SecuredXPObjectSpace Class
An Object Space for XPO-based applications that use the Security System.
Namespace: DevExpress.ExpressApp.Security
Assembly: DevExpress.ExpressApp.Security.Xpo.v24.2.dll
NuGet Package: DevExpress.ExpressApp.Security.Xpo
Declaration
Remarks
XAF creates Object Spaces of the SecuredXPObjectSpace
type in the following cases:
- A SecuredObjectSpaceProvider is initialized in your application’s
XafApplication.CreateDefaultObjectSpaceProvider
method or CreateCustomObjectSpaceProvider event. - An application calls the SecuredObjectSpaceProviderBuilderExtensions.AddSecuredXpo method at startup when the Application Builder is used.
If you implement a custom SecuredObjectSpaceProvider
with the CreateObjectSpace() method overridden, make sure this method returns an object of the SecuredXPObjectSpace
type instead of XPObjectSpace.
In non-XAF applications, use SecuredObjectSpaceProvider to create SecuredXPObjectSpace
as the following code snippet demonstrates:
using DevExpress.ExpressApp.Security;
using DevExpress.Persistent.BaseImpl.EF.PermissionPolicy;
using System.Diagnostics;
// ...
class Program {
static void Main() {
// ...
// Initialization. Create a Secured Data Store and Set Authentication Options
AuthenticationStandard authentication = new AuthenticationStandard();
SecurityStrategyComplex security = new SecurityStrategyComplex(typeof(ApplicationUser), typeof(PermissionPolicyRole), authentication, typesInfo);
security.RegisterXPOAdapterProviders();
SecuredObjectSpaceProvider objectSpaceProvider = new SecuredObjectSpaceProvider(security, dataStoreProvider, typesInfo, null);
// Authentication. Log in as a 'User' with an Empty Password
authentication.SetLogonParameters(new AuthenticationStandardLogonParameters(userName: "User", password: string.Empty));
IObjectSpace loginObjectSpace = objectSpaceProvider.CreateObjectSpace();
security.Logon(loginObjectSpace);
// Authorization. Access and Manipulate Data/UI Based on User/Role Rights
using(IObjectSpace securedObjectSpace = objectSpaceProvider.CreateObjectSpace()) {
// User cannot read protected entities like PermissionPolicyRole.
}
}
}
You can find the full example in the following GitHub repository: How to use the Integrated mode of the Security System in non-XAF applications (XPO).
For more information on Object Space and Object Space Provider types, refer to the following topics: