Current filter:
                                You should refresh the page.
                                  • How to implement permission level security for what user are able to see and not depending on a certain group they belongs to, in XAF?
                                    I've did some search and come across this
                                    http://www.devexpress.com/Support/Center/KB/p/K18110.aspx?searchtext=Permission+Roles&p=T4|P2|54
                                    but it's not exactly what I'm looking for. A scenario for example:
                                    There is a many to many relationship between users and divisions. And one to many relationship between division and documents.
                                    each user after log in is only allow to view/edit data row(documents) related to the division that the user belongs to.
                                    Look forward for your reply.

                                Show all comments
                                • Anatol (DevExpress Support) 11.10.2009

                                  Hello Dave,
                                  Currently, this functionality isn't supported by XAF out of the box, but we have a corresponding suggestion: ID S32269 (XCRM.Security - Add the capability to protect information depending on the current user's company or department).
                                  Please review similar Support Center issues: ID Q202258 (MultiCompany Application), ID Q207250 (Data level security).
                                  To implement this task manually, you can use an approach from the OBSOLETE: How to filter persistent objects in ListView, according to the users who own them (Complex Security) Code Central example, and the ConditionalEditorState module with the @CurrentUserID read-only parameter in criteria expressions.
                                  Please let me know in case of any difficulty.
                                  Thanks,
                                  Anatol

                                • Dave David 11.16.2009

                                  Hi Anatol,
                                  Thank you for the links. I'm trying my best to use ViewController to filter the objects based on user's many to many relationship. I'm confuse with http://www.devexpress.com/Support/Center/p/Q207250.aspx cause I cant seems to get it to work, here's my code

                                  [VB.NET]
                                  Partial Public Class FilterResourcesByOwnersController Inherits ViewController Public Sub New() TargetObjectType = GetType(Documents) TargetViewType = ViewType.ListView End Sub Protected Overrides Sub OnActivated() MyBase.OnActivated() CType(View, ListView).CollectionSource.Criteria("ByDivision") = New BinaryOperator("Detail", _ CType(SecuritySystem.CurrentUser, MyUser).Division) 'can't seems to get it to return which division current user belongs to End Sub
                                  [VB.NET]
                                  Public Class MyUser Inherits User Public Sub New(ByVal session As Session) MyBase.New(session) End Sub <Association("Division-MyUser", GetType(Division))> _ Public ReadOnly Property Division() As XPCollection Get Return GetCollection("Division") End Get End Property End Class
                                  [VB.NET]
                                  Public Class Division Inherits BaseObject Private fDetail As String Public Sub New(ByVal session As Session) MyBase.New(session) End Sub Public Property Detail() As String Get Return fDetail End Get Set(ByVal value As String) SetPropertyValue("Detail", fDetail, value) End Set End Property <Association("Division-MyUser", GetType(MyUser))> _ Public ReadOnly Property MyUser() As XPCollection Get Return GetCollection("MyUser") End Get End Property <Association("Division-Documents", GetType(Documents))> _ Public ReadOnly Property Documents() As XPCollection Get Return GetCollection("Documents") End Get End Property End Class
                                  [VB.NET]
                                  Public Class Documents Inherits BaseObject Private fDetail As String Private fDivision As Division Public Sub New(ByVal session As Session) MyBase.New(session) End Sub Public Property Detail() As String Get Return fDetail End Get Set(ByVal value As String) SetPropertyValue("Detail", fDetail, value) End Set End Property <Association("Division-Documents", GetType(Division))> _ Public Property Division() As Division Get Return fDivision End Get Set(ByVal value As Division) SetPropertyValue("Division", fDivision, value) End Set End Property End Class

                                  will the filter work on 'Documents' if 'MyUser' belongs to more than one 'Division'?
                                  you mention to use ConditionalEditorState module with the @CurrentUserID read-only parameter in criteria expressions. How do you implement this with ViewController?
                                  I'll be grateful if you could attached a sample for reference. This features very essential to me, do hope it is possible to be achieve using XAF. Look forward for your reply.

                                • Anatol (DevExpress Support) 11.16.2009

                                  Hello Dave,
                                  I apologize for the delay.
                                  These days we've been a little bit overloaded with support queries.
                                  We are working on your issue, and will answer you ASAP.
                                  Thanks,
                                  Anatol

                                • Anatol (DevExpress Support) 11.17.2009

                                  Hello Dave,
                                  Thank you for the additional information.
                                  I believe there is no need to create a complete sample project. To accomplish your task, it is enough to use the following expression to filter the Document ListView so that only documents whose Division is associated with the currently logged user are shown:
                                      Division.MyUser[Oid = '@CurrentUserID']
                                  You can convert it to the CrieriaOperator using the CriteriaOperator.Parse static method.
                                  This expression uses the ContainsOperator. Please refer to the How to: Use the ContainsOperator for Objects in a Many-to-Many Relationship help topic for additional information.
                                  If you use this expression as a parameter of the EditorStateRule attribute, you'll be able to hide some properties from the Document views, if the Document's Division isn't associated with the currently logged user.
                                  Please let me know if you need any further help.
                                  Thanks,
                                  Anatol

                                • Dave David 11.18.2009

                                  Hi Anatol,
                                  Thanks for explaining, I try this and it work

                                  [VB.NET]
                                  Protected Overrides Sub OnActivated() CType(View, ListView).CollectionSource.Criteria("ByDivision") = _ CriteriaOperator.Parse("Division.MyUser[Oid = ?]", SecuritySystem.CurrentUserId) End Sub

                                  but what if there's other classes that is related to the Document class. example: one to many between document and subDocument, will the controller filter the subDocument accordingly?
                                  <If you use this expression as a parameter of the EditorStateRule attribute, you'll be able to hide some properties from the Document views>
                                  how/where should this be applied?
                                  Appreciate the help, apoloogies for I'm still unexperience with XAF

                                • Anatol (DevExpress Support) 11.18.2009

                                  Hello Dave,
                                  >> but what if there's other classes that is related to the Document class. example: one to many between document and subDocument, will the controller filter the subDocument accordingly?
                                  No, you'll have to create another filter for the subDocument ListView, such as Document.Division.MyUser[Oid = '@CurrentUserID']
                                  We understand that it is not a good solution to customize each view separately, but until the S32269 suggestion is implemented, we don't see another way to accomplish your task.
                                  >> how/where should this be applied?
                                  This attribute should be applied to the business class, whose properties you want to hide from a UI. For additional information, please refer to the following help topic: ConditionalEditorState module. But, you should take into account that this module is created for the UI customization and doesn't have any relation to security. As a result, the end-user will be able to show hidden properties using the XtraGrid and XtraLayout and-user capabilities.
                                  Thanks,
                                  Anatol

                                • Dave David 11.18.2009

                                  hi Anatol,
                                  Thanks for clarifiying, I've tried to create another filter but Sub procedures returns 'multiple definition with identical signature' error.
                                  How is the expression use to create rest of the filter (more than one TargetObjectType/CriteriaOperator)? This is what I tried but apparently is it not working.

                                  [VB.NET]
                                  Partial Public Class FilterResourcesByOwnersController Inherits ViewController Public Sub New() TargetObjectType = GetType(Documents) TargetViewType = ViewType.ListView End Sub Protected Overrides Sub OnActivated() CType(View, ListView).CollectionSource.Criteria("ByDivision") = _ CriteriaOperator.Parse("Division.MyUser[Oid = ?]", SecuritySystem.CurrentUserId) CType(View, ListView).CollectionSource.Criteria("BySubDocument") = _ CriteriaOperator.Parse("Document.Division.MyUser[Oid = ?]", SecuritySystem.CurrentUserId) End Sub End Class
                                • Dave David 11.19.2009

                                  hi Anatol,
                                  I just figure out the problem, apparently I forgot to change the name of the class for the new controller created. Sorry for my carelessness
                                  Thanks you for being so patient with an amateur like me

                                0 Solutions

                                Creation Date Importance Sort by