Hi,
I’m not sure, how to propertly use Roles in .Net (CodeFirst). I set Session.Roles within the LoginService.
In the documentation I found “ServiceValidateRoles”, “TriggerValidateRoles” and an Eventhandler related to the Roles, but I can’t get the loose ends together.
I’d like to restrict the access to some services or to specific service methods.
At the moment I’m going to use the hard way and do check the permission in any ServiceMethod manually. This is error-prone and badly to maintain.
[ServiceMethod] public string DoSomething(string someValue) { if (Session.Roles.Select(r => r == "roleServiceOperator") == null) throw new RemObjects.SDK.Exceptions.SessionDoesNotHaveRequiredRolesException($"User: {this.Session["Username"]}, Method: Service1.DoSomething()"); return someValue.ToUpper(); }
What’s the best way to work with roles in ROSDK .Net?
Can you put the boiler-plate code for the role-validation into the ServiceAttribute or the ServiceMethod Attribute?
[Service(rolesAllowed=new string[] {"roleServiceOperator", "public"}), ServiceRequiresLogin]
public class Service1 : RemObjects.SDK.Server.Service
{
[ServiceMethod(rolesAllowed=new string[] {"roleServiceOperator"}]
public string DoSomething(string someValue)
{
return someValue.ToUpper();
}
[ServiceMethod(rolesAllowed=new string[] {"roleServiceOperator","public"}]
public string DoSomethingElse(string someValue)
{
return someValue.ToUpper();
}
}