This project is read-only.

ViewAction userRoles usage

May 22, 2013 at 5:57 AM
Markus,

While wandering through the ViewAction code, I saw a setting for userRoles. Are there any docs on how that is used? I have a number of menus and other actions that are controlled by the level of the user, so am quite interested in using this the "correct" way.

Links to any appropriate info is greatly appreciated.

Thanks,

Fletcher
May 24, 2013 at 6:16 AM
The roles stuff is pretty straightforward and uses standard .NET security infrastructure.

The basic idea is that you define which roles have access to an action like so:
Actions.Add(new ViewAction("Menu Item", execute: (a, o) => Controller.Message("Menu Item clicked!")) {UserRoles = new[] {"Administrators"}});
You can define any number of roles for the action you want, and if the user is in at least one of those roles the action will be available to that user.

This leaves the question how the roles for the current user are defined. CODE Framework simply queries the current thread principal for roles. In .NET, every thread has a principal that has an IsInRole() method. So that is what the framework calls. So now it just depends on what that principal is set to. You can use any .NET security approach you want. For instance, you could use an active directory principal or any other principal that comes with .NET.

Or, you can set your own principal. If you have used the default CODE Framework WPF template and you picked to have a login screen, then you have a CODEFrameworkPrincipal class created for you by default (you can rename that if you want). This class has the IsInRole() method and you can do anything you want to determine whether the user is in the specified role. (The class is in the Models\View\UserAndPrincipal.cs file). You can also take a look at the LoginViewModel.cs file to see how we set the principal.


Markus