1. Home
  2. LLBLGen Pro
  3. LLBLGen Pro Runtime Framework

AuthorizerToUse guidelines

Posts   
 
    
JimHugh
User
Posts: 191
Joined: 16-Nov-2005
# Posted on: 22-Aug-2007 21:43:03   

LLBLGen 2.5 (yea team!) SQL Server 2005 C#

I've already upgraded the project from 2.0 with no hiccups (so far).

I have an application with 50+ entities and am interested in implementing the LLBLGen Authorizer. However out of the 50+, there are probably 5 groups/roles in which I could narrow down the number of unique authorizers required.

I'm curious as to how best to setup the authorization classes.

While I could go through and setup a separate Authorizer class for each entity, it seems that could be tedious and error prone.

I don't currently envsion field level controls.

What I am considering is create a interface for each of the groups.

Create the interfaces as:


public interface IRoleAdmin {}
public interface IRoleDBAdmin {}
public interface IRoleOperations {}
public interface IRoleResearch {}
public interface IRoleStaff {}

// create partial classes that implement the interface
public partial class PersonEntity : IRoleAdmin {}
// repeat for the rest of the entities, grouping appropriately

// create the authorizers for each interface [DependencyInjectionInfo(typeof (IRoleAdmin), "AuthorizerToUse", ContextType = DependencyInjectionContextType.Singleton)] public class DBAuthorizer : AuthorizerBase { // insert overrides here for actual Identity role memberships. }

Then let DI handle the appropriate authorizers.

I am VERY open to suggestions, pitfalls and other ideas, this is just a thought...

Walaa avatar
Walaa
Support Team
Posts: 14950
Joined: 21-Aug-2005
# Posted on: 23-Aug-2007 10:47:53   

Looks good to me.

Also I don't know if you can specify more than one DependencyInjectionInfo attribute to the Authorizer class, as follows:

[DependencyInjectionInfo(typeof (PersonEntity), "AuthorizerToUse",
        ContextType = DependencyInjectionContextType.Singleton)]
[DependencyInjectionInfo(typeof (CustomerEntity), "AuthorizerToUse",
        ContextType = DependencyInjectionContextType.Singleton)]
[DependencyInjectionInfo(typeof (EMployeeEntity), "AuthorizerToUse",
        ContextType = DependencyInjectionContextType.Singleton)]
...
public class DBAuthorizer : AuthorizerBase
{
// insert overrides here for actual Identity role memberships.
}
Otis avatar
Otis
LLBLGen Pro Team
Posts: 39612
Joined: 17-Aug-2003
# Posted on: 23-Aug-2007 10:56:11   

Yes you can specify more than 1 attribute. simple_smile

Frans Bouma | Lead developer LLBLGen Pro
JimHugh
User
Posts: 191
Joined: 16-Nov-2005
# Posted on: 23-Aug-2007 17:08:40   

More than one attribute is even easier!

Thank you!

JimHugh
User
Posts: 191
Joined: 16-Nov-2005
# Posted on: 23-Aug-2007 18:53:20   

ummmm, It's not working... What did I miss?

Whichever attribute is closer to the class DBAdminAuthorizer works, the other fails with "AssertionException: AuthorizerToUse is null".

Swapping the order of the attributes moves the error to the other test.



    [DependencyInjectionInfo(typeof(SamplerEntity), "AuthorizerToUse", ContextType = DependencyInjectionContextType.Singleton)]
    [DependencyInjectionInfo(typeof(SiteEntity), "AuthorizerToUse", ContextType = DependencyInjectionContextType.Singleton)]
    public class DBAdminAuthorizer : DBAuthorizerBase
    {
    }

[TestFixture]
public class AuthorizationTest
{

    [Test]
    public void CreateSamplerEntity()
    {
        SamplerEntity sampler = new SamplerEntity();
        Assert.IsNotNull(sampler.AuthorizerToUse, "AuthorizerToUse is null");
        Assert.IsInstanceOfType(typeof(DBAdminAuthorizer), sampler.AuthorizerToUse, "IsInstanceOfType = DBAdminAuthorizer");
        }
    }

    [Test]
    public void CreateSiteEntity()
    {
        SiteEntity site = new SiteEntity();
        Assert.IsNotNull(site.AuthorizerToUse, "AuthorizerToUse is null");
        Assert.IsInstanceOfType(typeof(DBAdminAuthorizer), site.AuthorizerToUse, "IsInstanceOfType = DBAdminAuthorizer");
    }
}
Otis avatar
Otis
LLBLGen Pro Team
Posts: 39612
Joined: 17-Aug-2003
# Posted on: 24-Aug-2007 10:42:21   

It should work, I'll setup a test.

(edit) reproduced. I'll see if I can track down the cause of this.

(edit) It's an implementation flaw: just 1 attribute is used. It's code in private methods, I'll rework it a bit to handle multiple attributes.

Frans Bouma | Lead developer LLBLGen Pro
Otis avatar
Otis
LLBLGen Pro Team
Posts: 39612
Joined: 17-Aug-2003
# Posted on: 24-Aug-2007 11:37:35   

Fixed in next build. 


[DependencyInjectionInfo(typeof(LocationEntity), "AuthorizerToUse")]
[DependencyInjectionInfo(typeof(ProductVendorEntity), "AuthorizerToUse")]
[DependencyInjectionInfo(typeof(CustomerEntity), "AuthorizerToUse")]
public class GeneralAdventureWorksAuthorizer : AdventureWorksAuthorizerBase
{
    public override bool CanGetFieldValue(IEntityCore entity, int fieldIndex)
    {
        return base.CanGetFieldValue(entity, fieldIndex);
    }
}



[Test]
public void MultiAttributeAuthorizerTest()
{
    CustomerEntity c = new CustomerEntity();
    ProductVendorEntity p = new ProductVendorEntity();
    LocationEntity l = new LocationEntity();

    Assert.IsNotNull(c.AuthorizerToUse);
    Assert.IsNotNull(p.AuthorizerToUse);
    Assert.IsNotNull(l.AuthorizerToUse);
}
Frans Bouma | Lead developer LLBLGen Pro
JimHugh
User
Posts: 191
Joined: 16-Nov-2005
# Posted on: 24-Aug-2007 18:15:15   

Thanks Frans!

JimHugh
User
Posts: 191
Joined: 16-Nov-2005
# Posted on: 27-Aug-2007 19:44:22   

2007.8.27 Build did the trick for multiple attribute support!

Thanks again!