We have this method in Rhino.Security to add permissions to a query:
/// <summary>
/// Adds the permissions to query.
/// </summary>
/// <param name="user">The user.</param>
/// <param name="criteria">The criteria.</param>
/// <param name="operation">The operation.</param>
public void AddPermissionsToQuery(IUser user, string operation,
DetachedCriteria criteria)
{
Type rootType = Commons.NHibernate.CriteriaUtil.GetRootType(criteria,
UnitOfWork.CurrentSession);
string securityKeyProperty = criteria.Alias + "." +
Security.GetSecurityKeyProperty(rootType);
ICriterion allowed = GetPermissionQueryInternal(user, operation,
securityKeyProperty);
You pass it a user, an operation and criteria (detached or not) and it adds
permissions to a query. This query works really well if you use all possible
features of Rhino.Security: permissions on users, permissions on usergroups,
hierarchy of usersgroups...
However if your application only puts permissions on usersgroups and does
not have an hierarchy the generated query could be more efficient. We ran
into a performance issue mainly because we have many permissions.
Any objections agains adding an overload that only takes the permissions
defined on the passed usersgroup into account? We would probably need a case
in which you want to pass a usersgroup but also want the usersgroup
hierarchy to be respected.
Bart
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Rhino Tools Dev" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/rhino-tools-dev?hl=en
-~----------~----~----~----~------~----~------~--~---
