The Permission Policy determines Security System behavior when there are no explicitly specified permissions for a specific type, object or member. The default permission policy can be selected when creating a new XAF application using the Solution Wizard.

 

 Deny

 

This policy type is required for providing compatibility to an older versions of XAF. The Deny policy implies that access is always denied when there are no explicitly specified permissions. In new applications, using the Allow/Deny policy instead of Deny is recommended. The Allow/Deny policy allows you to create more complex and flexible security configurations.

Note

Navigation Permissions are not supported for individual navigation items when the Deny Permission Policy is selected. The Navigation Permissions tab is not available in this mode. However, you can specify nevigation permissions for each type in the Type Permissions tab.

 

 Allow/Deny

 

With the Allow/Deny permission policy, your application administrators can allow access to all data within the application for a specific role and simultaneously deny access to a few data types or members. Alternatively, it is possible to deny access to all data for a role and only allow access to a strict list of objects or members. Both approaches make it easy to allow/deny data access across a broad range of use-case scenarios. To use this feature, choose Allow/Deny Permission Policy on the Choose Security page of the Solution Wizard.

Note

If your application is created in earlier XAF versions, you need to upgrade an existing project to the Allow/Deny permissions policy. If you use Entity Framework as the ORM system, you may also need to perform a migration to switch from Deny to the Allow/Deny policy.

The following types of security users and roles are used with the Allow/Deny permission policy.

  Built-in XPO classes Built-in Entity Framework classes Common interfaces to support in custom classes
User Type PermissionPolicyUser PermissionPolicyUser IPermissionPolicyUser
Role Type PermissionPolicyRole PermissionPolicyRole IPermissionPolicyRole

The Entity Framework and XPO versions of these classes are declared in the Business Class Library. The primary difference with classes used for the Deny policy (SecuritySystemUser/User and SecuritySystemRole/Role) is that the role object exposes the IPermissionPolicyRole.PermissionPolicy property (declared in the IPermissionPolicyRole interface).

With this property, you can assign "deny all", "read only all" or "allow all" default permission policies for each role. For each operation, you can explicitly specify the Allow or Deny modifier or leave it blank.

If the modifier is not specified, the permission is determined by the role's policy type. Note that the role's policy has the lowest priority and is in play only when permissions are not explicitly specified.

Permission Policies的更多相关文章

  1. SharePoint Security and Permission System Overview

    转:http://www.sharepointblues.com/2010/09/01/sharepoint-security-and-permission-system-overview/ Shar ...

  2. Using the Security System 使用安全系统

    In this lesson, you will learn how to use a Security System in the application. When you use this sy ...

  3. Request for the permission of type异常

    调用wcf调用的时候引发一个错误,错误信息如下: <Message>Request for the permission of type 'System.Configuration.Con ...

  4. apache 访问权限出错,apache selinux 权限问题, (13) Permission Denied

    今天在使用 httpd 做文件服务器的时候,发现 png 图像没有打开,但是原本www/html 文件夹内部的文件就可以打开.后来猜测是selinux 的问题,之前一直想写一篇关于selinux 的博 ...

  5. Android权限管理之Permission权限机制及使用

    前言: 最近突然喜欢上一句诗:"宠辱不惊,看庭前花开花落:去留无意,望天空云卷云舒." 哈哈~,这个和今天的主题无关,最近只要不学习总觉得生活中少了点什么,所以想着围绕着最近面试过 ...

  6. [Django]用户权限学习系列之Permission权限基本操作指令

    若需建立py文件进行测试,则在文件开始加入以下代码即可 #coding:utf-8 import os os.environ.setdefault("DJANGO_SETTINGS_MODU ...

  7. SharePoint 2103 Check user permission on list

    一.需求: check user 对SharePoint list 的permission 代码如下: private static string GetListPermission(SPList l ...

  8. vsftpd安装配置 530 Permission denied.错误

    yum install vsftpd service vsftpd start 530 Permission denied.错误 /etc/vsftpd/user_list    该文件里的用户账户在 ...

  9. RBAC中 permission , role, rule 的理解

    Role Based Access Control (RBAC)——基于角色的权限控制 permission e.g. creating posts, updating posts role A ro ...

随机推荐

  1. (1)构造方法和方法重载 (2)this关键字 (3)方法的传参和递归调用

    1.构造方法和方法重载如: Person p = new Person(); - 声明Person类型的引用p指向Person类型的对象 p.show(); - 调用名字为show()的成员方法 1. ...

  2. 内置数据结构(str)

    一.字符串(str) 1.字符串在python2版本中为一个byte序列,在python3版本中为一个unicode序列,并且字符串是不可变的. sr = str() sr = 'string' sr ...

  3. 映射函数map

    映射函数map 语法: map(function, iterable) 迭代对象中 的每一个元素进行映射, 分别执行function函数 例子:  ls =[1,2,3,4,5,6] def func ...

  4. [转载并收藏]JavaScript 疲劳终极指南:我们行业的真相

    这篇文章说的深得我心,特别是前半段. 特此收藏. 中文译文:http://www.zcfy.cc/article/the-ultimate-guide-to-javascript-fatigue-re ...

  5. 破解myeclipse10失败的一个奇葩原因

    昨天开发用的myeclipse10突然弹窗提示我要激活,我清楚的记得安装时候已经破解并且看到激活信息了. 翻遍搜索出来的文章,改systemid之类的也试过了,问题依旧存在,很是绝望. 今早过来机灵了 ...

  6. EclEmma安装与使用

    安装 EclEmma 插件的过程和大部分 Eclipse 插件相同,我们既可以通过 Eclipse 标准的 Update 机制来远程安装 EclEmma 插件(图 1),也可以从站点(参阅参考资源)下 ...

  7. 【linux】安装和配置 mysql服务器

    按照官网教程,根据自己的系统安装不同的发行版 https://dev.mysql.com/doc/refman/5.6/en/linux-installation-yum-repo.html 配置: ...

  8. Scala学习——Scala By Example——to be continued

    这一篇是来自官网的Scala By Example 即Tutorial后更详细地对Scala怎么用给了示例 该文一开始给了一个快速排序的示例 版本一: def sort(xs: Array[Int]) ...

  9. SGU---101 无向图的欧拉回路

    题目链接: https://cn.vjudge.net/problem/SGU-101 题目大意: 给定你n张骨牌,每张牌左右两端有一个数字,每张牌的左右两端数字可以颠倒,找出一种摆放骨牌的顺序,使得 ...

  10. python第二十一课——str中的常用函数(重要)

    演示str中常用的一些函数: 1.join():将容器对象以某种特定的格式(字符串)进行拼接组合,最后以字符串的形式返回 lt=['i','love','you','very','much'] str ...