Object security
Printed From: IdeaBlade
Category: DevForce
Forum Name: DevForce Classic
Forum Discription: For .NET 2.0
URL: http://www.ideablade.com/forum/forum_posts.asp?TID=332
Printed Date: 10-Jun-2026 at 8:32pm
Topic: Object security
Posted By: DataMan
Subject: Object security
Date Posted: 26-Jul-2007 at 10:08am
|
_popupControl();
Do you guys have an example where a person is not allowed to open a form or save/update/delete data to a form because they do not have the proper security to do so.
I can understand how the security currently checks to see if the person logging in is in the User table but how would you implement role security on the Customer Entity? Would I write code in the SaveSecurityCheck in each Entity that looks at the UserRole entity and if it passes my security logic then returns true?
Is there a DeleteSecurityCheck or does SaveSecurityCheck run for Updates/Loads/Deletes/Saves?
Thanks
|
Replies:
Posted By: davidklitzke
Date Posted: 27-Jul-2007 at 8:38am
|
Use "IsInRole" to test whether the user is authorized to perform a particular action:
http://www.ideablade.com/forum/forum_posts.asp?TID=69 - http://www.ideablade.com/forum/forum_posts.asp?TID=69
Use SaveSecurityCheck to prevent undesired saving, updating, or deleting of data. For an example, see the advanced tutorial:
 |
Posted By: securityservice
Date Posted: 23-Oct-2008 at 12:19am
|
Thank you for sharing useful information.We want you to come up with more information's. http://www.hacker4lease.com - Hacker4lease-IT Security Service |