Reading Paul’s article Being serious about the Command Table Pattern definitely helped me on a tricky problem I had to solve for a customer. However when you really make heavy use of that you will notice that you now have only reduced security features available. For example, when you want selected users to only read a specific “Verb” or command from that table you cannot just use the “CanRead” function on the table. you have to perform these checks in the respective function of that “Query”.
In addition, even if you do these checks the whole table itself is still readable by any user. The only solution I could come up with is by checking the role in the “Query_Executing” method and throwing an exception in case the role does not match:

partial void Query_Executing(QueryExecutingDescriptor queryDescriptor)
{
  if (queryDescriptor.Name.Equals("CommandTable", StringComparison.InvariantCultureIgnoreCase))
  {
    if (!this.Application.User.IsInRole("UberAdmin"))
    {
      throw new UnauthorizedAccessException();
    }
  }
}
Posted on 1 By Ronald Rink LightSwitch Posted in LightSwitch Tagged #,

Ronald Rink

I am a senior auditor and consultant at d-fens for business processes and information systems.

1 Comment »

  1. Pingback: LightSwitch and NonSQL Data Structures with Server Side Validation – d-fens GmbH

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.