullOrEmpty(criteria))
{
throw new ArgumentNullException("SecurityOperations or criteria arguments is null or empty");
}
if (typeof(T).IsInterface)
{
foreach (var type in GetListTypesFromInterface(typeof(T), securityRole.GetType()))
{
securityRole.AddObjectAccessPermission(type, criteria, GetDescriptionAttribute(securityOperation));
}
return(securityRole);
}
securityRole.AddObjectAccessPermission <T>(criteria, GetDescriptionAttribute(securityOperation));
return(securityRole);
}
private SecuritySystemRole CreateDefaultRole()
{
SecuritySystemRole defaultRole = ObjectSpace.FindObject <SecuritySystemRole>(new BinaryOperator("Name", "Default"));
if (defaultRole == null)
{
defaultRole = ObjectSpace.CreateObject <SecuritySystemRole>();
defaultRole.Name = "Default";
defaultRole.AddObjectAccessPermission <SecuritySystemUser>("[Oid] = CurrentUserId()", SecurityOperations.ReadOnlyAccess);
defaultRole.AddMemberAccessPermission <SecuritySystemUser>("ChangePasswordOnFirstLogon", SecurityOperations.Write);
defaultRole.AddMemberAccessPermission <SecuritySystemUser>("StoredPassword", SecurityOperations.Write);
defaultRole.SetTypePermissionsRecursively <SecuritySystemRole>(SecurityOperations.Read, SecuritySystemModifier.Allow);
defaultRole.SetTypePermissionsRecursively <AuditDataItemPersistent>(SecurityOperations.CRUDAccess, SecuritySystemModifier.Allow);
}
return(defaultRole);
}
