using DevExpress.ExpressApp; using DevExpress.Data.Filtering; using DevExpress.Persistent.Base; using DevExpress.ExpressApp.Updating; using DevExpress.ExpressApp.Security; using DevExpress.ExpressApp.SystemModule; using DevExpress.ExpressApp.Security.Strategy; using DevExpress.Xpo; using DevExpress.ExpressApp.Xpo; using DevExpress.Persistent.BaseImpl; using DevExpress.Persistent.BaseImpl.PermissionPolicy; using DurnyklyYol.Module.BusinessObjects; using Microsoft.Extensions.DependencyInjection; namespace DurnyklyYol.Module.DatabaseUpdate; // For more typical usage scenarios, be sure to check out https://docs.devexpress.com/eXpressAppFramework/DevExpress.ExpressApp.Updating.ModuleUpdater public class Updater : ModuleUpdater { public Updater(IObjectSpace objectSpace, Version currentDBVersion) : base(objectSpace, currentDBVersion) { } public override void UpdateDatabaseAfterUpdateSchema() { base.UpdateDatabaseAfterUpdateSchema(); //string name = "MyName"; //DomainObject1 theObject = ObjectSpace.FirstOrDefault(u => u.Name == name); //if(theObject == null) { // theObject = ObjectSpace.CreateObject(); // theObject.Name = name; //} // The code below creates users and roles for testing purposes only. // In production code, you can create users and assign roles to them automatically, as described in the following help topic: // https://docs.devexpress.com/eXpressAppFramework/119064/data-security-and-safety/security-system/authentication #if !RELEASE // If a role doesn't exist in the database, create this role var defaultRole = CreateClientRole(); var adminRole = CreateAdminRole(); ObjectSpace.CommitChanges(); //This line persists created object(s). UserManager userManager = ObjectSpace.ServiceProvider.GetRequiredService(); // If a user named 'User' doesn't exist in the database, create this user if(userManager.FindUserByName(ObjectSpace, "User") == null) { // Set a password if the standard authentication type is used string EmptyPassword = ""; _ = userManager.CreateUser(ObjectSpace, "User", EmptyPassword, (user) => { // Add the Users role to the user user.Roles.Add(defaultRole); }); } // If a user named 'Admin' doesn't exist in the database, create this user if(userManager.FindUserByName(ObjectSpace, "Admin") == null) { // Set a password if the standard authentication type is used string EmptyPassword = ""; _ = userManager.CreateUser(ObjectSpace, "Admin", EmptyPassword, (user) => { // Add the Administrators role to the user user.Roles.Add(adminRole); }); } ObjectSpace.CommitChanges(); //This line persists created object(s). #endif } public override void UpdateDatabaseBeforeUpdateSchema() { base.UpdateDatabaseBeforeUpdateSchema(); //if(CurrentDBVersion < new Version("1.1.0.0") && CurrentDBVersion > new Version("0.0.0.0")) { // RenameColumn("DomainObject1Table", "OldColumnName", "NewColumnName"); //} } private PermissionPolicyRole CreateAdminRole() { PermissionPolicyRole adminRole = ObjectSpace.FirstOrDefault(r => r.Name == GlobalConstants.AdminRoleName); if(adminRole == null) { adminRole = ObjectSpace.CreateObject(); adminRole.Name = GlobalConstants.AdminRoleName; adminRole.IsAdministrative = true; } return adminRole; } private PermissionPolicyRole CreateClientRole() { PermissionPolicyRole clRole = ObjectSpace.FirstOrDefault(role => role.Name == GlobalConstants.ClientRoleName); if(clRole == null) { clRole = ObjectSpace.CreateObject(); clRole.Name = GlobalConstants.ClientRoleName; clRole.AddObjectPermissionFromLambda(SecurityOperations.Read, cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow); clRole.AddObjectPermissionFromLambda(SecurityOperations.ReadWriteAccess, cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow); clRole.AddObjectPermissionFromLambda(SecurityOperations.Read, cm => cm.Client.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow); clRole.AddObjectPermissionFromLambda(SecurityOperations.Read, cm => cm.Client.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow); clRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow); clRole.AddNavigationPermission(@"Application/NavigationItems/Items/Clients & Goods/Items/Goods", SecurityPermissionState.Allow); clRole.AddMemberPermissionFromLambda(SecurityOperations.Write, "ChangePasswordOnFirstLogon", cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow); clRole.AddMemberPermissionFromLambda(SecurityOperations.Write, "StoredPassword", cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow); clRole.AddTypePermissionsRecursively(SecurityOperations.Read, SecurityPermissionState.Allow); clRole.AddTypePermission(SecurityOperations.Read, SecurityPermissionState.Allow); clRole.AddTypePermission(SecurityOperations.Read, SecurityPermissionState.Allow); clRole.AddTypePermission(SecurityOperations.Read, SecurityPermissionState.Allow); clRole.AddTypePermission(SecurityOperations.Read, SecurityPermissionState.Allow); clRole.AddTypePermission(SecurityOperations.Read, SecurityPermissionState.Allow); clRole.AddTypePermission(SecurityOperations.Read, SecurityPermissionState.Allow); clRole.AddTypePermission(SecurityOperations.Read, SecurityPermissionState.Allow); clRole.AddTypePermission(SecurityOperations.Read, SecurityPermissionState.Allow); clRole.AddTypePermission(SecurityOperations.Read, SecurityPermissionState.Allow); clRole.AddTypePermission(SecurityOperations.Create, SecurityPermissionState.Allow); //clRole.AddObjectPermission(SecurityOperations.ReadWriteAccess, "UserId = ToStr(CurrentUserId())", SecurityPermissionState.Deny); //clRole.AddObjectPermission(SecurityOperations.ReadWriteAccess, "Owner.UserId = ToStr(CurrentUserId())", SecurityPermissionState.Deny); //clRole.AddTypePermissionsRecursively(SecurityOperations.Create, SecurityPermissionState.Allow); // clRole.AddTypePermissionsRecursively(SecurityOperations.Create, SecurityPermissionState.Allow); } return clRole; } }