ContextQMD
Back to Devexpress

PermissionSettingHelper.AddMemberPermissionFromLambda<T>(IPermissionPolicyRole, String, String, Expression<Func<T, Boolean>>, Nullable<SecurityPermissionState>) Method

expressappframework-devexpress-dot-expressapp-dot-security-dot-permissionsettinghelper-dot-z-dot.md

latest5.7 KB
Original Source

PermissionSettingHelper.AddMemberPermissionFromLambda<T>(IPermissionPolicyRole, String, String, Expression<Func<T, Boolean>>, Nullable<SecurityPermissionState>) Method

Finds the first type permission for the specified type in the role and adds the member permission to it. If the appropriate type permission is not found, this method creates it.

Namespace : DevExpress.ExpressApp.Security

Assembly : DevExpress.ExpressApp.Security.v25.2.dll

NuGet Package : DevExpress.ExpressApp.Security

Declaration

csharp
public static IPermissionPolicyMemberPermissionsObject AddMemberPermissionFromLambda<T>(
    this IPermissionPolicyRole role,
    string operations,
    string members,
    Expression<Func<T, bool>> lambda,
    SecurityPermissionState? State
)
    where T : class
vb
<ExtensionAttribute>
Public Shared Function AddMemberPermissionFromLambda(Of T As Class)(
    role As IPermissionPolicyRole,
    operations As String,
    members As String,
    lambda As Expression(Of Func(Of T, Boolean)),
    State As SecurityPermissionState?
) As IPermissionPolicyMemberPermissionsObject

Parameters

NameTypeDescription
roleIPermissionPolicyRole

The target role for a new object permission.

| | operations | String |

The semicolon-separated list of security operations. The static SecurityOperations class defines operation names and their delimiter.

| | members | String |

The semicolon-separated list of target member names.

| | lambda | Expression<Func<T, Boolean>> |

The lambda expression that specifies the target object(s).

| | State | Nullable<SecurityPermissionState> |

A SecurityPermissionState enumeration value that specifies if access is granted or denied.

|

Type Parameters

NameDescription
T

This method finds the type permission for this type in the role.

|

Returns

TypeDescription
DevExpress.Persistent.Base.IPermissionPolicyMemberPermissionsObject

The added member permission.

|

Remarks

The following example demonstrates how to use this method in UpdateDatabaseAfterUpdateSchema() (MySolution.Module_DatabaseUpdater__Updater.cs_):

csharp
using DevExpress.Data.Filtering;
using DevExpress.ExpressApp.Security;
using DevExpress.ExpressApp.SystemModule;
using DevExpress.ExpressApp.Updating;
using DevExpress.Persistent.Base;
using DevExpress.Persistent.BaseImpl.PermissionPolicy;
// ...
public class Updater : ModuleUpdater {
    // ...
    public override void UpdateDatabaseAfterUpdateSchema() {
        base.UpdateDatabaseAfterUpdateSchema();
        PermissionPolicyRole defaultRole = ObjectSpace.FirstOrDefault<PermissionPolicyRole>(role => role.Name == "Default");
        if(defaultRole == null) {
            defaultRole = ObjectSpace.CreateObject<PermissionPolicyRole>();
            defaultRole.AddMemberPermissionFromLambda<ApplicationUser>(
                SecurityOperations.Write, 
                "ChangePasswordOnFirstLogon", 
                u => u.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), 
                SecurityPermissionState.Allow
            );
            // ...
        }
        // ...
    }
}

Note

Alternatively, you can use the AddMemberPermission<T>(IPermissionPolicyRole, String, String, String, Nullable<SecurityPermissionState>) method, which takes a criteria expression instead of a lambda expression.

See Also

PermissionSettingHelper Class

PermissionSettingHelper Members

DevExpress.ExpressApp.Security Namespace