protected void EmployeeGrid_CellEditorInitialize(object sender, ASPxGridViewEditorEventArgs e) { Employee employee = objectSpace.GetObjectByKey <Employee>(e.KeyValue); string memberName = GetMemberName(e.Column); if (!security.CanRead(employee, memberName)) { e.Editor.Value = "*******"; e.Editor.Enabled = false; } else if (!security.CanWrite(employee, memberName)) { e.Editor.Enabled = false; } }
private void GridView_CustomRowCellEdit(object sender, CustomRowCellEditEventArgs e) { string fieldName = e.Column.FieldName; object targetObject = employeeGridView.GetRow(e.RowHandle); if (!security.CanRead(targetObject, fieldName)) { e.RepositoryItem = protectedContentTextEdit; } }
static void Main() { // ## Step 1. Initialization. Create a Secured Data Store and Set Authentication Options PasswordCryptographer.EnableRfc2898 = true; PasswordCryptographer.SupportLegacySha512 = false; AuthenticationStandard authentication = new AuthenticationStandard(); SecurityStrategyComplex security = new SecurityStrategyComplex( typeof(PermissionPolicyUser), typeof(PermissionPolicyRole), authentication ); SecuredEFCoreObjectSpaceProvider objectSpaceProvider = new SecuredEFCoreObjectSpaceProvider( security, typeof(ApplicationDbContext), XafTypesInfo.Instance, ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString, (builder, connectionString) => builder.UseSqlServer(connectionString) ); // ## Step 2. Authentication. Log in as a 'User' with an Empty Password authentication.SetLogonParameters(new AuthenticationStandardLogonParameters(userName: "******", password: string.Empty)); IObjectSpace loginObjectSpace = objectSpaceProvider.CreateNonsecuredObjectSpace(); try { security.Logon(loginObjectSpace); } catch (SqlException sqlEx) { if (sqlEx.Number == 4060) { throw new Exception(sqlEx.Message + Environment.NewLine + ApplicationDbContext.DatabaseConnectionFailedMessage, sqlEx); } } // ## Step 3. Authorization. Access and Manipulate Data/UI Based on User/Role Rights Console.WriteLine($"{"Full Name",-40}{"Department",-40}"); using (IObjectSpace securedObjectSpace = objectSpaceProvider.CreateObjectSpace()) { // User cannot read protected entities like PermissionPolicyRole. Debug.Assert(securedObjectSpace.GetObjects <PermissionPolicyRole>().Count == 0); foreach (Employee employee in securedObjectSpace.GetObjects <Employee>()) // User can read Employee data. // User can read Department data by criteria. { bool canRead = security.CanRead(securedObjectSpace, employee, memberName: nameof(Employee.Department)); Debug.Assert(!canRead == (employee.Department == null)); // Mask protected property values when User has no 'Read' permission. var department = canRead ? employee.Department.Title : "Protected Content"; Console.WriteLine($"{employee.FullName,-40}{department,-40}"); } } security.Logoff(); Console.WriteLine("Press any key to exit..."); Console.ReadKey(); }
static void Main() { RegisterEntities(); AuthenticationStandard authentication = new AuthenticationStandard(); SecurityStrategyComplex security = new SecurityStrategyComplex(typeof(PermissionPolicyUser), typeof(PermissionPolicyRole), authentication); security.RegisterXPOAdapterProviders(); string connectionString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString; SecuredObjectSpaceProvider objectSpaceProvider = new SecuredObjectSpaceProvider(security, connectionString, null); PasswordCryptographer.EnableRfc2898 = true; PasswordCryptographer.SupportLegacySha512 = false; string userName = "******"; string password = string.Empty; authentication.SetLogonParameters(new AuthenticationStandardLogonParameters(userName, password)); IObjectSpace loginObjectSpace = objectSpaceProvider.CreateObjectSpace(); security.Logon(loginObjectSpace); using (StreamWriter file = new StreamWriter("result.txt", false)) { StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append($"{userName} is logged on.\n"); stringBuilder.Append("List of the 'Employee' objects:\n"); using (IObjectSpace securedObjectSpace = objectSpaceProvider.CreateObjectSpace()) { foreach (Employee employee in securedObjectSpace.GetObjects <Employee>()) { stringBuilder.Append("=========================================\n"); stringBuilder.Append($"Full name: {employee.FullName}\n"); if (security.CanRead(employee, nameof(Department))) { stringBuilder.Append($"Department: {employee.Department.Title}\n"); } else { stringBuilder.Append("Department: [Protected content]\n"); } } } file.Write(stringBuilder); } Console.WriteLine(string.Format(@"The result.txt file has been created in the {0} directory.", Environment.CurrentDirectory)); Console.WriteLine("Press any key to close a the console..."); Console.ReadLine(); }
private void AddControl(LayoutControlItem layout, object targetObject, string memberName, string caption) { layout.Text = caption; Type type = targetObject.GetType(); BaseEdit control; if (security.CanRead(targetObject, memberName)) { control = GetControl(type, memberName); if (control != null) { control.DataBindings.Add(new Binding(nameof(BaseEdit.EditValue), targetObject, memberName, true, DataSourceUpdateMode.OnPropertyChanged)); control.Enabled = security.CanWrite(targetObject, memberName); } } else { control = new ProtectedContentEdit(); } dataLayoutControl1.Controls.Add(control); layout.Control = control; }