User Class

An XAF user who has a list of associated security roles.

Namespace: DevExpress.Persistent.BaseImpl.EF

Assembly: DevExpress.Persistent.BaseImpl.EF.v18.1.dll

Syntax

[RuleCriteria("SecuritySystemUser_EF_Prevent_delete_logged_in_user", DefaultContexts.Delete, "[ID] != CurrentUserId()", "Cannot delete the current logged-in user. Please log in using another user account and retry.")]
public class User :
    ISecurityUser,
    IAuthenticationActiveDirectoryUser,
    IAuthenticationStandardUser,
    IOperationPermissionProvider,
    ISecurityUserWithRoles,
    INotifyPropertyChanged,
    ICanInitialize
Note

It is recommended to use the Allow/Deny Permission Policy. For this purpose, migrate from User to PermissionPolicyUser. If you use Entity Framework as the ORM system, you may also need to perform a migration.

Associated roles are exposed via the SecuritySystemUser.Roles property. To get the complete list of permissions granted to the current user via his/her associated roles, use the IOperationPermissionProvider.GetPermissions method.

Inherit this class when you use the SecurityStrategyComplex Security Strategy and want to replace the default User with a custom type that exposes additional properties.

using DevExpress.Persistent.BaseImpl.EF;
// ...
public class Employee : User {
    [Browsable(false)]
    public int ID { get; protected set; }
    public string FullName {get; set; }
    public virtual Department Department { get; set; }
    public virtual IList<Task> Tasks { get; set; }
}

Then, invoke the Application Designer, focus the SecurityStrategyComplex component and change the SecurityStrategy.UserType value in the Properties window.

Security_SetCustomUserType

Alternativaly, you can specify the user type in code. In a Windows Forms application project, modify the Program.cs (Program.vb) file in the following manner.

public static void Main(string[] arguments) {
    MySolutionWinApplication winApplication = new MySolutionWinApplication();
    winApplication.Security = 
        new SecurityStrategyComplex(typeof(Employee), typeof(Role), 
            new AuthenticationStandard());
    // ...
}

In an ASP.NET application project, modify the Global.asax.cs (Global.asax.vb) file in the following manner.

protected void Session_Start(Object sender, EventArgs e) {
    WebApplication.SetInstance(Session, new MySolutionAspNetApplication());
    WebApplication.Instance.Security = 
       new SecurityStrategyComplex(typeof(Employee), typeof(Role), 
            new AuthenticationStandard());
    // ...
}
Tip

You can use the UserWithRolesExtensions.IsUserInRole extension method with User objects because User implements ISecurityUserWithRoles.

Inheritance

Object
User

See Also