Monthly Archives: July 2011

XAF Security System & Roles

The standard security system in XAF does not support anonymous content out of the box. Everyone is a registered user and requires registration straight out of the gate. We have been working on products lately that require a more user friendly approach to web logins.

One of the ways we came up with was creating using a multi-tier security system concept. This has multiple user objects allowing for a single base user to define standard access, and users on top of it to dictate how the specific application is working.

To use this concept, we replaced the security system with a few lines of code:

Security Class:

Public Class AnonymousSecuritySystem
    Inherits DevExpress.ExpressApp.Security.AuthenticationActiveDirectory

    Protected Overrides Function GetUserName() As String
        Return "Anonymous"
    End Function
End Class

After replacing the security system, we created a controller which allows a user to login based on another tier object.

Public Class LoginController
    Inherits DevExpress.ExpressApp.ViewController

    Public Sub New()
        MyBase.New()

        'This call is required by the Component Designer.
        InitializeComponent()
        RegisterActions(components)
    End Sub

    Private Sub Login_Execute(ByVal sender As System.Object, ByVal _ 
             e As Actions.SimpleActionExecuteEventArgs) Handles Login.Execute
        Dim oWebUser As WebUser = ObjectSpace.FindObject(Of WebUser) _ 
             (CriteriaOperator.Parse("UserName = 'a'"))
        If oWebUser IsNot Nothing Then
            CType(SecuritySystem.Instance, SecurityComplex).Logon(oWebUser.BaseUser)
        End If
    End Sub
End Class

This is extended out to each application, so we can have separate win and web users, as well as keeping the option open to share the same roles between the applications.

HOW TO: Query Objects in LINQ Using VB.NET And C#

LINQ is a powerful component that Microsoft introduced into the .NET framework a few years ago. Since then, the syntax and ideology has been adopted by Java, PHP and Javascript. The concept behind it is adding database like querying into your code allowing you to select objects from collections in a tuned manner rather than iterate through collections and filtering things out. Let us say we have a simple SQL statement below which selects customers from a customer table based on their state:

SELECT Name,Address FROM Customer
WHERE State = ‘CA’

If you had the same data in your application represented by objects, you could do the same kind of query using LINQ. Here is some sample syntax for selecting objects from a collection based:

VB.NET

Dim q = From c In Customers
                  Where c.State = "CA"
                Select c.Name, c.Address

C#

IEnumerable q = from c in Customers
                               where c.State = "CA"
                               select c.Name, c.Address;

The performance scales very well, and I have almost replaced iterating at this point. If you are interested, click here for information on LINQ.