Versions Compared

Version Old Version 2 New Version 3
Changes made by

Marc Probst

Marc Probst

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This filter will give you full unrestricted access to the configured entity for the chosen DB operation.

Code Block
new GenericFullAccessFilter<IRoleType>();

The first generic is the type you want to give access.

Code Block
{
  "$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericFullAccessFilter`1[[iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Servicedmcore.IRoleType, iTsense.Moving.Backend.Services.DmcoreService]], iTsense.Moving.Backend.DataHandling",
  "ElementType": "iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Servicedmcore.IRoleType, iTsense.Moving.Backend.Services.DmcoreService"
}

GenericMyCoreIdentityCollectionFilter

This filter gives you permission for the entity type only when your core identity id is present in a related collection

Code Block
new GenericMyCoreIdentityCollectionFilter<ICoreIdentityTypeAttributeMapping, ICoreIdentity>(ct => ct.CoreIdentityType.CoreIdentities, c => c.Id)

The first generic is the type you want to give access to.

The second generic is the type of item in the related collection.

The first parameter is the property chain to the collection

The second parameter is the property chain to the property that has to match your core identity id

Code Block
{
  "$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericMyCoreIdentityCollectionFilter`2[[iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Servicedmcore.ICoreIdentityTypeAttributeMapping, iTsense.Moving.Backend.Services.DmcoreService],[iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Servicedmcore.ICoreIdentity, iTsense.Moving.Backend.Services.DmcoreService]], iTsense.Moving.Backend.DataHandling",
  "NotContains": false,
  "PropertyChain": {
    "$type": "System.String[], mscorlib",
    "$values": [
      "CoreIdentityType",
      "CoreIdentities"
    ]
  },
  "SubPropertyChain": {
    "$type": "System.String[], mscorlib",
    "$values": [
      "Id"
    ]
  }
}

GenericMyCoreIdentityFilter / GenericMyCoreIdentityStringValueFilter

...

languagec#
/// <typeparam name="TDtoType">The interface type of the db entity the full access should be applied to</typeparam>
GenericNoAccessFilter<TDtoType>

Example

Code Block
new GenericNoAccessFilter<ICoreIdentity>()

GenericNoAccessFilter

This filter will give you no access to the entity for the chosen DB operation

Code Block
/// <typeparam name="TDtoType">The interface type of the db entity the no access should be applied to</typeparam>
new GenericNoAccessFilter<TDtoType>();

Example

Code Block
new GenericNoAccessFilter<ICoreIdentity>()

Sub Filters

The sub-filters will give you access to an entity based on the configured security of a related entity.

For example, because I have read rights to the core identity, I’m allowed to read its attribute values.

GenericSubFiltersFilter

Code Block
/// <typeparam name="TDtoType">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TReferenceDtoType">The interface type of the db entity </typeparam>
/// <param name="referenceSecurityMode">What security mode should be check for TReferenceDtoType</param>
/// <param name="referenceProperty">How the system can resolve TReferenceDtoType from TDtoType</param>
GenericSubFiltersFilter<TDtoType, TReferenceDtoType>(SecurityMode referenceSecurityMode, Expression<Func<TDtoType, TReferenceDtoType>> referenceProperty)
GenericSubFiltersFilter<TDtoType, TReferenceDtoType1, TReferenceDtoType2>(SecurityMode referenceSecurityMode, Expression<Func<TDtoType, TReferenceDtoType1>> referenceProperty, SecurityMode referenceSecurityMode2, Expression<Func<TDtoType, TReferenceDtoType2>> referenceProperty2)
...
GenericSubFiltersFilter<TDtoType, TReferenceDtoType1, TReferenceDtoType2, TReferenceDtoType3, TReferenceDtoType4>(SecurityMode referenceSecurityMode1, Expression<Func<TDtoType, TReferenceDtoType1>> referenceProperty1, SecurityMode referenceSecurityMode2,Expression<Func<TDtoType, TReferenceDtoType2>> referenceProperty2, SecurityMode referenceSecurityMode3, Expression<Func<TDtoType, TReferenceDtoType3>> referenceProperty3, SecurityMode referenceSecurityMode4,Expression<Func<TDtoType, TReferenceDtoType3>> referenceProperty4)

Example

Code Block
new GenericSubFiltersFilter<IOrganizationUnitAttributeValue, IOrganizationUnit>(SecurityMode.Update, a => a.OrganizationUnit)

GenericMyCoreIdentityCollectionFilter

This filter gives you permission for the entity type only when your core identity id matches the value of the property chainis present in a related collection

Code Block
new GenericMyCoreIdentityCollectionFilter<ICoreIdentityTypeAttributeMapping, GenericMyCoreIdentityFilter<IRoleAssignmentApproval>ICoreIdentity>(ict => i.CoreIdentityct.CoreIdentityType.CoreIdentities, c => c.Id))

The first generic is the type you want to give access to.

The second generic is the type of item in the related collection.

The first parameter is the property chain to the collection

The second parameter is the property chain to the property that has to match your core identity id

Code Block
{
  "$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericMyCoreIdentityFilter`1GenericMyCoreIdentityCollectionFilter`2[[iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Servicedmcore.IResourceAssignmentApprovalICoreIdentityTypeAttributeMapping, iTsense.Moving.Backend.Services.DmcoreService]], [iTsense.Moving.Backend.DataHandling",
  ".Services.DmcoreService.DataInterfaces.Servicedmcore.ICoreIdentity, iTsense.Moving.Backend.Services.DmcoreService]], iTsense.Moving.Backend.DataHandling",
  "NotContains": false,
  "PropertyChain": {
    "$type": "System.String[], mscorlib",
    "$values": [
      "CoreIdentityCoreIdentityType",
      "IdCoreIdentities"
    ]

 } }

GenericMyUserCollectionFilter

This filter gives you permission for the entity type only when your user id is present in a related collection

Code Block
new GenericMyUserCollectionFilter<IRoleClaim,
IUser>(r => r.Users, u => u.Id)

...

 "SubPropertyChain": {
    "$type": "System.String[], mscorlib",
    "$values": [
      "Id"
    ]
  }
}

GenericMyCoreIdentityFilter / GenericMyCoreIdentityStringValueFilter

This filter gives you permission for the entity type only when your core identity id matches the value of the property chain

Code Block
new GenericMyCoreIdentityFilter<IRoleAssignmentApproval>(i => i.CoreIdentity.Id))

The first generic is the type you want to give access to.The second generic is the type of item in the related collection.

The first parameter is the property chain to the collectionThe second parameter is the property chain to the property that has to match your user property that has to match your core identity id

Code Block
{
  "$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericMyUserCollectionFilter`2GenericMyCoreIdentityFilter`1[[iTsense.Moving.Backend.Services.CoreLoginDmcoreService.DataInterfaces.ServicecoreloginServicedmcore.IRoleClaimIResourceAssignmentApproval, iTsense.Moving.Backend.Services.CoreLogin],[iTsense.Moving.Backend.Services.CoreLogin.DataInterfaces.Servicecorelogin.IUser, iTsense.Moving.Backend.Services.CoreLogin]DmcoreService]], iTsense.Moving.Backend.DataHandling",
  "NotContains": false,
  "PropertyChain": {
    "$type": "System.String[], mscorlib",
    "$values": [
      "UsersCoreIdentity",
     ] "Id"
 },   "SubPropertyChain":]
{     "$type": "System.String[], mscorlib",
    "$values": [
      "Id"
    ]
  }
}

...

GenericMyUserCollectionFilter

This filter gives you permission for the entity type only when your user id matches the value of the property chainis present in a related collection

Code Block
new GenericMyUserValueFilter<IUser>(GenericMyUserCollectionFilter<IRoleClaim, IUser>(r => r.Users, u => u.Id)

The first generic is the type you want to give access to.

The second generic is the type of item in the related collection.

The first parameter is the property chain to the collection

The second parameter is the property chain to the property that has to match your user id

Code Block
{
  "$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericMyUserValueFilter`1GenericMyUserCollectionFilter`2[[iTsense.Moving.Backend.Services.CoreLogin.DataInterfaces.Servicecorelogin.IUserIRoleClaim, iTsense.Moving.Backend.Services.CoreLogin]], [iTsense.Moving.Backend.DataHandling",
  .Services.CoreLogin.DataInterfaces.Servicecorelogin.IUser, iTsense.Moving.Backend.Services.CoreLogin]], iTsense.Moving.Backend.DataHandling",
  "NotContains": false,
  "PropertyChain": {
    "$type": "System.String[], mscorlib",
    "$values": [
      "IdUsers"
    ]
  }
}

GenericNoAccessFilter

This filter will give you no access to the configured DB operation

Code Block
new GenericNoAccessFilter<IRoleType>();

The first generic is the type you want to give access.

Code Block
{
,
  "SubPropertyChain": {
    "$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericNoAccessFilter`1[[iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Servicedmcore.IRoleType, iTsense.Moving.Backend.Services.DmcoreService]], iTsense.Moving.Backend.DataHandling",
  "ElementType": "iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Servicedmcore.IRoleType, iTsense.Moving.Backend.Services.DmcoreService"
}

GenericPropertyChainFilter

This filter will give you access to the entity type only when the value of the property chain matches the type and the value of one of the filter values

Code Block
new GenericPropertyChainFilter<IActivityButton, bool>(m => m.AllowExecutionAsOwner, trueSystem.String[], mscorlib",
    "$values": [
      "Id"
    ]
  }
}

GenericMyUserValueFilter/ GenericMyUserStringValueFilter

This filter gives you permission for the entity type only when your user id matches the value of the property chain

Code Block
new GenericMyUserValueFilter<IUser>(u => u.Id)

The first generic is the type you want to give access to.

The second generic is the type of the filter valuesThe first parameter is the property chain to the property that has to match with your filter valuesThe second parameter is the filter valuesyour user id

Code Block
{
  "$type": "iTsense.Moving.Backend.DataHandling.Security.Role.SecurityRight, Filter.GenericMyUserValueFilter`1[[iTsense.Moving.Backend.DataHandling",
  "Filter": {
    "$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericPropertyChainFilter`2[[iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Serviceskynet.IActivityButton.Services.CoreLogin.DataInterfaces.Servicecorelogin.IUser, iTsense.Moving.Backend.Services.DmcoreService],[System.Boolean, mscorlibCoreLogin]], iTsense.Moving.Backend.DataHandling",
 
  "FilterValuesNotContains": {false,
  "PropertyChain": {
    "$type": "System.BooleanString[], mscorlib",
 
    "$values": [
       "Id"
true       ]
  }
 },
    "NotContains": false,
    "PropertyChain": {
      "$type": "System.String[], mscorlib",
      "$values": [
        "AllowExecutionAsOwner"
      ]
    }
  }

GenericSubFiltersFilter

This filter will give you permission to an entity only when you already have the permission for a related entity

Code Block
new GenericSubFiltersFilter<ICoreIdentityAttributeValue, ICoreIdentity, IAttribute>(SecurityMode.Read, c => c.CoreIdentity, SecurityMode.Read, v => v.Attribute}

GenericPropertyChainFilter

This filter will give you access to the entity type only when the value of the property chain matches the type and the value of one of the filter values

Code Block
new GenericPropertyChainFilter<IActivityButton, bool>(m => m.AllowExecutionAsOwner, true)

The first generic is the type you want to give access to.

The second , and third,… generic is the type of the related entityThe first parameter the DB operation you want to checkfilter values

The second first parameter is the property chain to the related entityThese pair of parameters will be for each related entityproperty that has to match with your filter values

The second parameter is the filter values

Code Block
{
  "$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericSubFiltersFilter`3[[Role.SecurityRight, iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Servicedmcore.ICoreIdentityAttributeValue, DataHandling",
  "Filter": {
    "$type": "iTsense.Moving.Backend.Services.DmcoreService],DataHandling.Security.Filter.GenericPropertyChainFilter`2[[iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.ServicedmcoreServiceskynet.ICoreIdentityIActivityButton, iTsense.Moving.Backend.Services.DmcoreService],[System.Boolean, mscorlib]], iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Servicedmcore.IAttribute, iTsense.Moving.Backend.Services.DmcoreService]], iTsense.Moving.Backend.DataHandling",
  "ReferenceDtoType1PropertyName": "CoreIdentity",
  "ReferenceDtoType2PropertyName": "Attribute",
  "ReferenceDtoType1SecurityMode": 1,
  "ReferenceDtoType2SecurityMode": 1DataHandling",
    "FilterValues": {
      "$type": "System.Boolean[], mscorlib",
      "$values": [
        true
      ]
    },
    "NotContains": false,
    "PropertyChain": {
      "$type": "System.String[], mscorlib",
      "$values": [
        "AllowExecutionAsOwner"
      ]
    }
  }

CoreIdentityAttributeValueFilter

...