entity framework - Can I use claims to secure EF fields using PostSharp? -
This post is possible to use claims-based permissions to secure EF areas faster. We have a multi-tanda app which we are going to claim and also there are issues which can read / write which fields I have seen, but this role is based.
As far as I can see it will be a matter of rewriting the irresistible part.
We were hoping to be able to decorate an area with permission and silently ignore any writing if the user was not allowed. We also believed that if they read it then we can swap in other values eg Read the salary and if you do not read any claim, return to 0.
Did I ever have serious AOP to talk about these standard types, so I wanted a quick confirmation before mentioning it as an option.
Yes, it is possible to use this case in the claims based on the examples given by poststop and rbac Must be very easy to convert.
One thing to be considered is the display when the decorated field is often delivered during processing of a case-case (as read inside the loop), so much in the unnecessary security check Time is wasted. A decorative method that represents the end user's use-case will be more appropriate.
When the user has insufficient permissions, then I will quietly fill the values of fields. This can be some very surprising results when the algorithm is fed from anticipated data.
Comments
Post a Comment