Thanks guys. The issue I have is how to go about creating the query with the hierarchical structure of the operations table. Might have to create another table to track the hierarchy similar to whats being done with the UsersGroups. If you have any suggestions, I would be happy to implement it and submit a patch.
Another possible solution is to modify rhino security by adding an overloaded method public Permission[] GetGlobalPermissionsFor(IUser user) Then In the Application 1. Eager fetch all the operations 2. Fetch the permissions defined for the user via the above overloaded method. 3 Loop through the operations hierarchy, checking the permissions list to see whether it is allowed or not. Let me know what you guys think. Thanks On Jun 23, 4:41 am, Ayende Rahien <[email protected]> wrote: > I agree with Bart, the easiest way to go here would be to use the criteria > API directly.Or, if you want to use the API, a patch would be welcome. > > On Tue, Jun 23, 2009 at 1:11 AM, Bart Reyserhove > <[email protected]>wrote: > > > We do something very similar for our field level security. You really don't > > want to start querying field by field ;-) > > The advantage that we have is that you we can ask for all permissions for a > > certain type. > > > In your case you might want to get all permissions of all operations at > > once in memory and store that by usergroup or something. > > > You can just use the NHibernate criteria API to accomplish what you want. > > Of course you have to know the Rhino.Security object structure then, but > > once you know that it is easy... > > > If you would need further guidance, let me know. > > > On Mon, Jun 22, 2009 at 5:09 PM, [email protected] > > <[email protected]>wrote: > > >> Hi, > > >> I am trying to create a dynamic menu so that user will only see the > >> menu options they have permissions to access. > > >> for eg below is the menu structure > >> Admin > >> Users > >> Group > >> Request > >> Request 1 > >> Request 2 > >> ..... > > >> The permissions are defined for usersgroups and not at the users > >> level. > > >> I know I can use the IAuthorizationService to see if the user has > >> permission but that requires me to generate multiple queries, one for > >> each operation.. Is it possible to get the allowed operations in a > >> single query for a user and based on the query result I can build the > >> menu. > > >> Thanks > >> Jay --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Rhino Tools Dev" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rhino-tools-dev?hl=en -~----------~----~----~----~------~----~------~--~---
