Project DescriptionThemis is a lightweight, extensible authorization system, providing a explicit and strong type way of defining and demanding permissions.
The main idea behind Themis is to allow a few dimensions of configuration, with no impact on your domain model (no interface to implement in your domain model). The configuration is code only (there is none xml file needed) and created with
strong typed lambda expressions, hence any refactoring touching your model should work also with authorizations.
Themis contains a version easily
integrating with NHibernate 3.0 allowing you to filtering queries results on the basis of authorizations. For more information visit my blog:
http://blog.scooletz.com/ or follow me at
http://twitter.com/ScooletzExampleWriting a role definition (for reading about how to create your own BaseRoleDefinition view documentation):
/// <summary>
/// The definition of authorization for <see cref="ManagerRole"/>
/// </summary>
public class ManagerRoleDefinition : BaseRoleDefinition<ManagerRole>
{
public ManagerRoleDefinition()
{
// all motions for unit managed by one with the specific manager role
View<RecruitmentMotion>((managerRole, recruitmentMotion) => recruitmentMotion.ForUnit.Id == managerRole.ManagedUnit.Id);
}
}
Creating the service instance for authorizations
// creating the service once, during the application startup
var service = Fluently.Configure()
.AddRoleDefinition(new ManagerRoleDefinition())
.AddRoleDefinition(new SupportingManagerRoleDefinition())
.BuildDemandService();
Using service, after providing a small, domain specific extension method
// somewhere in code
bool canView = _service.CanView(recruitmentMotion, roles);
Need more? Visit doc page
http://themis.codeplex.com/documentation