Home
Help
Register
Log in

Search

 
   Active Threads  

You are here: Home > LLBLGen Pro > LLBLGen Pro Runtime Framework> Authorization for TypedView TypedLists
 

Pages: 1
LLBLGen Pro Runtime Framework
Authorization for TypedView TypedLists
Page:1/1 

  Print all messages in this thread  
Poster Message
Rosacek
User



Location:
CZ
Joined on:
18-Mar-2012 18:02:44
Posted:
133 posts
# Posted on: 29-Apr-2014 00:49:19.  
Hi,
is there any way how to use Authorizers for TypedViews and TypedLists?

As for as views, seems the only way to plug authorizers is to map view as entitycollection in designer and generate code.

Is there any other way? Or plan to add such feature in future releases?
  Top
daelmo
Support Team



Location:
Guatemala City
Joined on:
28-Nov-2005 23:35:24
Posted:
8088 posts
# Posted on: 29-Apr-2014 06:15:01.  
Not directly supported AFAIK, but I think that there is a way.
- Are you using Adapter or SelfServicing?
- What is LLBLGen version you are using ?


David Elizondo
LLBLGen'ing (articles and code snippets) | linkedin | twitter
 
Top
Rosacek
User



Location:
CZ
Joined on:
18-Mar-2012 18:02:44
Posted:
133 posts
# Posted on: 30-Apr-2014 18:50:38.  
Using adapter and latest version.
Means 4.1
  Top
daelmo
Support Team



Location:
Guatemala City
Joined on:
28-Nov-2005 23:35:24
Posted:
8088 posts
# Posted on: 01-May-2014 07:34:26.  
Authorization depends on a place which does the actual authorization. You can add this for typedlists to adapter using the following:

- create a partial class to DataAccessAdapter
- override
Code:
public virtual void FetchTypedList(IEntityFields2 fieldCollectionToFetch, DataTable dataTableToFill, IRelationPredicateBucket filterBucket, int maxNumberOfItemsToReturn,
                ISortExpression sortClauses, bool allowDuplicates, IGroupByCollection groupByClause, int pageNumber, int pageSize)

In the override, cast dataTableToFill to ITypedList2 using 'as'. If not null, it's a typedlist and you can do your authorization magic there: allow it? call base. Not allow it? return.


David Elizondo
LLBLGen'ing (articles and code snippets) | linkedin | twitter
 
Top
Otis
LLBLGen Pro Team



Location:
The Hague, The Netherlands
Joined on:
17-Aug-2003 18:00:36
Posted:
37644 posts
# Posted on: 01-May-2014 10:02:26.  
Quick question to understand the use case: the authorization relies on logic in-memory (e.g. thread user, active directory etc.) ? And you want to avoid reading certain fields as well as rows or just deny rows? As authorization based on fields is done when the properties are read on the entity, not when the row is read from the DB. denying rows is done when the rows are read from the DB however.
Frans Bouma
LLBLGen Pro / ORM Profiler Lead Developer | Blog | Twitter
 
Top
Rosacek
User



Location:
CZ
Joined on:
18-Mar-2012 18:02:44
Posted:
133 posts
# Posted on: 01-May-2014 10:07:28.  
Now I need to avoid reading some fields in TypedView and TypedLists, like social no, birthday etc.

Anyway it would be perfect to have the same mechanism as for entities, means fields and rows authorization, in this case read authorization only.


  Top
Walaa
Support Team



Location:

Joined on:
21-Aug-2005 16:03:48
Posted:
14531 posts
# Posted on: 02-May-2014 08:05:00.  
You can make use of Database Views, map them to entities, so you can get the full fledged Authorization capability to deny/allow fields as well as records.
  Top
Otis
LLBLGen Pro Team



Location:
The Hague, The Netherlands
Joined on:
17-Aug-2003 18:00:36
Posted:
37644 posts
# Posted on: 02-May-2014 10:23:43.  
Indeed. But if entities don't work for you, you indeed have a problem. We'll see what we can do with v4.2 and this feature, but no promises.

Frans Bouma
LLBLGen Pro / ORM Profiler Lead Developer | Blog | Twitter
 
Top
Rosacek
User



Location:
CZ
Joined on:
18-Mar-2012 18:02:44
Posted:
133 posts
# Posted on: 02-May-2014 19:53:37.  
Yes, I know I can map views to entities to cheat Regular Smiley
Say for views it is a way, but how about TypedLists ...

As for as TypedList it would be wonderfull to be able to plug there authorizes from involved entites. Say OrderEntity and ProductsEntity. This way we could define just authorizers for entites and plug them both to TypedList: OrdersWithProducts
Maybe dream Wink

I can make some workarounds in code for now, take it as new feature suggestion. I understand you need time to think of it.

Thanks for LLBL Regular Smiley
  Top
Rosacek
User



Location:
CZ
Joined on:
18-Mar-2012 18:02:44
Posted:
133 posts
# Posted on: 01-Jan-2015 12:40:18.  
Any plan to enable Authorizers also for TypedViews and TypedLists in version 5?

  Top
Otis
LLBLGen Pro Team



Location:
The Hague, The Netherlands
Joined on:
17-Aug-2003 18:00:36
Posted:
37644 posts
# Posted on: 02-Jan-2015 10:52:05.  
No, not at the moment. (for 5.0). If it's added it will be a different system than with entities as we want to move away from the datatable based typedview/list classes, so there's no 'typedview' object holding rows: there are just row objects. This thus means that the authorizer has to be used with a query, e.g. through an adapter or e.g. linqmetadata object.

So perhaps after 5.0 Regular Smiley
Frans Bouma
LLBLGen Pro / ORM Profiler Lead Developer | Blog | Twitter
 
Top
Pages: 1  


Powered by HnD ©2002-2007 Solutions Design
HnD uses LLBLGen Pro

Version: 2.1.12172008 Final.