Ayende @ Rahien

Hi!
My name is Oren Eini
Founder of Hibernating Rhinos LTD and RavenDB.
You can reach me by phone or email:

ayende@ayende.com

+972 52-548-6969

, @ Q c

Posts: 5,953 | Comments: 44,410

filter by tags archive

Comments

Ayende Rahien

That is my liberal sense of the English language, I meant Juxtapose.

No idea how I got the spelling like that, though.

Fixed, thanks.

Richard Hein

You don't want to return orders beyond the scope of the aggregate boundary root, for security reasons ... so passing a reference to the name of the view, "Order.View", a predicate and a delegate, I'm guessing SecureFindAll loads the Order.View component with all the Orders for the CurrentUser, the delegate being passed internally to some repository via a query. The predicate and delegate are the select and where conditions of the query, I guess you're using ActiveRecord or NHiberate, I am not sure. Since you are handling all the query and retrieval of the data in the SecureFindAll method then it is part of a controller that manages the view. You need to pass the name of the view because you have to tell SecureFindAll what the view variations are for authorized versus unauthorized users.

So you probably want to do something like this code:

[Layout("default")]

public class OrdersController : ARSmartDispatcherController {

public void ListOrders(bool isAjax) {

    PropertyBag["orders"] = (IList)Order.SecureFindAll("Order.View",

                   Where.Order.Customer.User == CurrentUser, 

                   delegate(Order order) { return order.Customer });

}

Ayende Rahien

Richard, very good explanation, but what is the reference to the view?

Comment preview

Comments have been closed on this topic.

FUTURE POSTS

No future posts left, oh my!

RECENT SERIES

  1. The RavenDB Comic Strip (3):
    28 May 2015 - Part III – High availability & sleeping soundly
  2. Special Offer (2):
    27 May 2015 - 29% discount for all our products
  3. RavenDB Sharding (3):
    22 May 2015 - Adding a new shard to an existing cluster, splitting the shard
  4. Challenge (45):
    28 Apr 2015 - What is the meaning of this change?
  5. Interview question (2):
    30 Mar 2015 - fix the index
View all series

Syndication

Main feed Feed Stats
Comments feed   Comments Feed Stats