GenericFullAccessFilter
This filter will give you unrestricted access to the entity for the chosen DB operation.
/// <typeparam name="TDtoType">The interface type of the db entity the full access should be applied to</typeparam> GenericNoAccessFilter<TDtoType>
Example
new GenericNoAccessFilter<ICoreIdentity>()
GenericNoAccessFilter
This filter will give you no access to the entity for the chosen DB operation
/// <typeparam name="TDtoType">The interface type of the db entity the no access should be applied to</typeparam> new GenericNoAccessFilter<TDtoType>();
Example
new GenericNoAccessFilter<ICoreIdentity>()
Sub Filters
The sub-filters will give you access to an entity based on the configured security of a related entity.
For example, because I have read rights to the core identity, I’m allowed to read its attribute values.
GenericSubFiltersFilter
/// <typeparam name="TDtoType">The interface type of the db entity this security filter should be applied to</typeparam> /// <typeparam name="TReferenceDtoType">The interface type of the db entity </typeparam> /// <param name="referenceSecurityMode">What security mode should be check for TReferenceDtoType</param> /// <param name="referenceProperty">How the system can resolve TReferenceDtoType from TDtoType</param> GenericSubFiltersFilter<TDtoType, TReferenceDtoType>(SecurityMode referenceSecurityMode, Expression<Func<TDtoType, TReferenceDtoType>> referenceProperty) GenericSubFiltersFilter<TDtoType, TReferenceDtoType1, TReferenceDtoType2>(SecurityMode referenceSecurityMode, Expression<Func<TDtoType, TReferenceDtoType1>> referenceProperty, SecurityMode referenceSecurityMode2, Expression<Func<TDtoType, TReferenceDtoType2>> referenceProperty2) ... GenericSubFiltersFilter<TDtoType, TReferenceDtoType1, TReferenceDtoType2, TReferenceDtoType3, TReferenceDtoType4>(SecurityMode referenceSecurityMode1, Expression<Func<TDtoType, TReferenceDtoType1>> referenceProperty1, SecurityMode referenceSecurityMode2,Expression<Func<TDtoType, TReferenceDtoType2>> referenceProperty2, SecurityMode referenceSecurityMode3, Expression<Func<TDtoType, TReferenceDtoType3>> referenceProperty3, SecurityMode referenceSecurityMode4,Expression<Func<TDtoType, TReferenceDtoType3>> referenceProperty4)
Example
new GenericSubFiltersFilter<IOrganizationUnitAttributeValue, IOrganizationUnit>(SecurityMode.Update, a => a.OrganizationUnit)
GenericMyCoreIdentityCollectionFilter
This filter gives you permission for the entity type only when your core identity id is present in a related collection
new GenericMyCoreIdentityCollectionFilter<ICoreIdentityTypeAttributeMapping, ICoreIdentity>(ct => ct.CoreIdentityType.CoreIdentities, c => c.Id)
The first generic is the type you want to give access to.
The second generic is the type of item in the related collection.
The first parameter is the property chain to the collection
The second parameter is the property chain to the property that has to match your core identity id
{
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericMyCoreIdentityCollectionFilter`2[[iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Servicedmcore.ICoreIdentityTypeAttributeMapping, iTsense.Moving.Backend.Services.DmcoreService],[iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Servicedmcore.ICoreIdentity, iTsense.Moving.Backend.Services.DmcoreService]], iTsense.Moving.Backend.DataHandling",
"NotContains": false,
"PropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"CoreIdentityType",
"CoreIdentities"
]
},
"SubPropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"Id"
]
}
}
GenericMyCoreIdentityFilter / GenericMyCoreIdentityStringValueFilter
This filter gives you permission for the entity type only when your core identity id matches the value of the property chain
new GenericMyCoreIdentityFilter<IRoleAssignmentApproval>(i => i.CoreIdentity.Id))
The first generic is the type you want to give access to.
The first parameter is the property chain to the property that has to match your core identity id
{
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericMyCoreIdentityFilter`1[[iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Servicedmcore.IResourceAssignmentApproval, iTsense.Moving.Backend.Services.DmcoreService]], iTsense.Moving.Backend.DataHandling",
"NotContains": false,
"PropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"CoreIdentity",
"Id"
]
}
}
GenericMyUserCollectionFilter
This filter gives you permission for the entity type only when your user id is present in a related collection
new GenericMyUserCollectionFilter<IRoleClaim, IUser>(r => r.Users, u => u.Id)
The first generic is the type you want to give access to.
The second generic is the type of item in the related collection.
The first parameter is the property chain to the collection
The second parameter is the property chain to the property that has to match your user id
{
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericMyUserCollectionFilter`2[[iTsense.Moving.Backend.Services.CoreLogin.DataInterfaces.Servicecorelogin.IRoleClaim, iTsense.Moving.Backend.Services.CoreLogin],[iTsense.Moving.Backend.Services.CoreLogin.DataInterfaces.Servicecorelogin.IUser, iTsense.Moving.Backend.Services.CoreLogin]], iTsense.Moving.Backend.DataHandling",
"NotContains": false,
"PropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"Users"
]
},
"SubPropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"Id"
]
}
}
GenericMyUserValueFilter/ GenericMyUserStringValueFilter
This filter gives you permission for the entity type only when your user id matches the value of the property chain
new GenericMyUserValueFilter<IUser>(u => u.Id)
The first generic is the type you want to give access to.
The first parameter is the property chain to the property that has to match your user id
{
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericMyUserValueFilter`1[[iTsense.Moving.Backend.Services.CoreLogin.DataInterfaces.Servicecorelogin.IUser, iTsense.Moving.Backend.Services.CoreLogin]], iTsense.Moving.Backend.DataHandling",
"NotContains": false,
"PropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"Id"
]
}
}
GenericPropertyChainFilter
This filter will give you access to the entity type only when the value of the property chain matches the type and the value of one of the filter values
new GenericPropertyChainFilter<IActivityButton, bool>(m => m.AllowExecutionAsOwner, true)
The first generic is the type you want to give access to.
The second generic is the type of the filter values
The first parameter is the property chain to the property that has to match with your filter values
The second parameter is the filter values
{
"$type": "iTsense.Moving.Backend.DataHandling.Security.Role.SecurityRight, iTsense.Moving.Backend.DataHandling",
"Filter": {
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericPropertyChainFilter`2[[iTsense.Moving.Backend.Services.DmcoreService.DataInterfaces.Serviceskynet.IActivityButton, iTsense.Moving.Backend.Services.DmcoreService],[System.Boolean, mscorlib]], iTsense.Moving.Backend.DataHandling",
"FilterValues": {
"$type": "System.Boolean[], mscorlib",
"$values": [
true
]
},
"NotContains": false,
"PropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"AllowExecutionAsOwner"
]
}
}
CoreIdentityAttributeValueFilter
This filter will give you access to a core identity only when the core identity has an attribute value that matches the filter
new CoreIdentityAttributeValueFilter<uint>(c => c.Attribute.Id, 1, StringFilterBehaviour.EndsWith, "li", "string")
The first generic is the type of the attribute id
The first parameter the chain to the attribute id
The second parameter the requested attribute id
The third parameter the requested search behavior
Equals - value 0
StartsWith - 1
EndsWith - 2
Contains - 3
The fourth parameter the search value
The fifth parameter is the type of the serialized attribute value
{
"$type": "iTsense.Moving.Backend.Services.DmcoreService.CoreIdentity.Security.Filter.CoreIdentityAttributeValueFilter`1[[System.UInt32, mscorlib]], iTsense.Moving.Backend.Services.DmcoreService",
"AttributeValueType": "string",
"AttributeValueFilterValue": "li",
"AttributeValueFilterBehaviour": 2,
"FilterValue": 1,
"NotContains": false,
"PropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"CoreIdentityAttributeValues"
]
},
"SubPropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"Attribute",
"Id"
]
}
}
GenericContextPropertyChainFilter
This security filter gives you access to an entity when all property filters match the context this security filter was assigned with.
new GenericContextPropertyChainFilter<IEventHandler>(new ContextPropertyFilter<IEventHandler>(new[]
{
new ContextPropertyFilterDefintion<IEventHandler>(e => e.EventHandlerType.Id, CoreLoginAssignmentContextTypes.OrganizationUnit),
new ContextPropertyFilterDefintion<IEventHandler>(e => e.Id, CoreLoginAssignmentContextTypes.User)
}));
The first generic is the type you want to give access.
The first parameter is an array of filters of type ContextPropertyFilterDefintion in this filter you define what property of the entity has to match to what context type.
{
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericContextPropertyChainFilter`1[[iTsense.Moving.Backend.Common.Dbs.AppCustomer.DataInterfaces.Subscription.IEventHandler, iTsense.Moving.Backend.Common.Dbs.AppCustomer]], iTsense.Moving.Backend.DataHandling",
"Filter": {
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.FilterBases.ContextPropertyFilter`1[[iTsense.Moving.Backend.Common.Dbs.AppCustomer.DataInterfaces.Subscription.IEventHandler, iTsense.Moving.Backend.Common.Dbs.AppCustomer]], iTsense.Moving.Backend.DataHandling",
"Filters": {
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.FilterBases.ContextPropertyFilterDefintion`1[[iTsense.Moving.Backend.Common.Dbs.AppCustomer.DataInterfaces.Subscription.IEventHandler, iTsense.Moving.Backend.Common.Dbs.AppCustomer]][], iTsense.Moving.Backend.DataHandling",
"$values": [
{
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.FilterBases.ContextPropertyFilterDefintion`1[[iTsense.Moving.Backend.Common.Dbs.AppCustomer.DataInterfaces.Subscription.IEventHandler, iTsense.Moving.Backend.Common.Dbs.AppCustomer]], iTsense.Moving.Backend.DataHandling",
"PropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"EventHandlerType",
"Id"
]
},
"ContextType": 1
},
{
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.FilterBases.ContextPropertyFilterDefintion`1[[iTsense.Moving.Backend.Common.Dbs.AppCustomer.DataInterfaces.Subscription.IEventHandler, iTsense.Moving.Backend.Common.Dbs.AppCustomer]], iTsense.Moving.Backend.DataHandling",
"PropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"Id"
]
},
"ContextType": 2
}
]
}
}
}
GenericContextCollectionPropertyChainFilter
This security filter works similarly to the GenericContextPropertyChainFilter, with the difference that not the entity itself has to match the property filter, but the filter will be applied with an any to a related collection of entities.
new GenericContextCollectionPropertyChainFilter<IEventHandler, IEventSubscription>(e => e.EventSubscriptions, new ContextPropertyFilter<IEventSubscription>(new[]
{
new ContextPropertyFilterDefintion<IEventSubscription>(e => e.EventHandler.Id, CoreLoginAssignmentContextTypes.OrganizationUnit),
new ContextPropertyFilterDefintion<IEventSubscription>(e => e.Id, CoreLoginAssignmentContextTypes.User)
}));
The first generic is the type you want to give access.
The second generic is the type of the item in the related collection.
The first parameter is an array of filters of type ContextPropertyFilterDefintion in this filter you define what property of the entity has to match to what context type.
{
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.GenericContextCollectionPropertyChainFilter`2[[iTsense.Moving.Backend.Common.Dbs.AppCustomer.DataInterfaces.Subscription.IEventHandler, iTsense.Moving.Backend.Common.Dbs.AppCustomer],[iTsense.Moving.Backend.Common.Dbs.AppCustomer.DataInterfaces.Subscription.IEventSubscription, iTsense.Moving.Backend.Common.Dbs.AppCustomer]], iTsense.Moving.Backend.DataHandling",
"PropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"EventSubscriptions"
]
},
"Filter": {
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.FilterBases.ContextPropertyFilter`1[[iTsense.Moving.Backend.Common.Dbs.AppCustomer.DataInterfaces.Subscription.IEventSubscription, iTsense.Moving.Backend.Common.Dbs.AppCustomer]], iTsense.Moving.Backend.DataHandling",
"Filters": {
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.FilterBases.ContextPropertyFilterDefintion`1[[iTsense.Moving.Backend.Common.Dbs.AppCustomer.DataInterfaces.Subscription.IEventSubscription, iTsense.Moving.Backend.Common.Dbs.AppCustomer]][], iTsense.Moving.Backend.DataHandling",
"$values": [
{
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.FilterBases.ContextPropertyFilterDefintion`1[[iTsense.Moving.Backend.Common.Dbs.AppCustomer.DataInterfaces.Subscription.IEventSubscription, iTsense.Moving.Backend.Common.Dbs.AppCustomer]], iTsense.Moving.Backend.DataHandling",
"PropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"EventHandler",
"Id"
]
},
"ContextType": 1
},
{
"$type": "iTsense.Moving.Backend.DataHandling.Security.Filter.FilterBases.ContextPropertyFilterDefintion`1[[iTsense.Moving.Backend.Common.Dbs.AppCustomer.DataInterfaces.Subscription.IEventSubscription, iTsense.Moving.Backend.Common.Dbs.AppCustomer]], iTsense.Moving.Backend.DataHandling",
"PropertyChain": {
"$type": "System.String[], mscorlib",
"$values": [
"Id"
]
},
"ContextType": 2
}
]
}
}
}