private static void ContactSecuritySetUp(SecurityRole roleForUser) { // "Address" member of contacts "Jack", "Barry" and "Mike" will be denied roleForUser.AddMemberPermission <EFCoreDemoDbContext, Contact>(SecurityOperation.Read, OperationState.Deny, "Address", (db, obj) => obj.Department != null && obj.Department.Office == "Texas"); // Contacts "Zack", "Marina", "Kate" will be denied roleForUser.AddObjectPermission <EFCoreDemoDbContext, Contact>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.Department != null && obj.Department.Title == "Sales"); // Contact "Ezra" will be denied roleForUser.AddObjectPermission <EFCoreDemoDbContext, Contact>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.ContactTasks.Any(p => p.Task.Description == "Draw")); }
private static void SecuritySetUp() { using (PermissionProviderContext context = new PermissionProviderContext()) { SecurityUser user = new SecurityUser() { Name = "John", Password = "******" }; SecurityUser admin = new SecurityUser() { Name = "Admin", Password = "******" }; SecurityRole roleForUser = new SecurityRole(); // "Address" member of contacts "Ezra" will be denied roleForUser.AddMemberPermission <EFCoreDemoDbContext, Contact>(SecurityOperation.Read, OperationState.Deny, "Address", (db, obj) => obj.Name == "Ezra"); // Contact "Kevin" will be denied roleForUser.AddObjectPermission <EFCoreDemoDbContext, Contact>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.Address == "California"); admin.AddRole(new SecurityRole()); user.AddRole(roleForUser); context.Add(user); context.Add(admin); context.SaveChanges(); } }
private static void TaskSecuritySetUp(SecurityRole roleForUser) { // "Note" member of task "TopManagement", "Write" and "Draw" will be denied roleForUser.AddMemberPermission <EFCoreDemoDbContext, DemoTask>(SecurityOperation.Read, OperationState.Deny, "Note", (db, obj) => obj.PercentCompleted < 50); // Task "Hardcode" will be denied roleForUser.AddObjectPermission <EFCoreDemoDbContext, DemoTask>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.ContactTasks.Any(p => p.Contact.Name == "John")); }
private static void DepartmentSecuritySetUp(SecurityRole roleForUser) { // Department "Sales" will be denied roleForUser.AddMemberPermission <EFCoreDemoDbContext, Department>(SecurityOperation.Read, OperationState.Deny, "Office", (db, obj) => obj.Title == "Sales"); roleForUser.AddObjectPermission <EFCoreDemoDbContext, Department>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.Contacts.Any(c => c.Name == "Barry")); }