Introduction

On this page all the generic security filters are listed, In general, they can be applied to all possible DB entities of the CoreOne Suite.

Filter

General

GenericFullAccessFilter

This filter will give you unrestricted access to the entity for the chosen DB operation.

Example

GenericNoAccessFilter

This filter will give you no access to the entity for the chosen DB operation

Example

SecurityFilterCollection

When you want to combine one or more filters together you can use the security filter collection.

For example, you want to build a security filter that allows you to read core identities of type Standard but only when the name starts with ‘Ma’, then you have to combine GenericPropertyChainFilter with a GenericPropertyChainStringFilter in a and relation. This you can do with a security filter collection.

Sub Filters

The sub-filters will give you access to an entity based on the configured security of a related entity.

For example, because I have read rights to the core identity, I’m allowed to read its attribute values.

GenericSubFiltersFilter

This filter will give access to the DB entity only when the filter for the referenced object matches the chosen security mode as well.

This filter can be used for up to four reference types, then all four security filters have to match in an and combination.

Example

GenericCollectionSubFiltersFilter

This filter will give access to the DB entity only when the filter for the referenced object matches a least one item in the collection of referenced objects.

Example

Property Chain Filter

The property chain filters give access to the DB entity when the resolved value of the property of the chain matches the one of the filter values.

GenericPropertyChainFilter

Example

GenericPropertyChainStringFilter

This filter allows us to check the security with a text filter with some search behaviors like contains or start with.

Possible values for stringFilterBehaviour

Example

GenericCollectionPropertyChainFilter

This filter allows checking a reference collection if one of these objects matches the filter value.

My core identity filters

GenericMyCoreIdentityFilter / GenericMyCoreIdentityStringValueFilter

This filter gives you permission for the entity type only when your core identity id matches the value of the property chain.

Example:

GenericMyCoreIdentityCollectionFilter

This filter gives you permission for the entity type only when your core identity id is present in a related collection.

Example:

My user filters

GenericMyUserValueFilter/ GenericMyUserStringValueFilter

This filter gives you permission for the entity type only when your user id matches the value of the property chain.

Example:

GenericMyUserCollectionFilter

This filter gives you permission for the entity type only when your user id is present in a related collection.

Example:

Context filter

The context filter allows structuring the security based on the context this filter was assigned with.

For example, based on the organization unit tree I get a security role assigned in the context of the current organization and this should allow me to read this one organization unit.

For the definition of what context should be compared to what property value the class ContextPropertyFilterDefintion is used.

Example:

This example compares the value of the EventHandlerType.Id from IEventHandler to the context identifier of the type organization unit.

Possible context types:

GenericContextPropertyChainFilter

This security filter gives you access to an entity when all property filters match the context this security filter was assigned with.

Example:

GenericContextCollectionPropertyChainFilter

This security filter works similarly to the GenericContextPropertyChainFilter, with the difference that not the entity itself has to match the property filter, but the filter will be applied with an any to a related collection of entities.

Example

Assignment

GenericMyValidAssignmentFilter (Version >= 8)

This filter will give you access to the entity only if you have a valid assignment.

Example: