.NET Standard 2.0+
.NET Framework 4.5.2+
.NET Standard 2.0+
.NET Core 3.0+

PermissionPolicyRole Class

A security role that supports the Allow/Deny Permission Policies.

Namespace: DevExpress.Persistent.BaseImpl.PermissionPolicy

Assembly: DevExpress.Persistent.BaseImpl.v20.1.dll

Declaration

[ImageName("BO_Role")]
[MapInheritance(MapInheritanceType.ParentTable)]
[RuleObjectExists("PermissionPolicyUser_XPO_Prevent_delete_last_admin_role", DefaultContexts.Delete, "IsAdministrative = true And [Users][[IsActive] = True].Count() > 0", "Cannot delete role as it is the last administrative role with assigned users. The application must have at least one administrative role.")]
[RuleObjectExists("PermissionPolicyRole_XPO_Prevent_change_last_admin_role", DefaultContexts.Save, "IsAdministrative = true And [Users][[IsActive] = True].Count() > 0", "Cannot remove role as it is the last administrative role with assigned users. The application must have at least one administrative role.", IncludeCurrentObject = true)]
public class PermissionPolicyRole :
    PermissionPolicyRoleBase,
    IPermissionPolicyRoleWithUsers,
    ICanInitializeRole
<ImageName("BO_Role")>
<MapInheritance(MapInheritanceType.ParentTable)>
<RuleObjectExists("PermissionPolicyUser_XPO_Prevent_delete_last_admin_role", DefaultContexts.Delete, "IsAdministrative = true And [Users][[IsActive] = True].Count() > 0", "Cannot delete role as it is the last administrative role with assigned users. The application must have at least one administrative role.")>
<RuleObjectExists("PermissionPolicyRole_XPO_Prevent_change_last_admin_role", DefaultContexts.Save, "IsAdministrative = true And [Users][[IsActive] = True].Count() > 0", "Cannot remove role as it is the last administrative role with assigned users. The application must have at least one administrative role.", IncludeCurrentObject:=True)>
Public Class PermissionPolicyRole
    Inherits PermissionPolicyRoleBase
    Implements IPermissionPolicyRoleWithUsers,
               ICanInitializeRole

Remarks

In eXpressApp Framework applications, permissions are not assigned to a user directly. Users have roles, which in turn are characterized by a permission set. So, each user has one or more roles that determine what actions can be performed. The list of users associated with the current role is exposed via the PermissionPolicyRole.Users property.

Refer to the How to: Implement Custom Security Objects (Users, Roles, Operation Permissions) topic to see an example on implementing a custom Role.

TIP

You can use extension methods declared in the static PermissionSettingHelper class with object instances of the PermissionPolicyRole type. Call these extension methods from the ModuleUpdater.UpdateDatabaseAfterUpdateSchema method implemented in the Updater.cs (Updater.vb) file to easily configure predefined permissions in code.

See Also