Skip to main content
BuyLog In
XAF: Cross-Platform .NET App UI & Web API
Search in…
Docs > API Reference > DevExpress.ExpressApp.EFCore > SecuredPropertySetter > Methods > SetPropertyValueWithSecurityBypass<T>(Object, String, T)
All docs
V24.1
.NET 6.0+
  • The page you are viewing does not exist in the .NET Framework 4.5.2+ platform documentation. This link will take you to the parent topic of the current section.
XAF: Cross-Platform .NET App UI & Web API
Getting Started
Installation, Upgrade, Version History
Backend Web API Service
UI Shell and Base Infrastructure
Storage, ORM, and Business Model Design
Data Manipulation and Business Logic
User Interface and Behavior Customization
Data Filtering
Application Security and Data Safety
Multi-Tenancy (Data per Tenant)
Validation (Prevent Data Errors)
Conditional Appearance (Manage State of UI Elements)
Reporting (Shape, Export & Print Data)
Analytics (Extract Data Insights)
Document Management
Business Process Management
Event Planning
Localization
Accessibility Support
Debugging, Testing and Error Handling
Deployment
Support, QA & Troubleshooting
API Reference
DevExpress.EasyTest.Framework
DevExpress.EntityFrameworkCore.Security
DevExpress.ExpressApp
DevExpress.ExpressApp.Actions
DevExpress.ExpressApp.ApplicationBuilder
DevExpress.ExpressApp.AspNetCore
DevExpress.ExpressApp.AuditTrail
DevExpress.ExpressApp.Blazor
DevExpress.ExpressApp.Blazor.ApplicationBuilder
DevExpress.ExpressApp.Blazor.Editors
DevExpress.ExpressApp.Blazor.Editors.Grid
DevExpress.ExpressApp.Blazor.Editors.Models
DevExpress.ExpressApp.Blazor.Services
DevExpress.ExpressApp.Blazor.SystemModule
DevExpress.ExpressApp.Blazor.Templates.Navigation
DevExpress.ExpressApp.Chart
DevExpress.ExpressApp.Chart.Win
DevExpress.ExpressApp.CloneObject
DevExpress.ExpressApp.ConditionalAppearance
DevExpress.ExpressApp.Core
DevExpress.ExpressApp.Dashboards
DevExpress.ExpressApp.Dashboards.Blazor
DevExpress.ExpressApp.Dashboards.Blazor.Components
DevExpress.ExpressApp.Dashboards.Blazor.Components.Models
DevExpress.ExpressApp.Dashboards.Blazor.Controllers
DevExpress.ExpressApp.Dashboards.Blazor.Services
DevExpress.ExpressApp.Dashboards.Win
DevExpress.ExpressApp.Data
DevExpress.ExpressApp.DC
DevExpress.ExpressApp.DC.ClassGeneration
DevExpress.ExpressApp.Editors
DevExpress.ExpressApp.EFCore
EFCoreObjectSpace
EFCoreObjectSpaceProvider<TDbContext>
SecuredPropertySetter
Members
Methods
SetPropertyValueWithSecurityBypass<T>(Object, String, T)
DevExpress.ExpressApp.FileAttachments.Blazor
DevExpress.ExpressApp.FileAttachments.Win
DevExpress.ExpressApp.Filtering
DevExpress.ExpressApp.Kpi
DevExpress.ExpressApp.Layout
DevExpress.ExpressApp.MiddleTier
DevExpress.ExpressApp.Model
DevExpress.ExpressApp.Model.Core
DevExpress.ExpressApp.Model.NodeGenerators
DevExpress.ExpressApp.ModelEditor
DevExpress.ExpressApp.Notifications
DevExpress.ExpressApp.Notifications.Blazor
DevExpress.ExpressApp.Notifications.Win
DevExpress.ExpressApp.Office
DevExpress.ExpressApp.Office.Blazor
DevExpress.ExpressApp.Office.Win
DevExpress.ExpressApp.PivotChart
DevExpress.ExpressApp.PivotChart.Win
DevExpress.ExpressApp.PivotGrid
DevExpress.ExpressApp.PivotGrid.Win
DevExpress.ExpressApp.ReportsV2
DevExpress.ExpressApp.ReportsV2.Blazor
DevExpress.ExpressApp.ReportsV2.Services
DevExpress.ExpressApp.ReportsV2.Win
DevExpress.ExpressApp.Scheduler
DevExpress.ExpressApp.Scheduler.Blazor
DevExpress.ExpressApp.Scheduler.Blazor.Editors
DevExpress.ExpressApp.Scheduler.Win
DevExpress.ExpressApp.ScriptRecorder
DevExpress.ExpressApp.ScriptRecorder.Win
DevExpress.ExpressApp.Security
DevExpress.ExpressApp.Security.Adapters
DevExpress.ExpressApp.Security.Authentication
DevExpress.ExpressApp.Security.ClientServer
DevExpress.ExpressApp.Security.ClientServer.Wcf
DevExpress.ExpressApp.Security.ClientServer.WebApi
DevExpress.ExpressApp.Security.EF.Adapters
DevExpress.ExpressApp.Security.Strategy
DevExpress.ExpressApp.Security.Xpo.Adapters
DevExpress.ExpressApp.Services.Localization
DevExpress.ExpressApp.StateMachine
DevExpress.ExpressApp.SystemModule
DevExpress.ExpressApp.Templates
DevExpress.ExpressApp.Templates.ActionContainers
DevExpress.ExpressApp.TreeListEditors
DevExpress.ExpressApp.TreeListEditors.Win
DevExpress.ExpressApp.Updating
DevExpress.ExpressApp.Utils
DevExpress.ExpressApp.Validation
DevExpress.ExpressApp.Validation.Win
DevExpress.ExpressApp.ViewVariantsModule
DevExpress.ExpressApp.WebApi.Services
DevExpress.ExpressApp.Win
DevExpress.ExpressApp.Win.ApplicationBuilder
DevExpress.ExpressApp.Win.Core
DevExpress.ExpressApp.Win.Editors
DevExpress.ExpressApp.Win.Model
DevExpress.ExpressApp.Win.SystemModule
DevExpress.ExpressApp.Win.Templates
DevExpress.ExpressApp.Win.Templates.Navigation
DevExpress.ExpressApp.Win.Utils
DevExpress.ExpressApp.Xpo
DevExpress.ExpressApp.Xpo.Utils
DevExpress.Persistent.AuditTrail
DevExpress.Persistent.Base
DevExpress.Persistent.Base.General
DevExpress.Persistent.Base.ReportsV2
DevExpress.Persistent.Base.Security
DevExpress.Persistent.BaseImpl
DevExpress.Persistent.BaseImpl.AuditTrail.Services
DevExpress.Persistent.BaseImpl.EF
DevExpress.Persistent.BaseImpl.EF.PermissionPolicy
DevExpress.Persistent.BaseImpl.PermissionPolicy
DevExpress.Persistent.Validation
Download CHM

SecuredPropertySetter.SetPropertyValueWithSecurityBypass<T>(Object, String, T) Method

Sets a persistent object’s property value bypassing security checks.

Namespace: DevExpress.ExpressApp.EFCore

Assembly: DevExpress.ExpressApp.EFCore.v24.1.dll

NuGet Package: DevExpress.ExpressApp.EFCore

Declaration

public static void SetPropertyValueWithSecurityBypass<T>(
    object obj,
    string propertyName,
    T value
)

Parameters

Name Type Description
obj Object

An object whos property to set.
propertyName String

The name of the property to set.
value T

The value to assign to the property.

Type Parameters

Name Description
T

The type of the value assigned to the property.

Remarks

The SetPropertyValueWithSecurityBypass static method allows you to modify the value of a business object’s property even if write access to this property is denied for the current user by the XAF Security System. If your business object class extends BaseObject and you need to modify this object’s own property, you can use the BaseObject.SetPropertyValueWithSecurityBypass protected method instead.

In applications with middle-tier security, you can call this method only from a business object’s IXafEntityObject.OnSaving method, otherwise an exception is thrown.

Note

In applications with middle-tier security, an object’s OnSaving method is only called on the middle-tier server side. From this method, you can call SetPropertyValueWithSecurityBypass to set values of business object properties even if the client application has no access rights for these properties. Thus, you can use this method to securely initialize properties with sensitive data (it is also important that you define access rules to additionally restrict access to these properties for application users).

The following code snippet demonstrates how to use this method to initialize CreatedBy, UpdatedBy, and UpdatedOn properties of a business class.

using DevExpress.ExpressApp;
using DevExpress.ExpressApp.EFCore;
using DevExpress.Persistent.Base;
using System.ComponentModel;
using System.ComponentModel.DataAnnotations;
// ...
public class TestClass : IXafEntityObject, IObjectSpaceLink { 
    // ...
    [ModelDefault(nameof(IModelCommonMemberViewItem.AllowEdit), "False")]
    public virtual ApplicationUser CreatedBy { get; set; }
    [ModelDefault(nameof(IModelCommonMemberViewItem.AllowEdit), "False")]
    public virtual ApplicationUser UpdatedBy { get; set; }
    [ModelDefault(nameof(IModelCommonMemberViewItem.AllowEdit), "False")]
    [ModelDefault(nameof(IModelCommonMemberViewItem.DisplayFormat), "G")]
    public virtual DateTime? UpdatedOn { get; set; }

    ApplicationUser GetCurrentUser() {
        return ObjectSpace.GetObjectByKey<ApplicationUser>(
            ObjectSpace.ServiceProvider.GetRequiredService<ISecurityStrategyBase>().UserId);
    }

    void OnSaving() {
        base.OnSaving();
        if (ObjectSpace.IsNewObject(this)) {
            SecuredPropertySetter.SetPropertyValueWithSecurityBypass(nameof(CreatedBy), GetCurrentUser());
        }
        else {
            SecuredPropertySetter.SetPropertyValueWithSecurityBypass(nameof(UpdatedBy), GetCurrentUser());
            SecuredPropertySetter.SetPropertyValueWithSecurityBypass(nameof(UpdatedOn), DateTime.Now);
        }
    }
}
See Also