Diffusion .NET Client Library
6.1.5
|
This feature allows a client session to query and update the security store. More...
Public Member Functions | |||
void | GetSecurity (IConfigurationCallback callback) | ||
Obtain the current contents of the security store. More... | |||
void | GetSecurity< TC > (TC context, IConfigurationContextCallback< TC > callback) | ||
Obtain the current contents of the security store, with a contextual callback. More... | |||
IScriptBuilder | ScriptBuilder () | ||
Returns a builder that can be used to create scripts for use with ISecurityStoreFeature.UpdateStore. More... | |||
Public Member Functions inherited from PushTechnology.ClientInterface.Client.Features.Control.Clients.SecurityControl.ISecurityStoreFeature | |||
void | UpdateStore (string commandScript, IUpdateStoreCallback callback) | ||
Send a command script to the server to update the security store. More... | |||
void | UpdateStore< TC > (string commandScript, TC context, IUpdateStoreContextCallback< TC > callback) | ||
Send a command script to the server to update the security store, with a contextual callback.
obtained from the feature. More... | |||
Additional Inherited Members | |
Properties inherited from PushTechnology.ClientInterface.Client.Features.IFeature | |
ISession | Session [get] |
Returns the session that the feature is associated with. More... | |
This feature allows a client session to query and update the security store.
The security store is maintained at the server and defines the roles that can be assigned to principals.
The association between roles and permissions is defined in the security store. A fixed set of permissions is defined and these are use to control access to actions and data on the server. Roles are used to associate permissions with principals. Permissions are assigned to roles and roles are assigned to principals.
A fole can be assigned zero, one, or many permissions. The same permission can be assigned to multiple roles. Roles can also include other roles to form a role hierarchy, and so inherit permissions.
Roles are implicitly defined by specifying them in relationships. There is no need to explicitly create roles in the security store.
Permissions may have 'global' or 'topic' scope. Global permissions apply to actions that are not specific to the topic tree, whereas 'topic' permissions apply to a topic or branch of the topic tree.
Topic scoped permissions are assigned to roles for specific topic paths. The permission assignment applies to all descendant topics, unless there is a more specific assignment. To evaluate whether a client session has access to a permission for a topic, the server starts at that topic and searches up the tree to find the nearest permission assignment. The first assignment is the only one considered, even if the client has roles involved in assignments further up the topic tree. Default topic-scope assignments can also be defined. These are used if no path assignment matches.
Access Control
In order to query the store the session needs GlobalPermission.VIEW_SECURITY permission and in order to update the store it needs GlobalPermission.MODIFY_SECURITY permission.
Accessing the feature
This feature may be obtained from an ISession as follows:
var securityControl = session.SecurityControl;
void PushTechnology.ClientInterface.Client.Features.Control.Clients.SecurityControl.ISecurityControl.GetSecurity | ( | IConfigurationCallback | callback | ) |
Obtain the current contents of the security store.
callback | The operation callback. |
void PushTechnology.ClientInterface.Client.Features.Control.Clients.SecurityControl.ISecurityControl.GetSecurity< TC > | ( | TC | context, |
IConfigurationContextCallback< TC > | callback | ||
) |
Obtain the current contents of the security store, with a contextual callback.
TC | The context type. |
context | The context to pass to the callback. May be null. |
callback | The operation callback. |
IScriptBuilder PushTechnology.ClientInterface.Client.Features.Control.Clients.SecurityControl.ISecurityControl.ScriptBuilder | ( | ) |
Returns a builder that can be used to create scripts for use with ISecurityStoreFeature.UpdateStore.