I want to implement user security.  Am I correct in understanding that I should use the CheckSecurity method on the business object to determine that an action is to be allowed or denied THEN use the SecurityDenied method in the object on the form to display the denied message to the user?

If this is the correct procedure would passing "Denied messages\reasons" to the SecurityDenied method thru the brokenrules collection be appropriate?  I want my BO to determine why access is being denied and just let the UI display the message to the user.

On the same topic, to determine who the current logged in user is I am using a static property on the AppMain class.  My problem here is I can not see the AppMain object and its properties from my BO project.  How do I have a "global" user object yet keep the BO independent.  How should this be handled?

Yes, you are correct there.



Within the SecurityDenied event handler, the event arguments tell you what action was denied. Beyond that, you will need to store off any additional information necessary to provide a complete message to the end user. Your best bet for storing off information (including storing off a "global" business object) is to create a sealed class within your application's root namespace called "Globals" or some other name that makes sense to you. Then you can place a static (shared) member/property combination to store the global users business object and another member/property pair to store off any other information necessary.



namespace RootNamespace

{

public sealed class Globals

{



#region Private Fields



private static UsersBO _CurrentUser = new UsersBO();

private static string _ErrorMessage = "";



#endregion



#region Public Properties



public static UsersBO CurrentUser

{

get

{

return Globals._CurrentUser;

}

set

{

Globals._CurrentUser = value;

}

}



public static string ErrorMessage

{

get

{

return Globals._ErrorMessage;

}

set

{

Globals._ErrorMessage = value;

}

}



#endregion



}

}



You could then access these properties from anywhere by accessing RootNamespace.Globals.CurrentUser or RootNamespace.Globals.ErrorMessage.



Hope that makes sense

Ben,

So what you are saying is that the entire project should be in the same namespace ? What if the namespaces are different. For example we have a business object library that is in QuoteBoLib and the UI portion of our project is in SFQuote. There is no way to add the SFQuote namespace to the QuoteBoLib. So should we change the namespace so that each section is in it's own subsection. For example IMS.WinForms.SFQuote for our forms and then IMS.Business for our business objects ?

Thanks,

Randy

No, your entire project doesn't have to be in the same namespace (all of the StrataFrame components are most certainly not in the same namespace). All I'm saying is that to have a global object that you can reference from anywhere (including other namespaces, by typing the full name) you need to define it as static. All static variables are instantiated when the application initializes and are available throughout the life of the AppDomin (the life of the application). You can place your static variable in the root namespace, or 10 namespaces deep. As long as it's public, you can access it by referencing the full name.