How to integrate access control with my ORM in a .net windows form application?

Posted by Ying on Stack Overflow See other posts from Stack Overflow or by Ying
Published on 2010-03-04T04:02:19Z Indexed on 2010/05/06 17:28 UTC
Read the original article Hit count: 240

Filed under:

access-control

|

c#

|

database

|

orm

I am developing a general database query tools, a .Net 3.5 Windows Form application. In order to make the presentation layer is independent of the database layer. I use an ORM framework, XPO from DevExpress.

But, I have no access control function built in. I surfed Internet and I found in WCF Data Services, there is an interesting concept, Interceptor, which is following AOP(Aspect Oriented Programming).

I am wondering who has such an experience to build access control in ORM. My basic requirement is :

It should be a general method and controlled by users in runtime. So any hard coding is not acceptable.
It could be based on attribute, database table, or even an external assembly.

I am willing to buy a ready solution. According to the idea of AOP, an access control function can be integrated with existing functions easily and nearly not knowingly to the previous developer;)

Any suggestions are welcome.

© Stack Overflow or respective owner

Related posts about access-control

LiteSpeed enable Access-Control-Allow-Origin (no response header on CORS request)

as seen on Server Fault - Search for 'Server Fault'
Seriously, I can't find a single page discussing this for litespeed. Using this format in the htaccess "Header set Access-Control-Allow-Origin http://aSite.com" (and https) sends the setting in the http response header, but I still get the "XMLHttpRequest cannot load https://aSite.com/aFile.php.… >>> More
DELETE method not working in Apache 2.4

as seen on Server Fault - Search for 'Server Fault'
I'm running Apache 2.4 locally and dealing with RESTful services authenticating through OAuth. GET, PUT and POST work fine but I can't get DELETE to work. I've tried installing WebDAV and mod_dav, overriding methods in .htaccess, tried Limits, force (enable) DELETE options in configuration and pretty… >>> More
CORS Fails on CloudFront Distribution with Nginx Origin

as seen on Server Fault - Search for 'Server Fault'
I have a CloudFront distribution set up with an Nginx server as the origin (a Media Temple DV server, to be specific). I enabled the Access-Control-Allow-Origin: * header so fonts will work in Firefox. However, Firefox throws a CORS error for fonts loaded from this CloudFront/Nginx distribution. I… >>> More
My MS Access control displays no text for appended items following an append query

as seen on Stack Overflow - Search for 'Stack Overflow'
The control in question is part of a datasheet-style subform that feeds off a multi-field combo-box. The control is bound to the first field of the combo box, an ID field which is hidden from view (column width set to zero). Consequently, the second field (Code) is displayed in the control when an… >>> More
ASP.NET and WIF: Showing custom profile username as User.Identity.Name

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
I am building ASP.NET MVC application that uses external services to authenticate users. For ASP.NET users are fully authenticated when they are redirected back from external service. In system they are logically authenticated when they have created user profiles. In this posting I will show you how… >>> More

Related posts about c#

.NET WebRequest.PreAuthenticate not quite what it sounds like

as seen on West-Wind - Search for 'West-Wind'
I’ve run into the problem a few times now: How to pre-authenticate .NET WebRequest calls doing an HTTP call to the server – essentially send authentication credentials on the very first request instead of waiting for a server challenge first? At first glance this sound like it should be easy:… >>> More
HttpWebRequest and Ignoring SSL Certificate Errors

as seen on West-Wind - Search for 'West-Wind'
Man I can't believe this. I'm still mucking around with OFX servers and it drives me absolutely crazy how some these servers are just so unbelievably misconfigured. I've recently hit three different 3 major brokerages which fail HTTP validation with bad or corrupt certificates at least according to… >>> More
The dynamic Type in C# Simplifies COM Member Access from Visual FoxPro

as seen on West-Wind - Search for 'West-Wind'
I’ve written quite a bit about Visual FoxPro interoperating with .NET in the past both for ASP.NET interacting with Visual FoxPro COM objects as well as Visual FoxPro calling into .NET code via COM Interop. COM Interop with Visual FoxPro has a number of problems but one of them at least got a lot… >>> More
Dynamic Type to do away with Reflection

as seen on West-Wind - Search for 'West-Wind'
The dynamic type in C# 4.0 is a welcome addition to the language. One thing I’ve been doing a lot with it is to remove explicit Reflection code that’s often necessary when you ‘dynamically’ need to walk and object hierarchy. In the past I’ve had a number of ReflectionUtils that used string based expressions… >>> More
Finding a Relative Path in .NET

as seen on West-Wind - Search for 'West-Wind'
Here’s a nice and simple path utility that I’ve needed in a number of applications: I need to find a relative path based on a base path. So if I’m working in a folder called c:\temp\templates\ and I want to find a relative path for c:\temp\templates\subdir\test.txt I want to receive back subdir\test… >>> More