AuthenticationActiveDirectory.CustomCreateUser Event

Occurs when a user is auto-created.

Namespace: DevExpress.ExpressApp.Security

Assembly: DevExpress.ExpressApp.Security.v18.2.dll

Declaration

C#
VB.NET

public event EventHandler<CustomCreateUserEventArgs> CustomCreateUser

Public Event CustomCreateUser As EventHandler(Of CustomCreateUserEventArgs)

Event Data

The CustomCreateUser event's data class is CustomCreateUserEventArgs. The following properties provide information specific to this event:

Property	Description
Handled	Gets or sets a value that indicates whether the event handler has completely handled the event or whether the system should continue its own processing. Inherited from HandledEventArgs.
ObjectSpace	Gets an Object Space used to create a user persistent object.
User	Specifies an auto-created user.
UserName	Gets the login name of the auto-created user.

Remarks

When the AuthenticationActiveDirectory.CreateUserAutomatically property is set to true, a user is automatically created for the Windows account used to start the application. You can customize this process by handling the CustomCreateUser event and assigning a user object to the handler’s CustomCreateUserEventArgs.User parameter. Set the handler’s Handled parameter to true to cancel the default user creation.

To subscribe to the CustomCreateUser event, run the Application Designer and focus the AuthenticationActiveDirectory component. Then, in the Properties window, switch to Events and double click CustomCreateUser in the property grid.

CustomCreateUser_Designer

As the result, the empty event handler will be created. For instance, you can add a code to it that creates a new user associated with a low-privileged “Default” role:

C#
VB.NET

using DevExpress.Data.Filtering;
using DevExpress.ExpressApp.Security;
using DevExpress.ExpressApp.Security.Strategy;
// ...
private void authenticationActiveDirectory1_CustomCreateUser(object sender, CustomCreateUserEventArgs e) {
    PermissionPolicyUser user = e.ObjectSpace.CreateObject<PermissionPolicyUser>();
    user.UserName = e.UserName;
    PermissionPolicyRole defaultRole = 
        e.ObjectSpace.FindObject<PermissionPolicyRole>(new BinaryOperator("Name", "Default"));
    if (defaultRole != null) {
        user.Roles.Add(defaultRole);
    }
    e.User = user;
    e.Handled = true;
}

Imports DevExpress.Data.Filtering
Imports DevExpress.ExpressApp.Security
Imports DevExpress.ExpressApp.Security.Strategy
' ...
Private Sub authenticationActiveDirectory1_CustomCreateUser(ByVal sender As Object, ByVal e As CustomCreateUserEventArgs)
    Dim user As PermissionPolicyUser = e.ObjectSpace.CreateObject(Of PermissionPolicyUser)()
    user.UserName = e.UserName
    Dim defaultRole As PermissionPolicyRole = e.ObjectSpace.FindObject(Of PermissionPolicyRole)(New BinaryOperator("Name", "Default"))
    If defaultRole IsNot Nothing Then
        user.Roles.Add(defaultRole)
    End If
    e.User = user
    e.Handled = True
End Sub

The low-privileged “Default” role can be created in the Updater.cs (Updater.vb) file by overriding the ModuleUpdater.UpdateDatabaseAfterUpdateSchema method (by default, the Solution Wizard adds a similar code):

C#
VB.NET

public override void UpdateDatabaseAfterUpdateSchema() {
    base.UpdateDatabaseAfterUpdateSchema();
    // ...
    PermissionPolicyRole defaultRole = ObjectSpace.FindObject<PermissionPolicyRole>(new BinaryOperator("Name", "Default"));
    if(defaultRole == null) {
        defaultRole = ObjectSpace.CreateObject<PermissionPolicyRole>();
        defaultRole.Name = "Default";
        defaultRole.AddObjectPermission<PermissionPolicyUser>(SecurityOperations.Read, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
        defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
        defaultRole.AddMemberPermission<PermissionPolicyUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
        defaultRole.AddMemberPermission<PermissionPolicyUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
        defaultRole.AddTypePermissionsRecursively<PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
        defaultRole.AddTypePermissionsRecursively<ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
        defaultRole.AddTypePermissionsRecursively<ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
        defaultRole.AddTypePermissionsRecursively<ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
        defaultRole.AddTypePermissionsRecursively<ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);                
    }
    ObjectSpace.CommitChanges();
}

Public Overrides Sub UpdateDatabaseAfterUpdateSchema()
    MyBase.UpdateDatabaseAfterUpdateSchema()
    ' ...
    Dim defaultRole As PermissionPolicyRole = ObjectSpace.FindObject(Of PermissionPolicyRole)(New BinaryOperator("Name", "Default"))
    If defaultRole Is Nothing Then
        defaultRole = ObjectSpace.CreateObject(Of PermissionPolicyRole)()
        defaultRole.Name = "Default"
        defaultRole.AddObjectPermission(Of PermissionPolicyUser)(SecurityOperations.Read, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow)
        defaultRole.AddNavigationPermission("Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow)
        defaultRole.AddMemberPermission(Of PermissionPolicyUser)(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow)
        defaultRole.AddMemberPermission(Of PermissionPolicyUser)(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow)
        defaultRole.AddTypePermissionsRecursively(Of PermissionPolicyRole)(SecurityOperations.Read, SecurityPermissionState.Deny)
        defaultRole.AddTypePermissionsRecursively(Of ModelDifference)(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow)
        defaultRole.AddTypePermissionsRecursively(Of ModelDifferenceAspect)(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow)
        defaultRole.AddTypePermissionsRecursively(Of ModelDifference)(SecurityOperations.Create, SecurityPermissionState.Allow)
        defaultRole.AddTypePermissionsRecursively(Of ModelDifferenceAspect)(SecurityOperations.Create, SecurityPermissionState.Allow)
    End If
    ObjectSpace.CommitChanges()
End Sub

Controls

Tools

Controls and Extensions

Tools

Maintenance Mode

Controls

Tools

Controls and Extensions

Tools

Maintenance Mode

AuthenticationActiveDirectory.CustomCreateUser Event

Declaration

Event Data

Remarks