Using the built-in RBAC feature of LightSwitch is really cool and easy to use until you have to assign all of your application defined permissions to roles and users. This is usually where the Administration DesktopClient does not scale too well… But of course there is help: and it is especially easy, when you utilize PowerShell to tackle that task.
In order to automate this you just have to create a service wrapper (or Service Reference to be precise) as described already on the LightSwitch Team blog and elsewhere. But instead of using ‘ApplicationData.svc’ as the service reference you specify ‘Microsoft.LightSwitch.SecurityData.svc’ as the data source. And there you are. You now only have to compile the assembly and instantiate it like it is shown in ‘AddRolesPermissions.ps1’:
From there you take the usual approach as already described in my post about the vCAC Management Context (as they use the same underlying technology (‘Microsoft ADO.NET Data Services’).
To assign a permission to a role you would do something like in ‘file-addrolespermissions-ps1’ from the above example.
The same works for adding users to roles and so forth.
[UPDATE] For a more detailed description on what you can also do with the SecurityData.svc and its architecture you can also have a look at Matt Thalman’s article on Using the SecurityData service in LightSwitch.