Purpose:The purpose of this document is to describe the process of assigning security keys to business objects and to describe how the framework utilizes these security keys when an action is requested by the end-user.

Business Object Security Keys

• AddSecurityKey - Defines the permission that is required to add a new record to a business object.
• DeleteSecurityKey - Defines the permission that is required to delete a record from a business object.
• EditSecurityKey - Defines the permission that is required to edit a record on the business object.
• QuerySecurityKey - Defines the permission that is used to determine whether SQL queries that are processed through this business object should be audited.

Like all business object properties, the business object security key properties can be set within the component designer for the business object to affect all instances of the business object, or set directly on an instance of a business object that has been dropped on a form to set the property for that one instance only.

Assigning the Key

Assigning the business object security key properties can be done through the property sheet of the business object’s component designer or programmatically. The Security Key Type Editor is used to search for the appropriate security key to assign to the values for the properties.

Public Sub TestSecurity()
    '-Create a new business object
    Dim loBo As New MyBusinessObject()

    '-Test the Add security
    loBo.AddSecurityKey = "MyAddSecurityKey"
    loBo.Add()

    '-Test the Edit security
    loBo.EditSecurityKey = "MyEditSecurityKey"
    loBo.Edit()

    '-Test the Delete security
    loBo.DeleteSecurityKey = "MyDeleteSecurityKey"
    loBo.DeleteCurrentRow()
End Sub

public void TestSecurity()
{
    //-- Create a new business object
    MyBusinessObject loBo = new MyBusinessObject();

    //-- Test the Add security
    loBo.AddSecurityKey = "MyAddSecurityKey";
    loBo.Add();

    //-- Test the Edit security
    loBo.EditSecurityKey = "MyEditSecurityKey";
    loBo.Edit();

    //-- Test the Delete security
    loBo.DeleteSecurityKey = "MyDeleteSecurityKey";
    loBo.DeleteCurrentRow();
}

How the Security Keys Affect Business Objects at Run-time

Each security key property has a corresponding method that performs an action on the business object (AddSecurityKey affects calls to Add(), EditSecurityKey affects calls to Edit()). These methods, Add(), Edit(), and DeleteCurrentRow() have overloads that accept Boolean value that indicate whether the business object should check the current user’s permissions before performing the action. The default overload checks the users permissions.

When the security is checked, and the permission is denied, the SecurityDenied event will be raised. This event is automatically handled by the StandardForm class to show a message to the end user depending upon the denied action of the requested permission. This automation can be disabled so that you can handle the denying of the requested action manually.

© 2005-2006 MicroFour, Inc. All Rights Reserved.