StrataFrame Forum

Administrator - Permission Deny

http://forum.strataframe.net/Topic31993.aspx

By Marcelo Blank - 4/23/2013

does the Administrator users bypass all the grants and denyes settings ?

I have an Administrator user, that doesn´t wanto to access some process... then I set the Deny to tha process (or uncheck the process in preference list).

When I test it, the programm allows the user, as it ignores the Grant or Deny ... 

Is because the users is administrator ?



           if (SecurityBasics.CurrentUser.IsAdministrator == true)

                if (SecurityBasics.CurrentUser.GetPermission("TRADER_OPERACAO").Action == PermissionAction.Deny)  << the programm ignores the status of this setting
                {
                    modoOperacao = 1; //TRADER CONSULTA

                    ConfiguraBotoesUsuarioConsulta();

                }
                else
                {
                    modoOperacao = 0; //TRADER 

                }
            else // usuario normal
            {
                if (SecurityBasics.CurrentUser.GetPermission("TRADER_OPERACAO").Action == PermissionAction.Grant)
                {
                    modoOperacao = 0; //TRADER

                }
                else if (SecurityBasics.CurrentUser.GetPermission("TRADER_CONSULTA").Action == PermissionAction.Grant)
                {
                    modoOperacao = 1; // CONSULTA

                    ConfiguraBotoesUsuarioConsulta();



                }
            }



Regards
By StrataFrame Team - 4/23/2013

Yes, an administrator bypasses all tests on permissions and always returns Grant.  You could create a custom class and set it as the CurrentUser if you want to do some custom logic for Administrators.
By Marcelo Blank - 4/23/2013

Thanks Ben,

That wath I tought ...

I´ll do it.

Regards,