Current filter:
                                You should refresh the page.
                                  • Hi,
                                    since i didnt find this in sugesstions i thought i'd make one (based on
                                    and also try to ask again what is the status of this issue?
                                    This feature is critical for many applications where you have users working collaboratively on the same database and woud like to specify not only level of access to objects but also individual records for other users.
                                    Proposed Solution:
                                    defining permissions for the object using Criteria would be quite handy (just forst thing that came to mind)

                                        userRole.AddPermission(new ObjectAccessPermission(typeof(object),MyCriteria, ObjectAccess.AllAccess));
                                    this would give freedom of locking individual records (MyCriteria=CriteriaOperator.Parse("Oid=25"))
                                    or groups of records... And it woud be dynamic meaning the new records falling under criteria would automaticaly fall under permission control and dont have to be re-visited...


                                Show all comments
                                • Evgeniy Meyke 06.04.2007

                                  correcting spelling...

                                • Aleksei M. (DevExpress) 06.05.2007

                                  Hi Evgeniy,
                                  We are planning to implement this feature. However, we cannot provide any time frame for this feature implementation, sorry.

                                • Evgeniy Meyke 10.14.2008

                                  Well... the issue S90775 is not exactly what i meant (FWIW)
                                  What Drew suggests is a siple thing and perhaps doesnt need an out-of-the-box implementation.
                                  I am more thinking towards enterprise "level" security where which records one is permitted to view (or edit/delete/execute action on, etc.) depends on GROUP permissions set by group admin. Anyway, this is a complex subject i am just curious what are the intentions: implement what is suggested in S90775 or take it further?
                                  It was a little bit discussed with Dan a while ago in
                                  (see Reactivated by Evgeniy Meyke at 9/21/2007 10:31:58 AM )

                                • Dennis (DevExpress) 10.14.2008

                                  Hello Evgeniy,
                                  It was I who duplicated your request to the "Security.ObjectLevel: Introduce an "Object Owner" feature into the XAF Security system", S90775.
                                  In your terms, an owner of an object is an Administrator: "view (or edit/delete/execute action on, etc.) records depends on GROUP permissions set by group admin".
                                  So, an Owner (or an Administrator) will adjust permissions which are associated with some strict object (or with a couple of objects by some criteria) and restrict access to these strict objects for some users.
                                  This is an essence of the "Object Owner" feature as well as the "permissions at the level of records": a personal set of permissions for some strict object (or a group of objects by a criteria), which is managed by some strict person (or a group of persons by a criteria) and associated with a strict user (or a group of users by a criteria).
                                  I have reviewed and duplicated this issue because recently I have spent some time investigating how it's difficult to implement this feature in an out-of-the-box manner. As I understand your description, your request and the "Security.ObjectLevel: Introduce an "Object Owner" feature", are nearly the same.
                                  Don't hesitate to correct me if I misunderstood you.
                                  Thanks, Dan

                                • Evgeniy Meyke 10.14.2008

                                  Dan, thanks for elaborating.
                                  In fact i have no problem of abondoning the request (and setting it "duplicate" for that matter) as I myself realized that what I ask should be close to impossible to do out of the box as I was wroking through my requrements and implementing data flow/sharing/control using the "criteria approach" as we discussed.
                                  So, yes you explained what i need correctly and whether it is the same as "object owner" request doesnt really matter for me anyway.
                                  The only point of reactivating this was to check if ther more extensive plans or not. WHich i still dont know but thats alright :)
                                  Thanks again,

                                • Dan (DevExpress) 10.15.2008

                                  I duplicated your request to make it visible in the "Duplicates" list of the "Introduce an "Object Owner" feature" (S90775) suggestion.

                                0 Solutions

                                Creation Date Importance Sort by