...
| Code Block |
|---|
|
/// <typeparam name="TDtoType">The interface type of the db entity the full access should be applied to</typeparam>
GenericNoAccessFilter<TDtoType> |
Example
| Code Block |
|---|
|
new GenericNoAccessFilter<ICoreIdentity>() |
...
This filter will give you no access to the entity for the chosen DB operation
| Code Block |
|---|
|
/// <typeparam name="TDtoType">The interface type of the db entity the no access should be applied to</typeparam>
new GenericNoAccessFilter<TDtoType>(); |
Example
| Code Block |
|---|
|
new GenericNoAccessFilter<ICoreIdentity>() |
...
For example, you want to build a security filter that allows you to read core identities of type Standard but only when the name starts with ‘Ma’, then you have to combine GenericPropertyChainFilter with a GenericPropertyChainStringFilter in a and relation. This you can do with a security filter collection.
| Code Block |
|---|
|
/// <param name="dtoType">The interface type of the db entity this security filter should be applied to</param>
/// <param name="collectionMode">If the filter should be combined with or or and </param>
/// <param name="filters">The security filter you want to combine</param>
static SecurityFilterCollection Create(Type dtoType, FilterCollectionMode collectionMode, ISecurityFilter[] filters) |
...
This filter can be used for up to four reference types, then all four security filters have to match in an and combination.
| Code Block |
|---|
|
/// <typeparam name="TDtoType">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TReferenceDtoType">The interface type of the db entity where the security should be taken from</typeparam>
/// <param name="referenceSecurityMode">What security mode should be check for TReferenceDtoType</param>
/// <param name="referenceProperty">How the system can resolve TReferenceDtoType from TDtoType</param>
GenericSubFiltersFilter<TDtoType, TReferenceDtoType>(SecurityMode referenceSecurityMode, Expression<Func<TDtoType, TReferenceDtoType>> referenceProperty)
GenericSubFiltersFilter<TDtoType, TReferenceDtoType1, TReferenceDtoType2>(SecurityMode referenceSecurityMode, Expression<Func<TDtoType, TReferenceDtoType1>> referenceProperty, SecurityMode referenceSecurityMode2, Expression<Func<TDtoType, TReferenceDtoType2>> referenceProperty2)
...
GenericSubFiltersFilter<TDtoType, TReferenceDtoType1, TReferenceDtoType2, TReferenceDtoType3, TReferenceDtoType4>(SecurityMode referenceSecurityMode1, Expression<Func<TDtoType, TReferenceDtoType1>> referenceProperty1, SecurityMode referenceSecurityMode2,Expression<Func<TDtoType, TReferenceDtoType2>> referenceProperty2, SecurityMode referenceSecurityMode3, Expression<Func<TDtoType, TReferenceDtoType3>> referenceProperty3, SecurityMode referenceSecurityMode4,Expression<Func<TDtoType, TReferenceDtoType3>> referenceProperty4) |
Example
| Code Block |
|---|
|
new GenericSubFiltersFilter<IOrganizationUnitAttributeValue, IOrganizationUnit>(SecurityMode.Update, a => a.OrganizationUnit) |
...
This filter will give access to the DB entity only when the filter for the referenced object matches a least one item in the collection of referenced objects.
| Code Block |
|---|
|
/// <typeparam name="TDtoType">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TReferenceCollectionDtoType1">The interface type of the db entity where the security should be taken from</typeparam>
/// <param name="referenceDtoTypeSecurityMode">What security mode should be check for TReferenceCollectionDtoType1</param>
/// <param name="referenceProperty">How the system can resolve TReferenceCollectionDtoType1 from TDtoType</param>
GenericCollectionSubFiltersFilter<TDtoType, TReferenceCollectionDtoType1>(SecurityMode referenceDtoTypeSecurityMode, Expression<Func<TDtoType, IEnumerable<TReferenceCollectionDtoType1>>> referenceProperty) |
Example
| Code Block |
|---|
|
new GenericCollectionSubFiltersFilter<IEventHandlerType, IEventHandler>(SecurityMode.Read, n => n.EventHandlers) |
...
GenericPropertyChainFilter
| Code Block |
|---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TFilterPropertyType">The type of the filters</typeparam>
/// <param name="propertyChain">The path from the entity to the property that should be compared with the filter values</param>
/// <param name="filterValues">The filter values that have to match with the property value</param>
GenericPropertyChainFilter<TDtoObject, TFilterPropertyType>(Expression<Func<TDtoObject, TFilterPropertyType>> propertyChain, params TFilterPropertyType[] filterValues) |
Example
| Code Block |
|---|
|
new GenericPropertyChainFilter<IActivityButton, bool>(m => m.AllowExecutionAsOwner, true) |
...
This filter allows us to check the security with a text filter with some search behaviors like contains or start with.
| Code Block |
|---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <param name="propertyChain">The path from the entity to the property that should be compared with the filter values</param>
/// <param name="stringFilterBehaviour">The behaviour how the filter will be applied to the property</param>
/// <param name="filterValue">The filter string value</param>
GenericPropertyChainStringFilter<TDtoObject> (Expression<Func<TDtoObject, string>> propertyChain, StringFilterBehaviour stringFilterBehaviour, string filterValue) |
Possible values for stringFilterBehaviour
| Code Block |
|---|
|
Equals,
StartsWith,
EndsWith,
Contains |
Example
| Code Block |
|---|
|
new GenericPropertyChainStringFilter<ICoreIdentity, bool>(m => m.ReadOnlyDisplayName, StringFilterBehaviour.Contains,"Test") |
...
This filter allows checking a reference collection if one of these objects matches the filter value.
| Code Block |
|---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TDtoCollectionObject">The interface type of the db entity of the related collection</typeparam>
/// <typeparam name="TFilterPropertyType">The type of the filters</typeparam>
/// <param name="propertyChain">The path from the entity to the property that should be compared with the filter values</param>
/// <param name="subPropertyChain">The path to the collection of type TDtoCollectionObject</param>
/// <param name="filterValues">The filter values that have to match with the property value</param>
GenericCollectionPropertyChainFilter<TDtoObject, TDtoCollectionObject, TFilterPropertyType> (Expression<Func<TDtoObject, IEnumerable<TDtoCollectionObject>>> propertyChain, Expression<Func<TDtoCollectionObject, TFilterPropertyType>> subPropertyChain, params TFilterPropertyType[] filterValues) |
...
This filter gives you permission for the entity type only when your core identity id matches the value of the property chain.
| Code Block |
|---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <param name="propertyChain">The path to the property that will be compared it to the current core identity id</param>
GenericMyCoreIdentityFilter<TDtoObject> (Expression<Func<TDtoObject, uint>> propertyChain)
GenericMyCoreIdentityStringValueFilter<TDtoObject> (Expression<Func<TDtoObject, string>> propertyChain) |
Example:
| Code Block |
|---|
|
new GenericMyCoreIdentityFilter<IRoleAssignmentApproval>(i => i.CoreIdentity.Id)) |
...
This filter gives you permission for the entity type only when your user id is present in a related collection.
| Code Block |
|---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TDtoCollectionObject">The interface type of the db entity of the related collection</typeparam>
/// <param name="propertyChain">The path from the TDtoObject to the collection of TDtoCollectionObject</param>
/// <param name="subPropertyChain">The path to the property that will be compared it to the current user id</param>
GenericMyUserCollectionFilter<TDtoObject, TDtoCollectionObject> (Expression<Func<TDtoObject, IEnumerable<TDtoCollectionObject>>> propertyChain, Expression<Func<TDtoCollectionObject, uint>> subPropertyChain) |
Example:
| Code Block |
|---|
|
new GenericMyUserCollectionFilter<IRoleClaim, IUser>(r => r.Users, u => u.Id) |
...
For the definition of what context should be compared to what property value the class ContextPropertyFilterDefintion is used.
| Code Block |
|---|
|
/// <typeparam name="TDtoObject">The type of the entity you want to filter</typeparam>
/// <param name="propertyChain">The path to the property you want to compare with the context</param>
/// <param name="contextType">The context type you want to use as filter</param>
ContextPropertyFilterDefintion<TDtoObject> (Expression<Func<TDtoObject, uint>> propertyChain, CoreLoginAssignmentContextTypes contextType) |
Example:
| Code Block |
|---|
|
new ContextPropertyFilterDefintion<IEventHandler>(e => e.EventHandlerType.Id, CoreLoginAssignmentContextTypes.OrganizationUnit), |
...
Possible context types:
| Code Block |
|---|
|
OrganizationUnit,
User |
GenericContextPropertyChainFilter
This security filter gives you access to an entity when all property filters match the context this security filter was assigned with.
| Code Block |
|---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <param name="filter">The definition off what you want to filter</param>
GenericContextPropertyChainFilter<TDtoObject> (ContextPropertyFilter<TDtoObject> filter) |
Example:
| Code Block |
|---|
|
new GenericContextPropertyChainFilter<IEventHandler>(new ContextPropertyFilter<IEventHandler>(new[]
{
new ContextPropertyFilterDefintion<IEventHandler>(e => e.EventHandlerType.Id, CoreLoginAssignmentContextTypes.OrganizationUnit),
new ContextPropertyFilterDefintion<IEventHandler>(e => e.Id, CoreLoginAssignmentContextTypes.User)
})); |
...
This security filter works similarly to the GenericContextPropertyChainFilter, with the difference that not the entity itself has to match the property filter, but the filter will be applied with an any to a related collection of entities.
| Code Block |
|---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TDtoCollectionObject">The interface type of the db entity of the related collection</typeparam>
/// <param name="propertyChain">The path from the TDtoObject to the collection of TDtoCollectionObject</param>
/// <param name="filter">The definition off what you want to filter</param>
GenericContextCollectionPropertyChainFilter<TDtoObject, TDtoCollectionObject> (Expression<Func<TDtoObject, IEnumerable<TDtoCollectionObject>>> propertyChain, ContextPropertyFilter<TDtoCollectionObject> filter) |
Example
| Code Block |
|---|
|
new GenericContextCollectionPropertyChainFilter<IEventHandler, IEventSubscription>(e => e.EventSubscriptions, new ContextPropertyFilter<IEventSubscription>(new[]
{
new ContextPropertyFilterDefintion<IEventSubscription>(e => e.EventHandler.Id, CoreLoginAssignmentContextTypes.OrganizationUnit),
new ContextPropertyFilterDefintion<IEventSubscription>(e => e.Id, CoreLoginAssignmentContextTypes.User)
})); |
...