Rhino.Security: Hierarchy Entity Groups

Patricia Vandermeer

unread,

Apr 12, 2010, 2:38:10 PM4/12/10

to Rhino Tools Dev

Hello,

I've been playing with the new Hierarchy and it looks great! This will hopefully really simplify my groups!

I've run into a problem with the addPermissionToQuery though! I'm getting expected results from the authorizationService.IsAllowed and authorizationService.GetAuthoriazationInformation . But when i tried adding the permissions to a criteria it doesn't seem to see the permissions from the parent entity group so i'm getting 0 results back.

Here's a sample bit that illustrates this:
-----------------------
            Dim adminUser As New User With {.UserName = "Admin"}
            UnitOfWork.CurrentSession.Save(adminUser)

            authorizationRepository.CreateUsersGroup("Admins")
            UnitOfWork.Current.TransactionalFlush()

            authorizationRepository.CreateEntitiesGroup("SomeEntities")
            UnitOfWork.Current.TransactionalFlush()

            authorizationRepository.CreateChildEntityGroupOf("SomeEntities", "SomeChildEntities")
            UnitOfWork.Current.TransactionalFlush()

            authorizationRepository.CreateOperation("/TestEntity/Edit")
            UnitOfWork.Current.TransactionalFlush()

            Dim childEntity As New Qualification With {.Name = "Child Entity 1"}
            UnitOfWork.CurrentSession.Save(childEntity)
            Dim childEntity2 As New Qualification With {.Name = "Child Entity 2"}
            UnitOfWork.CurrentSession.Save(childEntity2)

            authorizationRepository.AssociateEntityWith(childEntity, "SomeChildEntities")
            UnitOfWork.Current.TransactionalFlush()

            authorizationRepository.AssociateEntityWith(childEntity2, "SomeChildEntities")
            UnitOfWork.Current.TransactionalFlush()

            permissionsBuilderService.Allow("/TestEntity") _
                .For(adminUser) _
                .On("SomeEntities") _
                .DefaultLevel() _
                .Save()

            UnitOfWork.Current.TransactionalFlush()

            Console.WriteLine("{0} can Edit {1} 's Entitles: {2}", adminUser.UserName, childEntity.Name, authorizationService.IsAllowed(adminUser, childEntity, "/TestEntity/Edit"))
            Console.WriteLine("{0} can Edit {1} 's Entitles: {2}", adminUser.UserName, childEntity2.Name, authorizationService.IsAllowed(adminUser, childEntity, "/TestEntity/Edit"))

            Console.WriteLine(authorizationService.GetAuthorizationInformation(adminUser, childEntity, "/TestEntity/Edit"))
            Console.WriteLine(authorizationService.GetAuthorizationInformation(adminUser, childEntity2, "/TestEntity/Edit"))

            Dim theCrit As ICriteria = UnitOfWork.CurrentSession.CreateCriteria(GetType(Qualification))
            authorizationService.AddPermissionsToQuery(adminUser, "/TestEntity/Edit", theCrit)
            Dim entities As IList(Of Qualification) = theCrit.List(Of Qualification)()
            Console.WriteLine("Number of Qualifications admin can edit:{0}", entities.Count.ToString)

            For Each q In entities
                Console.WriteLine(q.Name)
            Next

------------

Has anyone else had a chance to test this out?   Is it working for you?

patricia

unread,

Apr 15, 2010, 9:54:03 AM4/15/10

to Rhino Tools Dev

no one else has used the entity group hierarchy yet?

On Apr 12, 2:38 pm, Patricia Vandermeer

Beto

unread,

Apr 15, 2010, 12:19:28 PM4/15/10

to Rhino Tools Dev

From what I can see adding permission to a query is only going to down
to one level of grouping. It is not traversing the hierarchy. Feel
free to submit a patch.

Patricia Vandermeer

unread,

Apr 15, 2010, 12:57:28 PM4/15/10

to rhino-t...@googlegroups.com

i'm not even sure where to begin for something like that! but i'll poke around and see what i can figure out :) i'm certainly willing to try.

--
You received this message because you are subscribed to the Google Groups "Rhino Tools Dev" group.
To post to this group, send email to rhino-t...@googlegroups.com.
To unsubscribe from this group, send email to rhino-tools-d...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rhino-tools-dev?hl=en.

Jim Wheaton

unread,

Jun 10, 2010, 1:14:12 PM6/10/10

to Rhino Tools Dev

Any resolution on this issue? Creating the entity group hierarchy
works well, but looking at the query created by .AddPermissionsToQuery
in NHProf, there is no join out to the EntityGroupsHierarchy.

On Apr 15, 9:57 am, Patricia Vandermeer

> > rhino-tools-d...@googlegroups.com<rhino-tools-dev%2Bunsubscribe@ googlegroups.com>
> > .

Nathan Stott

unread,

Jun 11, 2010, 4:10:16 PM6/11/10

to rhino-t...@googlegroups.com

I'll take a look at this on Monday

To unsubscribe from this group, send email to rhino-tools-d...@googlegroups.com.

Beto

unread,

Jun 12, 2010, 3:35:20 AM6/12/10

to Rhino Tools Dev

I can assist in submitting a patch since no one else has yet. Jim if
you would like to team up that would be great. I will take a look at
the source when I get back to work on monday.

Bhoomi

unread,

May 10, 2011, 5:59:28 AM5/10/11

to Beto, rhino-t...@googlegroups.com

Has anyone created a patch for this?

I am also facing the same issue, AddPermissionsToQuery returns 0
records.

Beto

unread,

May 10, 2011, 12:02:02 PM5/10/11

to Rhino Tools Dev

A fix was found but it was deemed to slow, in order to improve
performance, de-normalizing the db was recommended. I don't have the
time but if you are interested here is the discussion:
http://groups.google.com/group/rhino-tools-dev/browse_thread/thread/6e036ee4ec95f175/fb46c4833fffb9b5#fb46c4833fffb9b5

Reply all

Reply to author

Forward