Skip to main content
All docs
V24.2
.NET 8.0+

PermissionSettingHelper.AddObjectPermissionFromLambda<T>(IPermissionPolicyRole, String, Expression<Func<T, Boolean>>, Nullable<SecurityPermissionState>) Method

Finds the first type permission for the specified type in the role and adds the object permission to it. If the appropriate type permission is not found, this method creates it.

Namespace: DevExpress.ExpressApp.Security

Assembly: DevExpress.ExpressApp.Security.v24.2.dll

Declaration

public static IPermissionPolicyObjectPermissionsObject AddObjectPermissionFromLambda<T>(
    this IPermissionPolicyRole role,
    string operations,
    Expression<Func<T, bool>> lambda,
    SecurityPermissionState? state
)
    where T : class

Parameters

Name Type Description
role IPermissionPolicyRole

The target role for a new object permission.

operations String

The semicolon-separated list of security operations. The static SecurityOperations class defines operation names and their delimiter.

lambda Expression<Func<T, Boolean>>

The lambda expression that specifies the target object(s).

state Nullable<SecurityPermissionState>

A SecurityPermissionState enumeration value that specifies if access is granted or denied.

Type Parameters

Name Description
T

This method finds the type permission for this type in the role.

Returns

Type Description
DevExpress.Persistent.Base.IPermissionPolicyObjectPermissionsObject

The added object permission.

Remarks

The following example demonstrates how to use this method in UpdateDatabaseAfterUpdateSchema() (MySolution.Module\DatabaseUpdater\Updater.cs(.vb)):

using DevExpress.Data.Filtering;
using DevExpress.ExpressApp.Security;
using DevExpress.ExpressApp.SystemModule;
using DevExpress.ExpressApp.Updating;
using DevExpress.Persistent.Base;
using DevExpress.Persistent.BaseImpl.PermissionPolicy;
// ...
public class Updater : ModuleUpdater {
    // ...
    public override void UpdateDatabaseAfterUpdateSchema() {
        base.UpdateDatabaseAfterUpdateSchema();
        PermissionPolicyRole defaultRole = ObjectSpace.FirstOrDefault<PermissionPolicyRole>(role => role.Name == "Default");
        if(defaultRole == null) {
            defaultRole = ObjectSpace.CreateObject<PermissionPolicyRole>();
            defaultRole.AddObjectPermissionFromLambda<PermissionPolicyUser>(
                SecurityOperations.Read, 
                u => u.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(),
                SecurityPermissionState.Allow
            );
            // ...
        }
        // ...
    }
}
See Also