IRolesCatalog & Services

Topics: Web Client Software Factory, Project Management Forum, UIP Application Block discussion, User Forum
Aug 21, 2007 at 10:43 AM
Сould someone explain please how to work with IRoleCatalog and other services.
for what they are needed ? what are the main task of IRoleCatalog,permissionsCatalog,authorizationService ?
what is an idea of authorizationService and permissionsCatalog if i change permissions access to file in web.config just like i did in classic asp.net ?
Aug 22, 2007 at 5:48 PM
Hi!

For an example of how to work with IPermissionsCatalog, IRolesCatalog and IAuthorizationService you can read this document.


Using PermissionsCatalog and RolesCatalog

The Admin module uses an IPermissionsCatalog instance to display the available permissions.
The IRolesCatalog instance is used to iterate through roles provided by the configured SqlRoleProvider.
These services are registered by the Shell module.

The permissions catalog must be filled with available permission by every business module in the web site using an IPermissionsCatalog instance.
The following example registers the available permissions for the EFT business module.
protected virtual void RegisterRequiredPermissions(IPermissionsCatalog permissionsCatalog)
{
            Action allowCreateTransfer = new Action("Allow Create Transfers", Permissions.AllowCreateTransfers);
            List<Action> moduleActions = new List<Action>();
            moduleActions.Add(allowCreateTransfer);
            ModuleActionSet set = new ModuleActionSet("Electronic Funds Transfers", moduleActions);
            permissionsCatalog.RegisterPermissionSet(set);        
}

Using AuthorizationService

The default implementation of the ModuleInitializer class for the Shell module registers an instance of EnterpriseLibraryAuthorizationService service.
The Admin module uses this implementation of the IAuthorizationService interface to check whether a role has permission on a given Permission rule.

In this example IPermissionsCatalog, IRolesCatalog and IAuthorizationService are used to fill a permissions collection.
private IAuthorizationService _authorizationService;
private IPermissionsCatalog _permissionsCatalog;
private IRolesCatalog _rolesCatalog;
 
public virtual ModulePermissionSet GetModulePermissionSet(string moduleName)
{
            ModuleActionSet set = _permissionsCatalog.RegisteredPermissions[moduleName];
            List<ModulePermission> modulePermissions = new List<ModulePermission>();
 
            foreach (Action action in set.Actions)
            {
                Dictionary<string, bool> permissions = new Dictionary<string, bool>();
 
                foreach (string role in _rolesCatalog.Roles)
                {
                    permissions.Add(role, _authorizationService.IsAuthorized(role, action.RuleName));
                }
 
                modulePermissions.Add(new ModulePermission(moduleName, action.FriendlyName, permissions));
            }
 
            return new ModulePermissionSet(moduleName, modulePermissions);
}


Hope it helps!

Sebastian Iacomuzzi
http://staff.southworks.net/blogs/siacomuzzi