[英]How to integrate access control with my ORM in a .net windows form application?
I am developing a general database query tools, a .Net 3.5 Windows Form application. 我正在开发一个通用的数据库查询工具,一个.Net 3.5 Windows窗体应用程序。 In order to make the presentation layer is independent of the database layer.
为了使表示层独立于数据库层。 I use an ORM framework, XPO from DevExpress.
我使用了一个ORM框架,来自DevExpress的XPO。
But, I have no access control function built in. I surfed Internet and I found in WCF Data Services, there is an interesting concept, Interceptor, which is following AOP(Aspect Oriented Programming). 但是,我没有内置的访问控制功能。我浏览了互联网,我发现在WCF数据服务中,有一个有趣的概念,拦截器,它遵循AOP(面向方面编程)。
I am wondering who has such an experience to build access control in ORM. 我想知道谁有这样的经验来在ORM中构建访问控制。 My basic requirement is :
我的基本要求是:
I am willing to buy a ready solution. 我愿意买一个现成的解决方案。 According to the idea of AOP, an access control function can be integrated with existing functions easily and nearly not knowingly to the previous developer;)
根据AOP的思想,访问控制功能可以轻松地与现有功能集成,并且几乎不会对以前的开发人员有所了解;)
Any suggestions are welcome. 欢迎任何建议。
I'm not sure that this answer will be helpful in your situation, but it can be interesting for you. 我不确定这个答案会对你的情况有所帮助,但对你来说这很有意思。
X-tensive company (developer of DataObjects.Net ORM ) plans to implement similar feature for DataObjects.Net in few months. X-tensive公司( DataObjects.Net ORM的开发者)计划在几个月内为DataObjects.Net实现类似的功能。 X-tensive's plan is to provide full featured ready to use security extension, possibly based on attributes and aspects.
X-tensive的计划是提供全功能的即用型安全扩展,可能基于属性和方面。 Surely it will be closely connected with this ORM, but you can derive some ideas from its description.
当然,它将与此ORM紧密相关,但您可以从其描述中获得一些想法。 See feature request and its discussion here .
参见功能要求,并讨论在这里 。
You can also take a look at Rhino Security , I don't know current status of this project, but it seams such solution can be useful in your case. 你也可以看看Rhino Security ,我不知道这个项目的当前状态,但它接缝这样的解决方案对你的情况很有用。
Why not build a layer between the ORM and the presentation layer? 为什么不在ORM和表示层之间构建一个层? By doing this separation you can easily switch data sources (in the future you might have your data on another server and access it through web services).
通过这种分离,您可以轻松切换数据源(将来您可能将数据放在另一台服务器上并通过Web服务访问它)。 I'm sure that there are a fancy name for this layer, but I call all my interfaces for managers.
我确定这个图层有一个奇特的名字,但我将所有界面都称为管理员。
Presentation -> Managers -> Data Access Layer -> DB 演示 - >经理 - >数据访问层 - >数据库
Example: 例:
var user = Program.Components.Get<IUserManager>().GetById(1);
user.FirstName = "Jonas";
Program.Components.Get<IUserManager>().Save(user);
In the managers you can use IIdentity and IPrincipal (built in access control interfaces in .Net) to control access. 在管理器中,您可以使用IIdentity和IPrincipal (内置在.Net中的访问控制接口)来控制访问。 http://msdn.microsoft.com/en-us/library/ms172765(VS.80).aspx
http://msdn.microsoft.com/en-us/library/ms172765(VS.80).aspx
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.