Interface IPermissionRule
Defines the contract for permission rule evaluation.
Namespace: DataWeb.Authorization
Assembly: DataWeb.Core.dll
Syntax
public interface IPermissionRule
Remarks
This interface provides methods to evaluate visibility and write permissions for data operations based on the current user's authorization context. Implementations determine what data a user can view and modify based on their roles and permissions.
Methods
GetIsVisibleFilter(string)
Retrieves a filter expression based on the visibility rules for the specified table.
Declaration
string GetIsVisibleFilter(string tableName)
Parameters
| Type | Name | Description |
|---|---|---|
| string | tableName | The name of the table for which the filter is being requested. |
Returns
| Type | Description |
|---|---|
| string | A filter expression string for the specified table. An empty string indicates full visibility (no filtering). The filter expression should be compatible with the data store implementation (e.g., SQL or LINQ-compatible format). |
Remarks
This filter is used to restrict the data returned to the user based on their roles and permissions. Developers can see all data (empty filter), while other users receive a filtered view based on permission rules.
IsWriteAsync(NavigationContext, ContextItem)
Asynchronously determines if the current user has write permissions for the specified context item.
Declaration
Task<bool> IsWriteAsync(NavigationContext navigationContext, ContextItem item)
Parameters
| Type | Name | Description |
|---|---|---|
| NavigationContext | navigationContext | The NavigationContext containing information about the current navigation request. |
| ContextItem | item | The ContextItem for which write permissions are being checked. |
Returns
| Type | Description |
|---|---|
| Task<bool> | A task that represents the asynchronous operation.
The task result is |
Remarks
This method is called before allowing create, update, or delete operations on data.
If the method returns false, the operation should be denied and an authorization error presented to the user.