Reading Paul’s article Being serious about the Command Table Pattern definitely helped me on a tricky problem I had to solve for a customer. However when you really make heavy use of that you will notice that you now have only reduced security features available. For example, when you want selected users to only read a specific “Verb” or command from that table you cannot just use the “CanRead” function on the table. you have to perform these checks in the respective function of that “Query”.
In addition, even if you do these checks the whole table itself is still readable by any user. The only solution I could come up with is by checking the role in the “Query_Executing” method and throwing an exception in case the role does not match:

partial void Query_Executing(QueryExecutingDescriptor queryDescriptor)
  if (queryDescriptor.Name.Equals("CommandTable", StringComparison.InvariantCultureIgnoreCase))
    if (!this.Application.User.IsInRole("UberAdmin"))
      throw new UnauthorizedAccessException();

1 Comment »

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.