11.16 how to verify whether the current user has the specified functional permissions?

Permission verification includes authentication and authorization. User logon is an authentication issue. It verifies whether the current user has the permissions of the specified function. IBeamMDAA has integrated these two functions, we only need to use it when appropriate.

Permission verification is closely related to business objects and cannot be discussed separately. For example, product information management may include query, add, edit, and delete functions, the Code is as follows:

BtnAdd. Enabled = _ ProductsCategory! = Null &&! _ ProductsCategory. IsNew & _ ProductsList! = Null & Products. CanAdd ();

BtnDelete. Enabled = _ Products! = Null & _ Products. CanDelete ();

NameDataGridViewTextBoxColumn. ReadOnly = _ Products = null |! _ Products. CanEdit ();

 

In addition, the add, edit, and query operations are a type of permission for permission verification. The reason is: you have the permission to add a product, and you should have the permission to edit the product based on logical reasoning, before editing a product, you must first find the product after the query to edit the product. query is a necessary condition for editing. Therefore, it is a function permission, and deletion is the same as editing, first, you must first query the object. Therefore, in actual system design, you do not need to define a special function for the query.

When designing and registering a function, you should set it according to the actual needs of the business logic. It is not a dogma setting: Query, add, edit, delete, expand 1, expand 2, expand 3, etc, this is strictly prohibited in IBeamMDAA.

 

Let's take a look at the definition of these methods of the product:

Public static bool CanAdd ()

{

Return Csla. ApplicationContext. User. IsAllowed (ACPLID. FunAddProducts );

}

Public bool CanEdit ()

{

If (this. IsNew | this. IsDirty)

{// Judgment related to the current state of the business object. The current object is being modified by the user

Return true;

}

If (HasOrderItem | HasInventoryItem | HasPickListItem | HasInventoryCheckItem)

{// Judgment related to business logic

Return false;

}

Return Csla. ApplicationContext. User. IsAllowed (ACPLID. FunAddProducts );

}

Public bool CanDelete ()

{

If (this. IsNew)

{// Judgment related to the current state of the Business Object

Return true;

}

If (HasOrderItem | HasPickListItem | HasInventoryItem | HasInventoryCheckItem)

{// Judgment related to business logic

Return false;

}

If (! Csla. ApplicationContext. User. IsAllowed (ACPLID. FunDeleteProducts ))

{

Return false;

}

// Judge the code on the server. To improve performance and reduce the number of server calls, comment out the code

// CanDeleteCommand result = DataPortal. Execute <CanDeleteCommand> (new CanDeleteCommand (this ));

// Return result. Success;

Return true;

}