CSLA .NET

Vibrant discussion about CSLA .NET and using the framework to build great business applications.
Forums » CSLA .NET Framework » CSLA .NET discussion » Type level AuthorizationRules and Child Objects

Type level AuthorizationRules and Child Objects

rated by 0 users
Not Answered This post has 0 verified answers | 1 Reply | 1 Follower

Not Ranked
1 Posts
Carl posted on Fri, Sep 24 2010 9:34 AM

This is regarding CSLA 3.8.3

We (my colleague and I)  have a parent collection that is used to populated grids. Our child objects housed by the collection have type level authorization rules. However these rules are not being honored. The BusinessListBase is happily firing any of the Child... dataportal methods without checking the child's authorization rules. We traced as well as we can in the source and it appears that neither BLB nor the ChildDataPortal check authorization before running the child's DP methods. However, we see the DataPortal class doing these checks. We think we're missing something here. Can someone please shed some light on this?

 

Thanks,

Carl

All Replies

Top 10 Contributor
1,768 Posts
Reply
JonnyBee replied on Fri, Sep 24 2010 9:57 AM

The dataportal only fires AuthorizationChecks on the root level for performance optimization.

For Child methods you must call the methods yourself.

Jonny Bekkum, Norway CslaContrib Coordinator

Page 1 of 1 (2 items) | RSS
Copyright (c) 2006-2010 Marimer LLC. All rights reserved.
Email admin@lhotka.net for support.
Powered by Community Server (Non-Commercial Edition), by Telligent Systems