Skip to main content
BuyLog In
XAF: Cross-Platform .NET App UI & Web API
Search in…
Docs > Application Security and Data Safety > Security (Access Control & Authentication) > Authorization and Data Protection > Check Access Permissions > Show a List of Users Allowed to Read an Object
All docs
V24.1
.NET 6.0+
XAF: Cross-Platform .NET App UI & Web API
Getting Started
Installation, Upgrade, Version History
Backend Web API Service
UI Shell and Base Infrastructure
Storage, ORM, and Business Model Design
Data Manipulation and Business Logic
User Interface and Behavior Customization
Data Filtering
Application Security and Data Safety
Security (Access Control & Authentication)
Security Tiers
User Logon and Authentication
ORM Object Model, Policy Configuration and Storage
Authorization and Data Protection
Check Access Permissions
Determine if the Current User Has Specific Permissions
Show a List of Users Allowed to Read an Object
Filter out Secured Data Based on the Object Owner
Prevent Users from Deleting and Updating Administrative User and Role Objects
Non-XAF UI Scenarios
Security Considerations
Audit Trail (History of Data Changes)
Multi-Tenancy (Data per Tenant)
Validation (Prevent Data Errors)
Conditional Appearance (Manage State of UI Elements)
Reporting (Shape, Export & Print Data)
Analytics (Extract Data Insights)
Document Management
Business Process Management
Event Planning
Localization
Accessibility Support
Debugging, Testing and Error Handling
Deployment
Support, QA & Troubleshooting
API Reference
Download CHM

Show a List of Users Allowed to Read an Object

  • 2 minutes to read

This topic demonstrates how to create an Action to display a list of users whose roles allow reading a specific object.

  1. Create a View Controller with PopupWindowShowAction. This Action displays a list of users in a pop-up window.
  2. In the CustomizePopupWindowParams event handler, use the GetSecurityStrategy(XafApplication) method to get a Security Strategy instance.
  3. Get the ListView’s Object Space and use its CreateListView(Type, Boolean) method to create a new List View for user objects.
  4. Use the IObjectSpace.GetObjects<T>() method to get a list of all users.
  5. To check if each user has permissions that allow reading a target object, use the CanReadByUser(SecurityStrategy, IPermissionPolicyUser, Type, IObjectSpace, Object, String) method.
  6. Customize the List View’s Collection Source and set the CustomizePopupWindowParamsEventArgs.View property to the created List View.
using System;
using System.Collections.Generic;
using DevExpress.Data.Filtering;
using DevExpress.ExpressApp;
using DevExpress.ExpressApp.Actions;
using DevExpress.ExpressApp.Security;
using DevExpress.Persistent.Base;
using DevExpress.Persistent.BaseImpl.PermissionPolicy;
// ...
public class DisplayUsersWithObjectAccessController : ViewController<DetailView> {
    PopupWindowShowAction displayUsersAction;
    public DisplayUsersWithObjectAccessController() : base() {
        displayUsersAction = new PopupWindowShowAction(this, "DisplayUsersWithObjectAccess", PredefinedCategory.View);
        displayUsersAction.ImageName = "Context_Menu_Show_In_Popup";
        displayUsersAction.CustomizePopupWindowParams += DisplayUsersAction_CustomizePopupWindowParams;
    }
    private void DisplayUsersAction_CustomizePopupWindowParams(object sender, CustomizePopupWindowParamsEventArgs e) {
        Type userType = typeof(ApplicationUser);
        ListView listView = Application.CreateListView(userType, true);
        SecurityStrategy securityStrategy = Application.GetSecurityStrategy();
        List<ApplicationUser> users = new List<ApplicationUser>();
        IObjectSpace objectSpace = listView.ObjectSpace;
        foreach (ApplicationUser user in objectSpace.GetObjects<ApplicationUser>()) {
            if (securityStrategy.CanReadByUser(user, 
                    View.ObjectTypeInfo.Type, 
                    View.ObjectSpace, 
                    View.ObjectSpace.GetKeyValue(View.CurrentObject))) {
                        users.Add(user);
                    }
        }
        listView.CollectionSource.Criteria["UsersWithObjectAccess"] = new InOperator(objectSpace.GetKeyPropertyName(userType), users);
        e.View = listView;
    }
}

The following image shows the result:

Note

Refer to the following help topic to see other methods to check a user’s or role’s permissions: Determine if the Current User Has Specific Permissions.

See Also