No objections from me. But, one question. Is it possible to denormalize the table instead? That would allow better indexing instead of joins.
On Wed, Feb 4, 2009 at 10:18 PM, Bart Reyserhove <[email protected]>wrote: > We have this method in Rhino.Security to add permissions to a query: > > > /// <summary> > /// Adds the permissions to query. > > /// </summary> > /// <param name="user">The user.</param> > /// <param name="criteria">The criteria.</param> > /// <param name="operation">The operation.</param> > public void AddPermissionsToQuery(IUser user, string operation, > DetachedCriteria criteria) > { > Type rootType = Commons.NHibernate.CriteriaUtil.GetRootType(criteria, > UnitOfWork.CurrentSession); > string securityKeyProperty = criteria.Alias + "." + > Security.GetSecurityKeyProperty(rootType); > ICriterion allowed = GetPermissionQueryInternal(user, operation, > securityKeyProperty); > > You pass it a user, an operation and criteria (detached or not) and it adds > permissions to a query. This query works really well if you use all possible > features of Rhino.Security: permissions on users, permissions on usergroups, > hierarchy of usersgroups... > However if your application only puts permissions on usersgroups and does > not have an hierarchy the generated query could be more efficient. We ran > into a performance issue mainly because we have many permissions. > > Any objections agains adding an overload that only takes the permissions > defined on the passed usersgroup into account? We would probably need a case > in which you want to pass a usersgroup but also want the usersgroup > hierarchy to be respected. > > Bart > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Rhino Tools Dev" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rhino-tools-dev?hl=en -~----------~----~----~----~------~----~------~--~---
