Skip to content

The Permission System

Jump to bottom Edit New page
Ioan Crisan edited this page Oct 16, 2018 · 5 revisions

Aims of a permission system

Data must be protected from unauthorized access for different kind of reasons. Kephas brings the required support at multiple levels providing built-in services supporting multiple authorization scenarios.

Permissions

Permissions are basically string tokens required by certain operations in a given context. Permissions:

  • may use an "inheritance" model, with the meaning that if a permission inherits another permission, both of them are granted to the role associated to them.
  • can be scoped to entity hierarchies and further to entity sections, meaning that they are granted only within that specific scope.

Permissions have associated metadata collected by the model space. They may be defined using interfaces with multiple inheritance, or (abstract) classes annotated with [GrantPermission] attributes. To define custom permissions, use the following steps:

  1. Define the type holding the permission metadata.
[PermissionType("admin")]
public interface IAdminPermission : ICrudPermission, IExportImportPermission
{
}

// alternative way using abstract classes.
[PermissionType("admin")]
[GrantsPermission(typeof(CrudPermission), typeof(ExportImportPermission))]
public abstract class AdminPermission
{
}
  1. Annotate the assembly/namespace containing the definitions with [PermissionAssembly] attribute.
[assembly: PermissionAssembly("MyApp.Security.Permissions")]
  1. Use the permission using its .NET type, typically in [RequiresPermission] or [SupportsPermission] attributes. Alternatively, such attributes support also permission names (strings), but it is not that safe for refactorings.
/// <summary>
/// An export hierarchy message.
/// </summary>
[RequiresPermission(typeof(IExportImportPermission))]
public class ExportHierarchyMessage : EntityActionMessage
{
    /// <summary>
    /// Gets or sets the export media type to use.
    /// </summary>
    /// <value>
    /// The export media type.
    /// </value>
    public string MediaType { get; set; }
}

Note: It may be more practical to use interfaces, because this way the inheritance hierarchy can be displayed in a class diagram. Anyway, the interface inheritance model and the grants model can be combined, having the same effect.

Scoping permissions

Permissions may indicate a certain application scope. This can be:

  • Global: No scoping required for this permission type, it will be granted and verified at global level.
  • Type: The scope for this permission is the entity type.
  • Instance: The scope for this permission is the entity instance.

These values are flags which can be combined to provide multiple supported scenarios for a specific permission type.

Add a custom footer

Quick Links

Foreword

Core Components

Dependency Injection

Logging

Dynamic objects

Application Configuration

Application Environment

Application Lifetime Management

Data Management

The architecture of data access infrastructure

Data Commands

Data Behaviors

Securing the data

Messaging

The architecture of messaging infrastructure

In-Process messaging

Distributed messaging

Securing the messaging infrastructure

Events

Modeling

Multidimensional Model

Security

The permission system

Authorization Service

Clone this wiki locally