Skip to main content
All docs
V24.1
.NET 6.0+

PermissionSettingHelper.AddMemberPermissionFromLambda<T>(IPermissionPolicyRole, String, String, Expression<Func<T, Boolean>>, Nullable<SecurityPermissionState>) Method

Finds the first type permission for the specified type in the role and adds the member permission to it. If the appropriate type permission is not found, this method creates it.

Namespace: DevExpress.ExpressApp.Security

Assembly: DevExpress.ExpressApp.Security.v24.1.dll

Declaration

public static IPermissionPolicyMemberPermissionsObject AddMemberPermissionFromLambda<T>(
    this IPermissionPolicyRole role,
    string operations,
    string members,
    Expression<Func<T, bool>> lambda,
    SecurityPermissionState? State
)
    where T : class

Parameters

Name Type Description
role IPermissionPolicyRole

The target role for a new object permission.

operations String

The semicolon-separated list of security operations. The static SecurityOperations class defines operation names and their delimiter.

members String

The semicolon-separated list of target member names.

lambda Expression<Func<T, Boolean>>

The lambda expression that specifies the target object(s).

State Nullable<SecurityPermissionState>

A SecurityPermissionState enumeration value that specifies if access is granted or denied.

Type Parameters

Name Description
T

This method finds the type permission for this type in the role.

Returns

Type Description
DevExpress.Persistent.Base.IPermissionPolicyMemberPermissionsObject

The added member permission.

Remarks

The following example demonstrates how to use this method in UpdateDatabaseAfterUpdateSchema() (MySolution.Module\DatabaseUpdater\Updater.cs):

using DevExpress.Data.Filtering;
using DevExpress.ExpressApp.Security;
using DevExpress.ExpressApp.SystemModule;
using DevExpress.ExpressApp.Updating;
using DevExpress.Persistent.Base;
using DevExpress.Persistent.BaseImpl.PermissionPolicy;
// ...
public class Updater : ModuleUpdater {
    // ...
    public override void UpdateDatabaseAfterUpdateSchema() {
        base.UpdateDatabaseAfterUpdateSchema();
        PermissionPolicyRole defaultRole = ObjectSpace.FirstOrDefault<PermissionPolicyRole>(role => role.Name == "Default");
        if(defaultRole == null) {
            defaultRole = ObjectSpace.CreateObject<PermissionPolicyRole>();
            defaultRole.AddMemberPermissionFromLambda<ApplicationUser>(
                SecurityOperations.Write, 
                "ChangePasswordOnFirstLogon", 
                u => u.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), 
                SecurityPermissionState.Allow
            );
            // ...
        }
        // ...
    }
}
See Also