...
Code Block |
---|
|
/// <typeparam name="TDtoType">The interface type of the db entity the full access should be applied to</typeparam>
GenericNoAccessFilter<TDtoType> |
Example
Code Block |
---|
|
new GenericNoAccessFilter<ICoreIdentity>() |
...
This filter will give you no access to the entity for the chosen DB operation
Code Block |
---|
|
/// <typeparam name="TDtoType">The interface type of the db entity the no access should be applied to</typeparam>
new GenericNoAccessFilter<TDtoType>(); |
Example
Code Block |
---|
|
new GenericNoAccessFilter<ICoreIdentity>() |
...
For example, you want to build a security filter that allows you to read core identities of type Standard but only when the name starts with ‘Ma’, then you have to combine GenericPropertyChainFilter with a GenericPropertyChainStringFilter in a and relation. This you can do with a security filter collection.
Code Block |
---|
|
/// <param name="dtoType">The interface type of the db entity this security filter should be applied to</param>
/// <param name="collectionMode">If the filter should be combined with or or and </param>
/// <param name="filters">The security filter you want to combine</param>
static SecurityFilterCollection Create(Type dtoType, FilterCollectionMode collectionMode, ISecurityFilter[] filters) |
...
This filter can be used for up to four reference types, then all four security filters have to match in an and combination.
Code Block |
---|
|
/// <typeparam name="TDtoType">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TReferenceDtoType">The interface type of the db entity where the security should be taken from</typeparam>
/// <param name="referenceSecurityMode">What security mode should be check for TReferenceDtoType</param>
/// <param name="referenceProperty">How the system can resolve TReferenceDtoType from TDtoType</param>
GenericSubFiltersFilter<TDtoType, TReferenceDtoType>(SecurityMode referenceSecurityMode, Expression<Func<TDtoType, TReferenceDtoType>> referenceProperty)
GenericSubFiltersFilter<TDtoType, TReferenceDtoType1, TReferenceDtoType2>(SecurityMode referenceSecurityMode, Expression<Func<TDtoType, TReferenceDtoType1>> referenceProperty, SecurityMode referenceSecurityMode2, Expression<Func<TDtoType, TReferenceDtoType2>> referenceProperty2)
...
GenericSubFiltersFilter<TDtoType, TReferenceDtoType1, TReferenceDtoType2, TReferenceDtoType3, TReferenceDtoType4>(SecurityMode referenceSecurityMode1, Expression<Func<TDtoType, TReferenceDtoType1>> referenceProperty1, SecurityMode referenceSecurityMode2,Expression<Func<TDtoType, TReferenceDtoType2>> referenceProperty2, SecurityMode referenceSecurityMode3, Expression<Func<TDtoType, TReferenceDtoType3>> referenceProperty3, SecurityMode referenceSecurityMode4,Expression<Func<TDtoType, TReferenceDtoType3>> referenceProperty4) |
Example
Code Block |
---|
|
new GenericSubFiltersFilter<IOrganizationUnitAttributeValue, IOrganizationUnit>(SecurityMode.Update, a => a.OrganizationUnit) |
...
This filter will give access to the DB entity only when the filter for the referenced object matches a least one item in the collection of referenced objects.
Code Block |
---|
|
/// <typeparam name="TDtoType">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TReferenceCollectionDtoType1">The interface type of the db entity where the security should be taken from</typeparam>
/// <param name="referenceDtoTypeSecurityMode">What security mode should be check for TReferenceCollectionDtoType1</param>
/// <param name="referenceProperty">How the system can resolve TReferenceCollectionDtoType1 from TDtoType</param>
GenericCollectionSubFiltersFilter<TDtoType, TReferenceCollectionDtoType1>(SecurityMode referenceDtoTypeSecurityMode, Expression<Func<TDtoType, IEnumerable<TReferenceCollectionDtoType1>>> referenceProperty) |
Example
Code Block |
---|
|
new GenericCollectionSubFiltersFilter<IEventHandlerType, IEventHandler>(SecurityMode.Read, n => n.EventHandlers) |
...
GenericPropertyChainFilter
Code Block |
---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TFilterPropertyType">The type of the filters</typeparam>
/// <param name="propertyChain">The path from the entity to the property that should be compared with the filter values</param>
/// <param name="filterValues">The filter values that have to match with the property value</param>
GenericPropertyChainFilter<TDtoObject, TFilterPropertyType>(Expression<Func<TDtoObject, TFilterPropertyType>> propertyChain, params TFilterPropertyType[] filterValues) |
Example
Code Block |
---|
|
new GenericPropertyChainFilter<IActivityButton, bool>(m => m.AllowExecutionAsOwner, true) |
...
This filter allows us to check the security with a text filter with some search behaviors like contains or start with.
Code Block |
---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <param name="propertyChain">The path from the entity to the property that should be compared with the filter values</param>
/// <param name="stringFilterBehaviour">The behaviour how the filter will be applied to the property</param>
/// <param name="filterValue">The filter string value</param>
GenericPropertyChainStringFilter<TDtoObject> (Expression<Func<TDtoObject, string>> propertyChain, StringFilterBehaviour stringFilterBehaviour, string filterValue) |
Possible values for stringFilterBehaviour
Code Block |
---|
|
Equals,
StartsWith,
EndsWith,
Contains |
Example
Code Block |
---|
|
new GenericPropertyChainStringFilter<ICoreIdentity, bool>(m => m.ReadOnlyDisplayName, StringFilterBehaviour.Contains,"Test") |
...
This filter allows checking a reference collection if one of these objects matches the filter value.
Code Block |
---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TDtoCollectionObject">The interface type of the db entity of the related collection</typeparam>
/// <typeparam name="TFilterPropertyType">The type of the filters</typeparam>
/// <param name="propertyChain">The path from the entity to the property that should be compared with the filter values</param>
/// <param name="subPropertyChain">The path to the collection of type TDtoCollectionObject</param>
/// <param name="filterValues">The filter values that have to match with the property value</param>
GenericCollectionPropertyChainFilter<TDtoObject, TDtoCollectionObject, TFilterPropertyType> (Expression<Func<TDtoObject, IEnumerable<TDtoCollectionObject>>> propertyChain, Expression<Func<TDtoCollectionObject, TFilterPropertyType>> subPropertyChain, params TFilterPropertyType[] filterValues) |
...
This filter gives you permission for the entity type only when your core identity id matches the value of the property chain.
Code Block |
---|
/ |
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <param name="propertyChain">The path to the property that will be compared it to the current core identity id</param>
GenericMyCoreIdentityFilter<TDtoObject> (Expression<Func<TDtoObject, uint>> propertyChain)
GenericMyCoreIdentityStringValueFilter<TDtoObject> (Expression<Func<TDtoObject, string>> propertyChain) |
Example:
Code Block |
---|
|
new GenericMyCoreIdentityFilter<IRoleAssignmentApproval>(i => i.CoreIdentity.Id)) |
...
This filter gives you permission for the entity type only when your user id is present in a related collection.
Code Block |
---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TDtoCollectionObject">The interface type of the db entity of the related collection</typeparam>
/// <param name="propertyChain">The path from the TDtoObject to the collection of TDtoCollectionObject</param>
/// <param name="subPropertyChain">The path to the property that will be compared it to the current user id</param>
GenericMyUserCollectionFilter<TDtoObject, TDtoCollectionObject> (Expression<Func<TDtoObject, IEnumerable<TDtoCollectionObject>>> propertyChain, Expression<Func<TDtoCollectionObject, uint>> subPropertyChain) |
Example:
Code Block |
---|
|
new GenericMyUserCollectionFilter<IRoleClaim, IUser>(r => r.Users, u => u.Id) |
...
For the definition of what context should be compared to what property value the class ContextPropertyFilterDefintion
is used.
Code Block |
---|
|
/// <typeparam name="TDtoObject">The type of the entity you want to filter</typeparam>
/// <param name="propertyChain">The path to the property you want to compare with the context</param>
/// <param name="contextType">The context type you want to use as filter</param>
ContextPropertyFilterDefintion<TDtoObject> (Expression<Func<TDtoObject, uint>> propertyChain, CoreLoginAssignmentContextTypes contextType) |
Example:
Code Block |
---|
|
new ContextPropertyFilterDefintion<IEventHandler>(e => e.EventHandlerType.Id, CoreLoginAssignmentContextTypes.OrganizationUnit), |
...
Possible context types:
Code Block |
---|
|
OrganizationUnit,
User |
GenericContextPropertyChainFilter
This security filter gives you access to an entity when all property filters match the context this security filter was assigned with.
Code Block |
---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <param name="filter">The definition off what you want to filter</param>
GenericContextPropertyChainFilter<TDtoObject> (ContextPropertyFilter<TDtoObject> filter) |
Example:
Code Block |
---|
|
new GenericContextPropertyChainFilter<IEventHandler>(new ContextPropertyFilter<IEventHandler>(new[]
{
new ContextPropertyFilterDefintion<IEventHandler>(e => e.EventHandlerType.Id, CoreLoginAssignmentContextTypes.OrganizationUnit),
new ContextPropertyFilterDefintion<IEventHandler>(e => e.Id, CoreLoginAssignmentContextTypes.User)
})); |
...
This security filter works similarly to the GenericContextPropertyChainFilter
, with the difference that not the entity itself has to match the property filter, but the filter will be applied with an any to a related collection of entities.
Code Block |
---|
|
/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TDtoCollectionObject">The interface type of the db entity of the related collection</typeparam>
/// <param name="propertyChain">The path from the TDtoObject to the collection of TDtoCollectionObject</param>
/// <param name="filter">The definition off what you want to filter</param>
GenericContextCollectionPropertyChainFilter<TDtoObject, TDtoCollectionObject> (Expression<Func<TDtoObject, IEnumerable<TDtoCollectionObject>>> propertyChain, ContextPropertyFilter<TDtoCollectionObject> filter) |
Example
Code Block |
---|
|
new GenericContextCollectionPropertyChainFilter<IEventHandler, IEventSubscription>(e => e.EventSubscriptions, new ContextPropertyFilter<IEventSubscription>(new[]
{
new ContextPropertyFilterDefintion<IEventSubscription>(e => e.EventHandler.Id, CoreLoginAssignmentContextTypes.OrganizationUnit),
new ContextPropertyFilterDefintion<IEventSubscription>(e => e.Id, CoreLoginAssignmentContextTypes.User)
})); |
Assignment
GenericMyValidAssignmentFilter (Version >= 8)
This filter will give you access to the entity only if you have a valid assignment.
Code Block |
---|
|
/// <typeparam name="TDtoType">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TDtoCollectionObject">The type of assignment you want to use</typeparam>
/// <param name="propertyChain">The path from TDtoType to the collection of TDtoCollectionObject</param>
/// <param name="subPropertyChain">The path to the property you want to check against the current core identity id</param>
GenericMyValidAssignmentFilter<TDtoType, TDtoCollectionObject> (Expression<Func<TDtoType, IEnumerable<TDtoCollectionObject>>> propertyChain, Expression<Func<TDtoCollectionObject, uint>> subPropertyChain) |
Example:
Code Block |
---|
|
new GenericMyValidAssignmentFilter<ICatalogToRoleAssignment, IRoleAssignment>(n => n.Role.RoleAssignments, n => n.CoreIdentity.Id) |