Xafari Security. Domain Components

Xafari Security DC module provides Complex Security Strategy that is based on the Domain Components technology. This means that main entities of the Security System (Role, User, Permission etc.) are defined as Domain Components. The approach is required in a situation when the application data model also uses the Domain Components. Classic XAF Security is based on XPO, which leads to a number of difficulties.

Class diagram:

security_dc_0

To apply Xafari Security DC to the XAF-application, follow the steps described below. To examine a complete sample, refer to the Northwind DC demo installed with Xafari.

Note

The task to configure an application is implemented using the AppModule. This is the recommended approach for the development with Xafari Framework. But all the described operations can be performed in other alternative ways.

Add AppModule Project to the application. Use a special Visual Studio template for this purpose. Right-click the application solution root node and select Add|New Project... in the invoked context menu. Select the Xafari App Module template in the Add New Project dialog.

AppModule template includes commented out code that implements the add Security to the application. It will be used below in the document.

Add the required platform-dependent AppModule.Win and\or AppModule.Web modules in a similar way.

Add XafariSecurityDCModule to the AppModule Project, add XafariSecurityWinModule to the AppModule.Win Project, add XafariSecurityWebModule to the AppModule.Web Project.

Configurate Security System in code as follows. Add SecurityStrategyComplex and XafariAuthentication objects, set RoleType and UserType values.

  • c#
  • VB

public sealed partial class XafariNorthwindDCAppModule : ModuleBase, ISecurityStrategyProvider
{
  private readonly SecurityStrategyComplex _securityStrategyComplex;
  public XafariNorthwindDCAppModule()
  {
    InitializeComponent();
    var xafariAuthentication = new XafariAuthentication(typeof(IDCSecuritySystemUser), typeof(XafariAuthenticationLogonParameters));
    xafariAuthentication.AuthenticationActiveDirectory.CreateUserAutomatically = true;
    _securityStrategyComplex = new SecurityStrategyComplex(typeof(IDCSecuritySystemUser), typeof(IDCSecuritySystemRole), xafariAuthentication);
  }
  public override void Setup(XafApplication application)
  {
    base.Setup(application);
    application.Security = _securityStrategyComplex;
  }
  public SecurityStrategy GetSecurityStrategy()
  {
    return _securityStrategyComplex;
  }
}

Public Partial NotInheritable Class XafariNorthwindDCAppModule
  Inherits ModuleBase
  Implements ISecurityStrategyProvider
  Private ReadOnly __securityStrategyComplex As SecurityStrategyComplex
  Public Sub New()
    InitializeComponent()
    Dim xafariAuthentication = New XafariAuthentication(GetType(IDCSecuritySystemUser), GetType(XafariAuthenticationLogonParameters))
    xafariAuthentication.AuthenticationActiveDirectory.CreateUserAutomatically = True
    __securityStrategyComplex = New SecurityStrategyComplex(GetType(IDCSecuritySystemUser), GetType(IDCSecuritySystemRole), xafariAuthentication)
  End Sub
  Public Overrides Sub Setup(ByVal application As XafApplication)
    MyBase.Setup(application)
    application.Security = __securityStrategyComplex
  End Sub
  Public Function GetSecurityStrategy() As SecurityStrategy
    Return __securityStrategyComplex
  End Function
End Class

You can view the code used in this lesson in the Xafari.Northwind.DC.AppModule| XafariNorthwindDCAppModule.cs file of the Northwind DC demo installed with Xafari.

Add AppModules to the required projects.

Run application and see the result.

Windows Forms:

security_dc_2

security_dc_3

As mentioned above, objects of the Security System defined by the Domain Components are required in system with DC-based Business Model. Then the Security data easily integrate with other business objects.

The next step of this lesson is to demonstrate this integration. We will expand the user account by adding the Department property to the IDCSecuritySystemUser object. Xafari supplies a special eXtensions Framework technology which effectively extends the business entities in the composition of enterprise systems.

Department DC is defined in the Xafari.Northwind.DC|Classifiers|Department.cs file of the Northwind DC demo installed with Xafari.

The code snippet below describes IDCInheritedUser Extension for the IDCSecuritySystemUser Entity. Extension exposes Department reference property.

  • c#
  • VB

[DomainComponent]
[NonPersistentDc]
[XafDisplayName("User")]
[ImageName("BO_User")]
[EntityExtension(typeof(IDCSecuritySystemUser))]
public interface IDCInheritedUser : IXFEntityExtension
{
  [RuleRequiredField("departmentReqField", DefaultContexts.Save, "be sure to specify department")]
  Department Department { get; set; }
}

<DomainComponent> _
<NonPersistentDc> _
<XafDisplayName("User")> _
<ImageName("BO_User")> _
<EntityExtension(GetType(IDCSecuritySystemUser))> _
Public Interface IDCInheritedUser
  Inherits IXFEntityExtension
  <RuleRequiredField("departmentReqField", DefaultContexts.Save, "be sure to specify department")> _
Property Department As Department
End Interface

To examine IDCInheritedUser and IDCInheritedRole Extensions in details, refer to the appropriate .cs files of the Northwind DC demo. It is required to register any Extension in application, see eXtensions Framework. Define Entities and Extensions. This must be implemented in the same module, which contains Extension definition. Module class must implement Xafari.XF.IXFRegistrator interface that declares RegisterXF() method.

  • c#
  • VB

public sealed partial class NorthwindDCModule : ModuleBase, IXFRegistrator
{
  //...
  void IXFRegistrator.RegisterXF(EntityFactory entityFactory)
  {
    //...
    this.RegisterExtension<IDCSecuritySystemUser, IDCInheritedUser>(propertyName: "NorthWindUserExtension", backPropertyName: "BackNorthWindUserExtension", expandObjectMembers: ExpandObjectMembers.InDetailView, autoCreate: true);
  }
}

Public Partial NotInheritable Class NorthwindDCModule
  Inherits ModuleBase
  Implements IXFRegistrator
  '...
  Private Sub RegisterXF(ByVal entityFactory As EntityFactory) Implements IXFRegistrator.RegisterXF
    '...
    Me.RegisterExtension(Of IDCSecuritySystemUser, IDCInheritedUser)(propertyName := "NorthWindUserExtension", backPropertyName := "BackNorthWindUserExtension", expandObjectMembers := ExpandObjectMembers.InDetailView, autoCreate := True)
  End Sub
End Class

Restart application and see that User List View has been updated and displays Department property.

Windows Forms:

security_dc_5

Xafari Security DC and Xafari Security XPO modules provides a identical Permission Sets described in Extra Permission Types topic. Authorization details when logging into the application is described in Xafari Autentication topic.