This example demonstrates how to create fully custom classes for use in our Security Module (with the 'old' DevExpress.ExpressApp.Security.SecurityComplex component) and Schedule Module.
Here is the Activity class, which is an analog of our standard Event class. It is used to represent appointments in the Scheduler Control.
The Employee is an analog of the standard User class. The Group class is an analog of our standard Role class. Two last classes are used as base classes to organize Complex Security Strategy for your application.
Take special note that in addition to security purposes, the Employee class supports the IResource interface, and this allows us to use objects of this class as resources in our custom "appointment" class.
I have also implemented two popular filtering tasks here: filtering appointments by the current logged employee and also filtering resources to show only those owned by the current logged employee.
IMPORTANT NOTES
1. When you implement this solution in your project, do not forget to turn on custom security classes by setting the RoleType and UserType properties for the SecurityComplex component within the Application Designer.
2. The filtering appointments and resources (plus sorting of resources) is provided by the SchedulerActivityListViewControllerBase class and its descendants. Please take special note that these controllers filter resources as follows:
a. Administrator account (Sam, to log on, leave the Password field empty) sees all the resources and appointments in the root scheduler view.
b. Non-Administrator account (John, to log on, leave the Password field empty) sees only his own resources and appointments in the root scheduler view.
c. Both Administrator and Non-Administrator accounts see their own resources and appointments in the nested scheduler view.
3. You can use these controllers for study purposes, since they demonstrate the most common filtering scenarios in the scheduler view. If you do not need all this specific functionality, remove these controllers and create your own ones (perhaps based on the provided example code) that will do only your specific task. For example, the controllers from this example are not suitable in the nested scheduler view because you miss some part of the default Link/Unlink functionality since the scheduler view is always filtered to show only its own resources and appointments.That may not be desired because you may want to have the capability to link appointments from other resources, but they won't be shown due to the above. Plus, these demo controllers are unnecessary for appointments filtering in the nested scheduler view, because by default, in this view only appointments from the current resources are shown.
4. Example implementations are NOT designed for the 'new' security system components and scenarios (e.g., middle-tier application server or SecuredObjectSpaceProvider). To use the SecurityStrategyComplex component, provide fully custom implementations of the user and role classes as per the eXpressApp Framework > Task-Based Help > How to: Implement a Custom Security System User Based on an Existing Business Class article.
See Also:
Security System Overview
Scheduler Module Overview
Question Comments
Added By: Ad de Rijke at: 5/19/2014 4:52:28 AM
The Web project does not compile: 'The type or namespace name 'WinWebSolutionAspNetApplication' could not be found (are you missing a using directive or an assembly reference?)'
Added By: Dennis (DevExpress Support) at: 5/20/2014 3:31:16 AM @Ad: For some reason the WebApplication.cs file was emptied. I have attached a working sample for your reference. I will also update this example as well.