Haye you check out Rhino Security ? It seems that it covers the same ground.
On Mar 18, 1:37 pm, "[email protected]" <[email protected]> wrote: > Hi there! > > Been seeking answers to this question all day without success. > > In my current project I got entities that needs to be hidden if the > user who requests them doesn't have the permission to see them. Each > user belongs to one or several groups and these groups determine if > the user have the permission to view the entity. > > Simple schema > > Entity > - Id > - Name > > User > - Id > - GroupId > > EntityGroup > - GroupId > - EntityId > > So each entity is linked to one or several groups using the > "EntityGroup" table. > > Since I didn't want to clutter my Entity with a property containing > all Groups that are entitled to view it I've been thinking of ways to > work around this. > > One possible solution is to use filters and with custom SQL filter the > query. That worked great, but since the Entity is mapped as a <joined- > subclass> in an other entity I couldn't make the filter work without > sneaking in the SQL generated by NHibernate and in the filter mapping > add the alias which NHibernate generates. > > An example > > <set name="Items"> > <key column="ViewID" /> > <one-to-many class="AxisItem" /> > <filter name="FilterByGroup" condition="axisitems0_1_.QuestionId > IN (Select p.QuestionID FROM QSReportal.dbo.GroupQuestionPermissions p > WHERE p.GroupId = :groupId)"></filter> > </set> > > The problem lies with "axisitems0_1_" where I instead would like to > use the original tablename, "Entity". > > But even though this works, though some small hacks, it doesn't feel > "right". > So here I am, asking how you deal with these scenarios where users has > permissions to see or not to see other entities. Is Filter the way to > go? Should I add the "Group"-property on the Entity and query it with > the Criteria API and thereby cluttering my entity? > Should I load all objects and filter them with code? > > Or is there an even better solution this? > > Thanks for your time and answers > //Kenny Eliasson, Quicksearch Sweden --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "nhusers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nhusers?hl=en -~----------~----~----~----~------~----~------~--~---
