1.http://www.devexpress.com/Support/Center/Example/Details/E4045
This example demonstrates how to use the new security system to implement the subject.
Basically, the following scenario is implemented:
- Users (Joe, John) can do everything with their own tasks and can also view data of their own department;
- Managers (Sam, Mary) can manage their own department, its employees, their tasks, etc. However, they cannot access data from other departments;
- Administrators (Admin) can do everything within the application.
You can see how it works in action at http://screencast.com/t/74PJlzSnKDR (you can run EasyTests in the MainDemo.EasyTests\E4045.ets file).
To do this, permissions at the type and object level (with a criteria) are configured. You can see the respective setup code for permissions in the DatabaseUpdate/Updater file.
Take special note that for building a complex criteria against associated objects, the JoinOperand together with the built-in CurrentUserId and IsCurrentUserInRole criteria functions.
To quickly understand relationships between involved business classes, their class diagram is attached.