protected void EmployeeGrid_CellEditorInitialize(object sender, ASPxGridViewEditorEventArgs e)
{
Employee employee = objectSpace.GetObjectByKey <Employee>(e.KeyValue);
string memberName = GetMemberName(e.Column);
if (!security.CanRead(employee, memberName))
{
e.Editor.Value = "*******";
e.Editor.Enabled = false;
}
else if (!security.CanWrite(employee, memberName))
{
e.Editor.Enabled = false;
}
}
private void GridView_CustomRowCellEdit(object sender, CustomRowCellEditEventArgs e)
{
string fieldName = e.Column.FieldName;
object targetObject = employeeGridView.GetRow(e.RowHandle);
if (!security.CanRead(targetObject, fieldName))
{
e.RepositoryItem = protectedContentTextEdit;
}
}
static void Main()
{
// ## Step 1. Initialization. Create a Secured Data Store and Set Authentication Options
PasswordCryptographer.EnableRfc2898 = true;
PasswordCryptographer.SupportLegacySha512 = false;
AuthenticationStandard authentication = new AuthenticationStandard();
SecurityStrategyComplex security = new SecurityStrategyComplex(
typeof(PermissionPolicyUser), typeof(PermissionPolicyRole),
authentication
);
SecuredEFCoreObjectSpaceProvider objectSpaceProvider = new SecuredEFCoreObjectSpaceProvider(
security, typeof(ApplicationDbContext),
XafTypesInfo.Instance, ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString,
(builder, connectionString) => builder.UseSqlServer(connectionString)
);
// ## Step 2. Authentication. Log in as a 'User' with an Empty Password
authentication.SetLogonParameters(new AuthenticationStandardLogonParameters(userName: "******", password: string.Empty));
IObjectSpace loginObjectSpace = objectSpaceProvider.CreateNonsecuredObjectSpace();
try {
security.Logon(loginObjectSpace);
}
catch (SqlException sqlEx) {
if (sqlEx.Number == 4060)
{
throw new Exception(sqlEx.Message + Environment.NewLine + ApplicationDbContext.DatabaseConnectionFailedMessage, sqlEx);
}
}
// ## Step 3. Authorization. Access and Manipulate Data/UI Based on User/Role Rights
Console.WriteLine($"{"Full Name",-40}{"Department",-40}");
using (IObjectSpace securedObjectSpace = objectSpaceProvider.CreateObjectSpace()) {
// User cannot read protected entities like PermissionPolicyRole.
Debug.Assert(securedObjectSpace.GetObjects <PermissionPolicyRole>().Count == 0);
foreach (Employee employee in securedObjectSpace.GetObjects <Employee>()) // User can read Employee data.
// User can read Department data by criteria.
{
bool canRead = security.CanRead(securedObjectSpace, employee, memberName: nameof(Employee.Department));
Debug.Assert(!canRead == (employee.Department == null));
// Mask protected property values when User has no 'Read' permission.
var department = canRead ? employee.Department.Title : "Protected Content";
Console.WriteLine($"{employee.FullName,-40}{department,-40}");
}
}
security.Logoff();
Console.WriteLine("Press any key to exit...");
Console.ReadKey();
}
static void Main()
{
RegisterEntities();
AuthenticationStandard authentication = new AuthenticationStandard();
SecurityStrategyComplex security = new SecurityStrategyComplex(typeof(PermissionPolicyUser), typeof(PermissionPolicyRole), authentication);
security.RegisterXPOAdapterProviders();
string connectionString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SecuredObjectSpaceProvider objectSpaceProvider = new SecuredObjectSpaceProvider(security, connectionString, null);
PasswordCryptographer.EnableRfc2898 = true;
PasswordCryptographer.SupportLegacySha512 = false;
string userName = "******";
string password = string.Empty;
authentication.SetLogonParameters(new AuthenticationStandardLogonParameters(userName, password));
IObjectSpace loginObjectSpace = objectSpaceProvider.CreateObjectSpace();
security.Logon(loginObjectSpace);
using (StreamWriter file = new StreamWriter("result.txt", false)) {
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.Append($"{userName} is logged on.\n");
stringBuilder.Append("List of the 'Employee' objects:\n");
using (IObjectSpace securedObjectSpace = objectSpaceProvider.CreateObjectSpace()) {
foreach (Employee employee in securedObjectSpace.GetObjects <Employee>())
{
stringBuilder.Append("=========================================\n");
stringBuilder.Append($"Full name: {employee.FullName}\n");
if (security.CanRead(employee, nameof(Department)))
{
stringBuilder.Append($"Department: {employee.Department.Title}\n");
}
else
{
stringBuilder.Append("Department: [Protected content]\n");
}
}
}
file.Write(stringBuilder);
}
Console.WriteLine(string.Format(@"The result.txt file has been created in the {0} directory.", Environment.CurrentDirectory));
Console.WriteLine("Press any key to close a the console...");
Console.ReadLine();
}
private void AddControl(LayoutControlItem layout, object targetObject, string memberName, string caption)
{
layout.Text = caption;
Type type = targetObject.GetType();
BaseEdit control;
if (security.CanRead(targetObject, memberName))
{
control = GetControl(type, memberName);
if (control != null)
{
control.DataBindings.Add(new Binding(nameof(BaseEdit.EditValue), targetObject, memberName, true, DataSourceUpdateMode.OnPropertyChanged));
control.Enabled = security.CanWrite(targetObject, memberName);
}
}
else
{
control = new ProtectedContentEdit();
}
dataLayoutControl1.Controls.Add(control);
layout.Control = control;
}
