I have done some research on this topic, on this board and just searching around google. Let me explain what I'd like to try to do first:
1) Based on the requesting user prevent the loading of any entity that user doesn't have access to. 2) We would rather implement this at a layer lower than say a repository as those implementing new repository methods and applying: Session.Get, Session.Query, Session.QueryOver or Session.CreateCriteria shouldn't need to apply the security filtering logic. 3) Want to prevent the loading of an entity that a user doesn't have access to even it is associated with an entity they do have access to IE: A user has access to a folder, that folder is a list of documents. One of the documents they are explicitly denied access to. The expectation is that the domain object "folder" would have the Documents collection minus the item restricted. We have looked at using the ILoadEventListeners OnLoad and this seems to work with the basic case of, essentially null out the entity in the event data, however we do some projections with linq to nhibernate, and as far as I can tell there isn't any events to hook in to here. I am willing to work around these cases, if the event method is a tenable solution. One of the devs on my team looked at rhino security and wasn't sure it would accomplish what we want to do. Before I dive in to Rhino Security I wanted to see if anyone had in solutions, either via libraries or implementation suggestions. I appreciate any help. -Patrick -- You received this message because you are subscribed to the Google Groups "nhusers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/nhusers. For more options, visit https://groups.google.com/groups/opt_out.
