BaseObject.SetPropertyValueWithSecurityBypass<T>(String, T) Method

Sets the object’s property value bypassing security checks.

Namespace: DevExpress.Persistent.BaseImpl

Assembly: DevExpress.Persistent.BaseImpl.Xpo.v24.1.dll

NuGet Package: DevExpress.Persistent.BaseImpl.Xpo

Declaration

C#
VB.NET

protected void SetPropertyValueWithSecurityBypass<T>(
    string propertyName,
    T value
)

Protected Sub SetPropertyValueWithSecurityBypass(Of T)(
    propertyName As String,
    value As T
)

Parameters

Name	Type	Description
propertyName	String	The name of the property to set.
value	T	The value to assign to the property.

Type Parameters

Name	Description
T	The type of the value assigned to the property.

Remarks

The SetPropertyValueWithSecurityBypass method allows you to modify the value of a business object’s property even if write access to this property is denied for the current user by the XAF Security System. If your business object is not an BaseObject descendant, use the static SecuredPropertySetter.SetPropertyValueWithSecurityBypass method instead.

In applications with middle-tier security, you can call this method only from a business object’s IXafEntityObject.OnSaving method, otherwise an exception is thrown.

Note

In applications with middle-tier security, an object’s OnSaving method is only called on the middle-tier server side. From this method, you can call SetPropertyValueWithSecurityBypass to set values of business object properties even if the client application has no access rights for these properties. Thus, you can use this method to securely initialize properties with sensitive data (it is also important that you define access rules to additionally restrict access to these properties for application users).

The following code snippet demonstrates how to use this method to initialize CreatedBy, UpdatedBy, and UpdatedOn properties of a business class.

using DevExpress.ExpressApp.Security;
using DevExpress.Persistent.BaseImpl.PermissionPolicy;
using DevExpress.Xpo;
using System.ComponentModel;
// ...
public class TestClass : BaseObject {
    public TestClass(Session session) : base(session) { }
    // ...
    ApplicationUser _createdBy;
    ApplicationUser _updatedBy;
    DateTime? _updatedOn;

    [ModelDefault(nameof(IModelCommonMemberViewItem.AllowEdit), "False")]
    public ApplicationUser CreatedBy {
        get { return _createdBy; }
        set { 
            SetPropertyValue("CreatedBy", ref _createdBy, value);
        }
    }

    [ModelDefault(nameof(IModelCommonMemberViewItem.AllowEdit), "False")]
    public ApplicationUser UpdatedBy {
        get { return _updatedBy; }
        set {
            SetPropertyValue("UpdatedBy", ref _updatedBy, value);
        }
    }

    [ModelDefault(nameof(IModelCommonMemberViewItem.AllowEdit), "False")]
    [ModelDefault(nameof(IModelCommonMemberViewItem.DisplayFormat), "G")]
    public DateTime? UpdatedOn {
        get { return _updatedOn; }
        set {
            SetPropertyValue("UpdatedOn", ref _updatedOn, value);
        }
    }

    protected override void OnSaving() {
        base.OnSaving();
        if (Session.IsNewObject(this)) {
            SetPropertyValueWithSecurityBypass(nameof(CreatedBy), GetCurrentUser());
        }
        else {
            SetPropertyValueWithSecurityBypass(nameof(UpdatedOn), DateTime.Now);
            SetPropertyValueWithSecurityBypass(nameof(UpdatedBy), GetCurrentUser());
        }
    }

    ApplicationUser GetCurrentUser() { 
        return Session.GetObjectByKey<ApplicationUser>(
            Session.ServiceProvider.GetRequiredService<ISecurityStrategyBase>().UserId);
    }
}

Controls

Tools

Controls and Extensions

Tools

Maintenance Mode

Controls

Tools

Controls and Extensions

Tools

Maintenance Mode

BaseObject.SetPropertyValueWithSecurityBypass<T>(String, T) Method

Declaration

Parameters

Type Parameters

Remarks