Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Introduction

On this page all the generic security filters are listed, In general, they can be applied to all possible DB entities of the CoreOne Suite.

Filter

GenericFullAccessFilter

This filter will give you unrestricted access to the entity for the chosen DB operation.

/// <typeparam name="TDtoType">The interface type of the db entity the full access should be applied to</typeparam>
GenericNoAccessFilter<TDtoType>

Example

new GenericNoAccessFilter<ICoreIdentity>()

GenericNoAccessFilter

This filter will give you no access to the entity for the chosen DB operation

/// <typeparam name="TDtoType">The interface type of the db entity the no access should be applied to</typeparam>
new GenericNoAccessFilter<TDtoType>();

Example

new GenericNoAccessFilter<ICoreIdentity>()

Sub Filters

The sub-filters will give you access to an entity based on the configured security of a related entity.

For example, because I have read rights to the core identity, I’m allowed to read its attribute values.

GenericSubFiltersFilter

This filter will give access to the DB entity only when the filter for the referenced object matches the chosen security mode as well.

This filter can be used for up to four reference types, then all four security filters have to match in an and combination.

/// <typeparam name="TDtoType">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TReferenceDtoType">The interface type of the db entity where the security should be taken from</typeparam>
/// <param name="referenceSecurityMode">What security mode should be check for TReferenceDtoType</param>
/// <param name="referenceProperty">How the system can resolve TReferenceDtoType from TDtoType</param>
GenericSubFiltersFilter<TDtoType, TReferenceDtoType>(SecurityMode referenceSecurityMode, Expression<Func<TDtoType, TReferenceDtoType>> referenceProperty)
GenericSubFiltersFilter<TDtoType, TReferenceDtoType1, TReferenceDtoType2>(SecurityMode referenceSecurityMode, Expression<Func<TDtoType, TReferenceDtoType1>> referenceProperty, SecurityMode referenceSecurityMode2, Expression<Func<TDtoType, TReferenceDtoType2>> referenceProperty2)
...
GenericSubFiltersFilter<TDtoType, TReferenceDtoType1, TReferenceDtoType2, TReferenceDtoType3, TReferenceDtoType4>(SecurityMode referenceSecurityMode1, Expression<Func<TDtoType, TReferenceDtoType1>> referenceProperty1, SecurityMode referenceSecurityMode2,Expression<Func<TDtoType, TReferenceDtoType2>> referenceProperty2, SecurityMode referenceSecurityMode3, Expression<Func<TDtoType, TReferenceDtoType3>> referenceProperty3, SecurityMode referenceSecurityMode4,Expression<Func<TDtoType, TReferenceDtoType3>> referenceProperty4)

Example

new GenericSubFiltersFilter<IOrganizationUnitAttributeValue, IOrganizationUnit>(SecurityMode.Update, a => a.OrganizationUnit)

GenericCollectionSubFiltersFilter

This filter will give access to the DB entity only when the filter for the referenced object matches a least one item in the collection of referenced objects.

/// <typeparam name="TDtoType">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TReferenceCollectionDtoType1">The interface type of the db entity where the security should be taken from</typeparam>
/// <param name="referenceDtoTypeSecurityMode">What security mode should be check for TReferenceCollectionDtoType1</param>
/// <param name="referenceProperty">How the system can resolve TReferenceCollectionDtoType1 from TDtoType</param>
GenericCollectionSubFiltersFilter<TDtoType, TReferenceCollectionDtoType1>(SecurityMode referenceDtoTypeSecurityMode, Expression<Func<TDtoType, IEnumerable<TReferenceCollectionDtoType1>>> referenceProperty)

Example

new GenericCollectionSubFiltersFilter<IEventHandlerType, IEventHandler>(SecurityMode.Read, n => n.EventHandlers)

Property Chain Filter

The property chain filters give access to the DB entity when the resolved value of the property of the chain matches the one of the filter values.

GenericPropertyChainFilter

/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TFilterPropertyType">The type of the filters</typeparam>
/// <param name="propertyChain">The path from the entity to the property that should be compared with the filter values</param>
/// <param name="filterValues">The filter values that have to match with the property value</param>
GenericPropertyChainFilter<TDtoObject, TFilterPropertyType>(Expression<Func<TDtoObject, TFilterPropertyType>> propertyChain, params TFilterPropertyType[] filterValues)

Example

new GenericPropertyChainFilter<IActivityButton, bool>(m => m.AllowExecutionAsOwner, true)

GenericPropertyChainStringFilter

This filter allows us to check the security with a text filter with some search behaviors like contains or start with.

/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <param name="propertyChain">The path from the entity to the property that should be compared with the filter values</param>
/// <param name="stringFilterBehaviour">The behaviour how the filter will be applied to the property</param>
/// <param name="filterValue">The filter string value</param>
GenericPropertyChainStringFilter<TDtoObject> (Expression<Func<TDtoObject, string>> propertyChain, StringFilterBehaviour stringFilterBehaviour, string filterValue)

Possible values for stringFilterBehaviour

Equals,
StartsWith,
EndsWith,
Contains

Example

new GenericPropertyChainStringFilter<ICoreIdentity, bool>(m => m.ReadOnlyDisplayName, StringFilterBehaviour.Contains,"Test")

GenericCollectionPropertyChainFilter

This filter allows checking a reference collection if one of these objects matches the filter value.

/// <typeparam name="TDtoObject">The interface type of the db entity this security filter should be applied to</typeparam>
/// <typeparam name="TDtoCollectionObject">The interface type of the db entity of the related collection</typeparam>
/// <typeparam name="TFilterPropertyType">The type of the filters</typeparam>
/// <param name="propertyChain">The path from the entity to the property that should be compared with the filter values</param>
/// <param name="subPropertyChain">The path to the collection of type TDtoCollectionObject</param>
/// <param name="filterValues">The filter values that have to match with the property value</param>
GenericCollectionPropertyChainFilter<TDtoObject, TDtoCollectionObject, TFilterPropertyType> (Expression<Func<TDtoObject, IEnumerable<TDtoCollectionObject>>> propertyChain, Expression<Func<TDtoCollectionObject, TFilterPropertyType>> subPropertyChain, params TFilterPropertyType[] filterValues)

My core identity filters

GenericMyCoreIdentityFilter / GenericMyCoreIdentityStringValueFilter

This filter gives you permission for the entity type only when your core identity id matches the value of the property chain

new GenericMyCoreIdentityFilter<IRoleAssignmentApproval>(i => i.CoreIdentity.Id))

GenericMyCoreIdentityCollectionFilter

This filter gives you permission for the entity type only when your core identity id is present in a related collection

new GenericMyCoreIdentityCollectionFilter<ICoreIdentityTypeAttributeMapping, ICoreIdentity>(ct => ct.CoreIdentityType.CoreIdentities, c => c.Id)

My user filters

GenericMyUserCollectionFilter

This filter gives you permission for the entity type only when your user id is present in a related collection

new GenericMyUserCollectionFilter<IRoleClaim, IUser>(r => r.Users, u => u.Id)

GenericMyUserValueFilter/ GenericMyUserStringValueFilter

This filter gives you permission for the entity type only when your user id matches the value of the property chain

new GenericMyUserValueFilter<IUser>(u => u.Id)

Context filter

GenericContextPropertyChainFilter

This security filter gives you access to an entity when all property filters match the context this security filter was assigned with.

new GenericContextPropertyChainFilter<IEventHandler>(new ContextPropertyFilter<IEventHandler>(new[]
{
    new ContextPropertyFilterDefintion<IEventHandler>(e => e.EventHandlerType.Id, CoreLoginAssignmentContextTypes.OrganizationUnit),
    new ContextPropertyFilterDefintion<IEventHandler>(e => e.Id, CoreLoginAssignmentContextTypes.User)
}));

GenericContextCollectionPropertyChainFilter

This security filter works similarly to the GenericContextPropertyChainFilter, with the difference that not the entity itself has to match the property filter, but the filter will be applied with an any to a related collection of entities.

new GenericContextCollectionPropertyChainFilter<IEventHandler, IEventSubscription>(e => e.EventSubscriptions, new ContextPropertyFilter<IEventSubscription>(new[]
{
    new ContextPropertyFilterDefintion<IEventSubscription>(e => e.EventHandler.Id, CoreLoginAssignmentContextTypes.OrganizationUnit),
    new ContextPropertyFilterDefintion<IEventSubscription>(e => e.Id, CoreLoginAssignmentContextTypes.User)
}));

  • No labels

© ITSENSE AG. Alle Rechte vorbehalten. ITSENSE und CoreOne sind eingetragene Marken der ITSENSE AG.