DevForce 2009: Field-level Security

Print Page | Close Window

Field-level Security

Printed From: IdeaBlade
Category: DevForce
Forum Name: DevForce 2009
Forum Discription: For .NET 3.5
URL: http://www.ideablade.com/forum/forum_posts.asp?TID=1121
Printed Date: 20-Apr-2024 at 11:23am

Topic: Field-level Security

Posted By: alipoland
Subject: Field-level Security
Date Posted: 06-Mar-2009 at 11:44pm

Salam all,

Can someone please guide me on how to enforce role-based security at field-level? I need some fields within a table to be hidden|readonly|readwrite based on the current role logged in.

Many thanks in advance and peace to all.

Ali

God > infinity

Replies:

Posted By: smi-mark
Date Posted: 09-Mar-2009 at 9:58am

Hi Ali,

In your DomainModel if you create a class that implements IEntityServerSaving and IEntityServerFetching you can change what gets returned/saved. The current Principal is in the arguments so you can do your IsInRole functions to determine what action to take. You should take a look at the property interceptors too, they offer a lot of functionality that you may want versus using the EntityServer interfaces.

Mark

Print Page | Close Window