All docs
V20.1
20.1
19.2
19.1
The page you are viewing does not exist in version 19.1. This link will take you to the root page.
18.2
The page you are viewing does not exist in version 18.2. This link will take you to the root page.
18.1
The page you are viewing does not exist in version 18.1. This link will take you to the root page.
17.2
The page you are viewing does not exist in version 17.2. This link will take you to the root page.
.NET Framework 4.5.2+
.NET Framework 4.5.2+
.NET Standard 2.0+
.NET Core 3.0+

How to: Show a List of Users Allowed to Read an Object

This topic demonstrates how to create an Action to display a list of users whose roles allow reading a specific object.

  1. Create a View Controller with PopupWindowShowAction. This Action displays a list of users in a pop-up window.
  2. In the CustomizePopupWindowParams event handler, use the GetSecurityStrategy(XafApplication) method to get a Security Strategy instance.
  3. Get the ListView's Object Space and use its CreateListView(Type, Boolean) method to create a new List View for user objects.
  4. Use the IObjectSpace.GetObjects<T>() method to get a list of all users.
  5. To check if each user has permissions that allow reading a target object, use the CanReadByUser(SecurityStrategy, IPermissionPolicyUser, Object, String) method.
  6. Customize the List View's Collection Source and set the CustomizePopupWindowParamsEventArgs.View property to the created List View.
using System;
using System.Collections.Generic;
using DevExpress.Data.Filtering;
using DevExpress.ExpressApp;
using DevExpress.ExpressApp.Actions;
using DevExpress.ExpressApp.Security;
using DevExpress.Persistent.Base;
using DevExpress.Persistent.BaseImpl.PermissionPolicy;
// ...
public class DisplayUsersWithObjectAccessController : ViewController<DetailView> {
    PopupWindowShowAction displayUsersAction;
    public DisplayUsersWithObjectAccessController() : base() {
        displayUsersAction = new PopupWindowShowAction(this, "DisplayUsersWithObjectAccess", PredefinedCategory.View);
        displayUsersAction.ImageName = "Context_Menu_Show_In_Popup";
        displayUsersAction.CustomizePopupWindowParams += DisplayUsersAction_CustomizePopupWindowParams;
    }
    private void DisplayUsersAction_CustomizePopupWindowParams(object sender, CustomizePopupWindowParamsEventArgs e) {
        Type userType = typeof(PermissionPolicyUser);
        ListView listView = Application.CreateListView(userType, true);
        SecurityStrategy securityStrategy = Application.GetSecurityStrategy();
        List<IPermissionPolicyUser> users = new List<IPermissionPolicyUser>();
        IObjectSpace objectSpace = listView.ObjectSpace;
        foreach (IPermissionPolicyUser user in objectSpace.GetObjects<PermissionPolicyUser>()) {
            if (securityStrategy.CanReadByUser(user, View.CurrentObject)) {
                users.Add(user);
            }
        }
        listView.CollectionSource.Criteria["UsersWithObjectAccess"] = new InOperator(objectSpace.GetKeyPropertyName(userType), users);
        e.View = listView;
    }
}

The following image shows the result:

NOTE

Refer to the IsGrantedExtensions class description to see other methods to check a user's or role's permissions.

See Also