1. Home
  2. LLBLGen Pro
  3. LLBLGen Pro Runtime Framework

Implenting ACL

Posts   
 
    
laurendc
User
Posts: 4
Joined: 05-Oct-2009
# Posted on: 10-Oct-2009 16:03:45   

Hi!

I am green with LLBLgen and trying to do a proof of concept to replace our custom DAL and associated stored procedures by LLBLGEN. The custom DAL calls SPs for CRUD, access control and auditing services. I was able to implement DAL and CRUD elegantly with LLGEN.

The problem is to figure out how piggyback ACL to that. My first quess would be to generate code that would invoke our existing sql used defined access control function. How can I do that or better?

Samples query, from an SP with ACL support:


...
SELECT ...
FROM  NamedList 
WHERE   
    ... 
    AND FN_ACCESS_VALIDATE(@userId, 'NamedList', objectId,'View') = 'Y'
         .

New DAL :


            using (var adapter = new DataAccessAdapter(StApplicationContext.ConnectionString, true))
            {
                var namedList = ToDal();
                dalList =  namedList.List;
                adapter.FetchEntityCollection(dalList, namedList.GetRelationInfoList());
            }

Thanks

SQL server 2008 .net 3.5 LLBLGen pro 2.6 (demo)

daelmo avatar
daelmo
Support Team
Posts: 8245
Joined: 28-Nov-2005
# Posted on: 11-Oct-2009 19:30:08   

You could add your function to a predicate using DBFunctionCalls. Also consider to use LLBLGen Authorization system.

David Elizondo | LLBLGen Support Team
laurendc
User
Posts: 4
Joined: 05-Oct-2009
# Posted on: 13-Oct-2009 23:14:30   

Thanks!

I am still struggling with it. Help would be very much appreciated.


                // SETUP FILTER 
                var hasPermissionsFct= new DbFunctionCall( "dbo.fn_HasPermissions({0},{1},{2},{3},{4} )", 
                    new object[]  { StUserSession.CurrentSessionId, 
                                            (int) StUserSession.UserId, 
                                            ListFields.Id, 
                                            DBNull.Value, 
                                            permission } );

                var b = new RelationPredicateBucket();
                var a = new PredicateExpression();
                a.Add(new PredicateExpression(hasPermissionsFct, ExOp.GreaterEqual, 0));
                b.PredicateExpression.Add(a);

                // FETCH
                ListTypeEntity namedListType = ToDal();
                lists=  namedListType.Lists;
                adapter.FetchEntityCollection(lists, b);

Compile error on line:

a.Add(new PredicateExpression(functionCall, ExOp.GreaterEqual, 0));

Other issues? Tks

daelmo avatar
daelmo
Support Team
Posts: 8245
Joined: 28-Nov-2005
# Posted on: 14-Oct-2009 05:05:53   

Hi,

You must wrap the DBFunctionCall expression in a field in order to use it in a predicate. Try this:

a.Add(new EntityField2("permissionField", hasPermissionsFct) >= 0);
David Elizondo | LLBLGen Support Team