开发者

Record-level Security in LINQ-to-SQL

I'm working on a record-level security system for a LINQ-to-SQL app. I currently have a wrapper around the DataContext's GetTable method that joins T to a user cross-reference table. T is any class that implements my ISecurable interface:

public interface ISecurable
{
    bool CanRead { get; set; }
    bool CanUpdate { get; set; }
    bool CanDelete { get; set; }
}

My base repository class performs the join and updates each story's CanRead, CanUpdate, and CanDelete properties for the specified user:

var storiesVisibleToUser = repository.Get<Story>( user );

I'd like to replace the wrapper with an extension method, so I can do something like this:

var storiesVisibleToUser = repository.Get<Story>().ApplySecurity( user );

It's a subtle change, but will g开发者_如何学Pythonreatly decrease the coupling between the security code and the general data access code, so it will give me more flexibility for adding stuff like group-level security.

The problem is that the ApplySecurity extension method doesn't have access to the original DataContext, so it can't use GetTable<> to retrieve the cross-reference records.

Two questions:

  1. Is there any way to get an IQueryable's DataContext, short of subclassing/wrapping it and passing the context in to the constructor?

  2. Is an extension method the "proper" way to do this, or should I stick with a method in my repository that would have access to the original context?


One possible solution is to create an association between the Story and the cross-reference table. That then makes the other table available to Story queries without needing a reference to the original context.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜