User ID, User Name, and Portal ID in Business Rules

Labels
AJAX(112) App Studio(8) Apple(1) Application Builder(245) Application Factory(207) ASP.NET(95) ASP.NET 3.5(45) ASP.NET Code Generator(72) ASP.NET Membership(28) Azure(18) Barcode(2) Barcodes(3) BLOB(18) Business Rules(1) Business Rules/Logic(140) BYOD(13) Caching(2) Calendar(5) Charts(29) Cloud(14) Cloud On Time(2) Cloud On Time for Windows 7(2) Code Generator(54) Collaboration(11) command line(1) Conflict Detection(1) Content Management System(12) COT Tools for Excel(26) CRUD(1) Custom Actions(1) Data Aquarium Framework(122) Data Sheet(9) Data Sources(22) Database Lookups(50) Deployment(22) Designer(177) Device(1) DotNetNuke(12) EASE(20) Email(6) Features(101) Firebird(1) Form Builder(14) Globalization and Localization(6) How To(1) Hypermedia(2) Inline Editing(1) Installation(5) JavaScript(20) Kiosk(1) Low Code(3) Mac(1) Many-To-Many(4) Maps(6) Master/Detail(36) Microservices(4) Mobile(63) Mode Builder(3) Model Builder(3) MySQL(10) Native Apps(5) News(18) OAuth(9) OAuth Scopes(1) OAuth2(13) Offline(20) Offline Apps(4) Offline Sync(5) Oracle(11) PKCE(2) Postgre SQL(1) PostgreSQL(2) PWA(2) QR codes(2) Rapid Application Development(5) Reading Pane(2) Release Notes(184) Reports(48) REST(29) RESTful(29) RESTful Workshop(15) RFID tags(1) SaaS(7) Security(81) SharePoint(12) SPA(6) SQL Anywhere(3) SQL Server(26) SSO(1) Stored Procedure(4) Teamwork(15) Tips and Tricks(87) Tools for Excel(2) Touch UI(93) Transactions(5) Tutorials(183) Universal Windows Platform(3) User Interface(338) Video Tutorial(37) Web 2.0(100) Web App Generator(101) Web Application Generator(607) Web Form Builder(40) Web.Config(9) Workflow(28)
Archive
Blog
Tuesday, March 6, 2012PrintSubscribe
User ID, User Name, and Portal ID in Business Rules

Traditional ASP.NET application can determine the identity of the user by inspecting Page.User.Identity property of the page or user control class implementation.

Code On Time applications separate the business logic implementation from the presentation. An application page defines a markup with data placeholders. Page components inject the JavaScript client library initialization instructions in the output when a page is rendered. The JavaScript code is executed by the web browser. Initialized JavaScript classes start communicating with the business rules attached to the application data controllers by executing JSON requests.

Developers can access the user identity by inspecting the Context property available in the  BusinessRules class.

Example:

namespace MyCompany.Rules
{
    public partial class SharedBusinessRules : 
MyCompany.Data.BusinessRules { public SharedBusinessRules() { string userName = Context.User.Identity.Name; } } }

User ID can be determined by inspecting the properties of classes System.Security.Principal.WindowsIdentity and System.Web.Security.Membership.

Class BusinessRules offers convenient shortcuts. Static properties UserId, UserName, and PortalId.

The following implementation of SharedBusinessRules shows the examples of accessing identity properties of the base business rules class in a DotNetNuke Factory project. The same example will work in any other project with the exception of the line inspecting the Portal ID.

C#:

using System;
using System.Data;
using System.Collections.Generic;
using System.Linq;
using MyCompany.DnnDemo.Data;

namespace MyCompany.DnnDemo.Rules
{
    public partial class SharedBusinessRules : 
        MyCompany.DnnDemo.Data.BusinessRules
    {
        
        public SharedBusinessRules()
        {
            object uid = UserId;
            string uname = UserName;
            int pid = PortalId;
        }
    }
}

Visual Basic:

Imports MyCompany.DnnTestVB.Data
Imports System
Imports System.Collections.Generic
Imports System.Data
Imports System.Linq

Namespace Rules
    
    Partial Public Class SharedBusinessRules
        Inherits MyCompany.DnnTestVB.Data.BusinessRules
        
        Public Sub New()
            Dim uid As Object = UserId
            Dim uname As String = UserName
            Dim pid As String = PortalId
        End Sub
    End Class
End Namespace

Use these properties to implement access control rules that will filter data in multi-tenant web applications.

For example, the following access control rule will be invoked whenever the UserID data field is detected in the view of any data controller.

C#:

using System;
using System.Data;
using System.Collections.Generic;
using System.Linq;
using MyCompany.DnnDemo.Data;

namespace MyCompany.DnnDemo.Rules
{
    public partial class SharedBusinessRules : 
        MyCompany.DnnDemo.Data.BusinessRules
    {
        [AccessControl("", "UserId", "[UserID] = @UserID")]
        public void FilterByUserUserID()
        {
            RestrictAccess("@UserID", UserId);
        }
    }
}

Visual Basic:

Imports MyCompany.DnnTestVB.Data
Imports System
Imports System.Collections.Generic
Imports System.Data
Imports System.Linq

Namespace Rules
    
    Partial Public Class SharedBusinessRules
        Inherits MyCompany.DnnTestVB.Data.BusinessRules

        <AccessControl("", "UserId", "[UserId]=@UserId")>
        Public Sub FilterByUserId()
            RestrictAccess("@UserId", UserId)
        End Sub
    End Class
End Namespace