HomeGuidesAPI ReferenceChangelogDiscussions
GuidesiMIS ProfessionaliMIS EnterpriseClient SupportLog In
Guides

Permissions

When building functionality, it's good practice to make sure a user has enough permission to perform a certain operation before showing a UI for it. (e.g. displaying an edit or add link/button) Most operations, you can check generically such as "Can X create an Order?" but other's could be more specific such as "Can X edit Y's record." This can be checked through the Soa method HasPermission or through some of the Soa manager objects such as MembershipManager.UpdatePermitted. You can check one operation at a time, or you can request a whole set of operation permissions.

Logged in user can add an order

using Asi.Soa.ClientServices;
using Asi.Soa.Core.DataContracts;

EntityManager entityManager = new EntityManager();

bool hasPermission = entityManager.HasPermission("Add", new IdentityData("Order", string.Empty));
if (!hasPermission)
  throw new Exception("Current party does not have permission");

Logged in user can edit an existing record

using Asi.Soa.ClientServices;
using Asi.Soa.Core.DataContracts;

EntityManager entityManager = new EntityManager();

bool hasPermission = entityManager.HasPermission("Add", new IdentityData("Party", "101"));
if (!hasPermission)
  throw new Exception("Current party does not have permission");

var membershipManager = new MembershipManager(entityManager);
bool updatePermitted = membershipManager.UpdatePermitted("101");
if (!updatePermitted)
  throw new Exception("Current party does not have permission");

Logged in user can Find, Update, Add and Delete a Party

using Asi.Soa.ClientServices;
using Asi.Soa.Core.DataContracts;

EntityManager entityManager = new EntityManager();

var identityData = new IdentityData("Party", string.Empty);
// Retrieve set of permission results
PermissionResultCollection results = entityManager.HasPermission(new PermissionDataCollection
{
    new PermissionData("Find", identityData),
    new PermissionData("Add", identityData),
    new PermissionData("Update", identityData),
    new PermissionData("Delete", identityData)
});

// Then each action/operation can be selected from this set
var hasPermission = results.HasPermission("Find", identityData);
if (!hasPermission.HasValue)
    throw new Exception("Current party does not have permission for action");

Contact us
Copyright © Advanced Solutions International, All rights reserved.