DevForce Community Forum : Row-level security http://www.ideablade.com/forum/ This is an XML content feed of; DevForce Community Forum : DevForce Classic : Row-level security Wed, 10 Jun 2026 15:44:44 -700 Fri, 13 Mar 2009 00:02:27 -700 http://blogs.law.harvard.edu/tech/rss Web Wiz Forums 9.69 360 www.ideablade.com/forum/RSS_post_feed.asp?TID=751 DevForce Community Forum http://www.ideablade.com/forum/forum_images/IdeaBlade_logo_tm.png http://www.ideablade.com/forum/ Row-level security : Thanks Greg for your honest and... http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=4056#4056 Author: alipoland
Subject: 751
Posted: 13-Mar-2009 at 12:02am

Thanks Greg for your honest and direct reply and maybe its time for a vote from the community for such built-in functionality :)

In all cases I see DevForce as a true ORM with full object-graphs while the both StrataFrame and Mere Mortals .NET are simple 1-1 table-to-class mappers with no relationship modelling at all. Their apprach indeed performs faster than DevForce but it leaves lots of plumming for the developer to do manually.

For a better-of-both-worlds solution, I'd choose your Classic version over the EF or the upcoming Silverlight one providing it offers a painless migration path to EF/SL3 in the future.
 
Any thoughts on how easy/difficult this migration might be, Greg?
 
Thanks once again for allowing me to share my direct comparisons with the community rather than all the marketing hypes :)
 
Ali
God > infinity
www.geocities.com/aliadams
 
]]> Fri, 13 Mar 2009 00:02:27 -700 http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=4056#4056 Row-level security : Originally posted by alipolandThanks... http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=4036#4036 Author: GregD
Subject: 751
Posted: 11-Mar-2009 at 3:58pm

Originally posted by alipoland

Thanks Gregs, Does or will Ideablade have a module that implements admin-confingurable security? It seems very generic requirement that many would need similar to StartaFrame Role-based Security tool.


We currently have no active plans for such a module, though we have talked about it. It just hasn't bubbled up the priority tree quite high enough yet.
]]> Wed, 11 Mar 2009 15:58:53 -700 http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=4036#4036 Row-level security : Thanks Gregs, Does or will Ideablade... http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=4024#4024 Author: alipoland
Subject: 751
Posted: 10-Mar-2009 at 11:45pm

Thanks Gregs, Does or will Ideablade have a module that implements admin-confingurable security? It seems very generic requirement that many would need similar to StartaFrame Role-based Security tool.]]> Tue, 10 Mar 2009 23:45:32 -700 http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=4024#4024 Row-level security : Originally posted by alipolandand... http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=4015#4015 Author: GregD
Subject: 751
Posted: 10-Mar-2009 at 2:26pm

Originally posted by alipoland

and how about field-kevel security please?


You can write get and set property interceptors to check IsInRole() on the current Principal (System.Threading.Thread.CurrentPrincipal) and intervene as desired in the value returned from the get or received by the set.

]]> Tue, 10 Mar 2009 14:26:30 -700 http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=4015#4015 Row-level security : and how about field-kevel security... http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=3995#3995 Author: alipoland
Subject: 751
Posted: 07-Mar-2009 at 1:33pm

and how about field-kevel security please?]]> Sat, 07 Mar 2009 13:33:41 -700 http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=3995#3995 Row-level security : Thanks. That's what I was... http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=2773#2773 Author: jeremy.wiebe
Subject: 751
Posted: 03-Apr-2008 at 7:35am

Thanks.   That's what I was looking for!  Smile]]> Thu, 03 Apr 2008 07:35:44 -700 http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=2773#2773 Row-level security : >> I'm in the process... http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=2770#2770 Author: GregD
Subject: 751
Posted: 02-Apr-2008 at 1:49pm

>>
I'm in the process of evaluating DevForce and have a question regarding security.   Is it possible, through the DevForce framework, to implement Row-level security.  What I'm after is being able to pass the identity down with a query and then filter the data so that only the data that the identity has access to is returned.

Are there hooks in the BOS to customize the query (either the SQL or "object query)?
<<
 
DevForce provides a QuerySecurityCheck() method which, when overridden on an Entity type (e.g., Customer), acts as an interception point in the submission of a query. It runs server-side and has access to the EntityQuery object that defines the query. It can add a clause to that query before it is ever turned into SQL and submitted to the database.
 
A similar operation can be performed client-side with a handler for the PersistenceManager.Fetching event. 
 
For situations where the filtering is too complicated to express as a query clause, a handler for the client-side PersistenceManager.Fetched event can iterate through the returned entities and eliminate any it needs to, so that they do not end up in the client-side cache.
 
Greg Dunn
IdeaBlade
 
 
]]> Wed, 02 Apr 2008 13:49:05 -700 http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=2770#2770 Row-level security : I&#039;m in the process of evaluating... http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=2768#2768 Author: jeremy.wiebe
Subject: 751
Posted: 02-Apr-2008 at 10:06am

I'm in the process of evaluating DevForce and have a question regarding security.   Is it possible, through the DevForce framework, to implement Row-level security.  What I'm after is being able to pass the identity down with a query and then filter the data so that only the data that the identity has access to is returned.

Are there hooks in the BOS to customize the query (either the SQL or "object query)?

Thanks.
]]> Wed, 02 Apr 2008 10:06:47 -700 http://www.ideablade.com/forum/forum_posts.asp?TID=751&PID=2768#2768