Changes

HowTo:Configure Users and User Rights

2,408 bytes added, 22:09, 15 January 2020
So we have the basic definitions for reading and writing. Now we have to apply them to use-cases, respectively, objects and users (or better, groups). E.g., if it should be possible to control the rights for editing an object's properties, one could relate the respective user group to the object and set the right on the relation data object. Then, the group is related to the target object, with the respective right as a property of their relation connection.
The next steps will be to create a [[Relation]] with a custom relation data meta class (configuring a derivation of the meta class ''RELATIONDATA'', assigning it to the equally named property; see also: [[HowTo:Create_a_new_Relation]]) defining a property for the rights configuration:
# Create a new [[Relation]] plus relation data meta class.
# Design the relation data meta class as follows:
# The left target meta class should be any object (i.e., ''BASECLASS''), whereas the right target meta class should be ''USERGROUP'' or ''LOGIN'', depending on whether you're using groups or not.
# Add a new [[MetaProperty]] for the user right to the relation data meta class, e.g., ''MP_USER_RIGHT''. It should be an integer property, so we can store values from the ''UserRights'' enum in it.
# For each combination, create a new instance of ''UBIK.Service.DTO.V240.GroupRight'' and assign both the group and the right.
# Add all ''GroupRight'' instances to a result list and return it.
 
Here's an exemplary code snippet:
<source lang="csharp">
public override IEnumerable<UBIK.Service.DTO.V240.GroupRight> CustomGroupRights(IEnumerable<UBIK.Service.DTO.V240.GroupRight> defaultRights)
{
// The goal of this method is to collect all rights defined for groups on this object.
// UBIK will take care of finding out what rights apply to the active user.
 
// First, let's define our result collection containing the group rights.
List<UBIK.Service.DTO.V240.GroupRight> results = new List<UBIK.Service.DTO.V240.GroupRight>();
// We'll add the default rights in case we don't have defined any specific rights for the active user's group.
results.AddRange(defaultRights);
 
// Now we try to find the rights defined for this object.
// For this code snippet, the author assumes that the rights are defined on the relation data between user groups and this object.
 
// Getting the relation...
Guid relationId = Guid.Parse("Replace this text with the UID of your custom rights relation");
Relationship rightsRelation = this.Environment.UBIKDataFactory().Relation(relationId);
 
// Using the relation to find all related groups
UBIKClassList<RelationalObject> userGroups = this.RelatesFrom(rightsRelation);
 
string rightsPropertyName = "Replace this text with the name of the property on the relation data object containing the rights, e.g. GROUPRIGHT";
 
// For every linked group, we want to get the rights defined for this object.
foreach (RelationalObject userGroup in userGroups)
{
 
// Getting the relation data object linking the userGroup to this object
RelationData rd = userGroup.GetRelationDataObject(rightsRelation, this);
 
// Getting the right defined on the relation data
int? right = rd.GetValue<int?>(rightsPropertyName);
 
// If the right value is not null, we can use it!
if (right != null)
{
// Let's create a new groupRight object and set the group and right
UBIK.Service.DTO.V240.GroupRight groupRight = new UBIK.Service.DTO.V240.GroupRight()
{
GroupID = userGroup.UID,
Right = right.Value
};
 
// Adding the groupRight object to the result list
results.Add(groupRight);
}
}
 
// Now that we collected all group rights, return the results.
return results;
}
</source>
==== Controlling the visibility and editability of properties ====
<!-- DO NOT REMOVE THIS -->{{Template:HowTo/End}}<!-- DO NOT REMOVE THIS -->
[[Category:How-To|Configure Users]][[Category:Login management|Configure Users]]
==See also==
1,606
edits