Administrator - Permission Deny


Author
Message
Marcelo Blank
Marcelo Blank
StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)
Group: StrataFrame Users
Posts: 0, Visits: 414
does the Administrator users bypass all the grants and denyes settings ?

I have an Administrator user, that doesn´t wanto to access some process... then I set the Deny to tha process (or uncheck the process in preference list).

When I test it, the programm allows the user, as it ignores the Grant or Deny ... 

Is because the users is administrator ?



           if (SecurityBasics.CurrentUser.IsAdministrator == true)

                if (SecurityBasics.CurrentUser.GetPermission("TRADER_OPERACAO").Action == PermissionAction.Deny)  << the programm ignores the status of this setting
                {
                    modoOperacao = 1; //TRADER CONSULTA

                    ConfiguraBotoesUsuarioConsulta();

                }
                else
                {
                    modoOperacao = 0; //TRADER 

                }
            else // usuario normal
            {
                if (SecurityBasics.CurrentUser.GetPermission("TRADER_OPERACAO").Action == PermissionAction.Grant)
                {
                    modoOperacao = 0; //TRADER

                }
                else if (SecurityBasics.CurrentUser.GetPermission("TRADER_CONSULTA").Action == PermissionAction.Grant)
                {
                    modoOperacao = 1; // CONSULTA

                    ConfiguraBotoesUsuarioConsulta();



                }
            }



Regards

StrataFrame Team
S
StrataFrame Developer (6.3K reputation)StrataFrame Developer (6.3K reputation)StrataFrame Developer (6.3K reputation)StrataFrame Developer (6.3K reputation)StrataFrame Developer (6.3K reputation)StrataFrame Developer (6.3K reputation)StrataFrame Developer (6.3K reputation)StrataFrame Developer (6.3K reputation)StrataFrame Developer (6.3K reputation)
Group: StrataFrame Developers
Posts: 3K, Visits: 2.5K
Yes, an administrator bypasses all tests on permissions and always returns Grant.  You could create a custom class and set it as the CurrentUser if you want to do some custom logic for Administrators.
Marcelo Blank
Marcelo Blank
StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)StrataFrame User (156 reputation)
Group: StrataFrame Users
Posts: 0, Visits: 414
Thanks Ben,

That wath I tought ...

I´ll do it.

Regards,
GO

Merge Selected

Merge into selected topic...



Merge into merge target...



Merge into a specific topic ID...




Similar Topics

Reading This Topic

Login

Explore
Messages
Mentions
Search