AuthenticationActiveDirectory.CustomCreateUser Event

Occurs when a user is created automatically.

Namespace: DevExpress.ExpressApp.Security

Assembly: DevExpress.ExpressApp.Security.v24.1.dll

NuGet Package: DevExpress.ExpressApp.Security

Declaration

C#
VB.NET

public event EventHandler<CustomCreateUserEventArgs> CustomCreateUser

Public Event CustomCreateUser As EventHandler(Of CustomCreateUserEventArgs)

Event Data

The CustomCreateUser event's data class is CustomCreateUserEventArgs. The following properties provide information specific to this event:

Property	Description
Handled	Gets or sets a value that indicates whether the event handler has completely handled the event or whether the system should continue its own processing. Inherited from HandledEventArgs.
ObjectSpace	Gets an Object Space used to create a user persistent object.
User	Specifies an auto-created user.
UserName	Gets the login name of the auto-created user.

Remarks

When the AuthenticationActiveDirectory.CreateUserAutomatically property is set to true, the Security System creates a user for the Windows account used to start the application. To customize this process, handle the CustomCreateUser event and assign a user object to the CustomCreateUserEventArgs.User parameter. Set the Handled parameter to true to cancel the default user creation.

The following example demonstrates how to handle this event and create a new user associated with a low-privileged “Default” role in the event handler:

File: MySolution.Win\WinApplication.cs (MySolution.Win\WinApplication.vb)

C#
VB.NET

using DevExpress.Data.Filtering;
using DevExpress.ExpressApp.Security;
using DevExpress.ExpressApp.Security.Strategy;
// ...
public partial class MySolutionWindowsFormsApplication : WinApplication {
    public MySolutionWindowsFormsApplication() {
        // ...
        authenticationActiveDirectory1.CustomCreateUser += authenticationActiveDirectory1_CustomCreateUser;
    }
    private void authenticationActiveDirectory1_CustomCreateUser(object sender, CustomCreateUserEventArgs e) {
        ApplicationUser user = e.ObjectSpace.CreateObject<ApplicationUser>();
        user.UserName = e.UserName;
        PermissionPolicyRole defaultRole = 
            e.ObjectSpace.FirstOrDefault<PermissionPolicyRole>(role => role.Name == "Default");
        if (defaultRole != null) {
            user.Roles.Add(defaultRole);
        }
        e.User = user;
        e.Handled = true;
    }
    // ...
}

Imports DevExpress.Data.Filtering
Imports DevExpress.ExpressApp.Security
Imports DevExpress.ExpressApp.Security.Strategy
' ...
Partial Public Class MySolutionWindowsFormsApplication
    Inherits WinApplication
    Public Sub New()
        ' ...
        AddHandler authenticationActiveDirectory1.CustomCreateUser,
            AddressOf authenticationActiveDirectory1_CustomCreateUser
    End Sub
    Private Sub authenticationActiveDirectory1_CustomCreateUser(ByVal sender As Object, 
        ByVal e As CustomCreateUserEventArgs)
        Dim user As ApplicationUser = e.ObjectSpace.CreateObject(Of ApplicationUser)()
        user.UserName = e.UserName
        Dim defaultRole As PermissionPolicyRole = 
            e.ObjectSpace.FirstOrDefault(Function(role as PermissionPolicyRole) role.Name = "Default")
        If defaultRole IsNot Nothing Then
            user.Roles.Add(defaultRole)
        End If
        e.User = user
        e.Handled = True
    End Sub
    ' ...
End Class

To create this “Default” role, override the ModuleUpdater.UpdateDatabaseAfterUpdateSchema method in the Updater.cs (Updater.vb) file (the Solution Wizard adds similar code):

File: MySolution.Module\DatabaseUpdate\Updater.cs (MySolution.Module\DatabaseUpdate\Updater.vb)

C#
VB.NET

public override void UpdateDatabaseAfterUpdateSchema() {
    base.UpdateDatabaseAfterUpdateSchema();
    // ...
    PermissionPolicyRole defaultRole = ObjectSpace.FirstOrDefault<PermissionPolicyRole>(role => role.Name == "Default");
    if(defaultRole == null) {
        defaultRole = ObjectSpace.CreateObject<PermissionPolicyRole>();
        defaultRole.Name = "Default";
        defaultRole.AddObjectPermissionFromLambda<ApplicationUser>(SecurityOperations.Read, u => u.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
        defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
        defaultRole.AddMemberPermissionFromLambda<ApplicationUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", u => u.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
        defaultRole.AddMemberPermissionFromLambda<ApplicationUser>(SecurityOperations.Write, "StoredPassword", u => u.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
        defaultRole.AddTypePermissionsRecursively<PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
        defaultRole.AddTypePermissionsRecursively<ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
        defaultRole.AddTypePermissionsRecursively<ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
        defaultRole.AddTypePermissionsRecursively<ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
        defaultRole.AddTypePermissionsRecursively<ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);                
    }
    ObjectSpace.CommitChanges();
}

Public Overrides Sub UpdateDatabaseAfterUpdateSchema()
    MyBase.UpdateDatabaseAfterUpdateSchema()
    ' ...
    Dim defaultRole As PermissionPolicyRole = ObjectSpace.FirstOrDefault(Function(role as PermissionPolicyRole) role.Name = "Default")
    If defaultRole Is Nothing Then
        defaultRole = ObjectSpace.CreateObject(Of PermissionPolicyRole)()
        defaultRole.Name = "Default"
        defaultRole.AddObjectPermissionFromLambda(Of ApplicationUser)(SecurityOperations.Read, Function(u As ApplicationUser) u.Oid = CType(CurrentUserIdOperator.CurrentUserId(), Guid), SecurityPermissionState.Allow)
        defaultRole.AddNavigationPermission("Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow)
        defaultRole.AddMemberPermissionFromLambda(Of ApplicationUser)(SecurityOperations.Write, "ChangePasswordOnFirstLogon", Function(u As ApplicationUser) u.Oid = CType(CurrentUserIdOperator.CurrentUserId(), Guid), SecurityPermissionState.Allow)
        defaultRole.AddMemberPermissionFromLambda(Of ApplicationUser)(SecurityOperations.Write, "StoredPassword", Function(u As ApplicationUser) u.Oid = CType(CurrentUserIdOperator.CurrentUserId(), Guid), SecurityPermissionState.Allow)
        defaultRole.AddTypePermissionsRecursively(Of PermissionPolicyRole)(SecurityOperations.Read, SecurityPermissionState.Deny)
        defaultRole.AddTypePermissionsRecursively(Of ModelDifference)(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow)
        defaultRole.AddTypePermissionsRecursively(Of ModelDifferenceAspect)(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow)
        defaultRole.AddTypePermissionsRecursively(Of ModelDifference)(SecurityOperations.Create, SecurityPermissionState.Allow)
        defaultRole.AddTypePermissionsRecursively(Of ModelDifferenceAspect)(SecurityOperations.Create, SecurityPermissionState.Allow)
    End If
    ObjectSpace.CommitChanges()
End Sub

Controls

Tools

Controls and Extensions

Tools

Maintenance Mode

Controls

Tools

Controls and Extensions

Tools

Maintenance Mode

AuthenticationActiveDirectory.CustomCreateUser Event

Declaration

Event Data

Remarks