Using an expression in 'properties' action

Visual Guard allows you to use an expression based on the Visual Guard expression language to dynamically change the state of objects in your application. The Visual Guard expression language supports logical and arithmetic operators, method invocation and allows to access to the context of the security action.

This expression can be added in the security action designer of 'Properties' actions. To do that, you have to click on the 'Add expression' menu in the last page of the wizard.

Visual Guard evaluates the expression at runtime for the current context of the security action. In this expression, you can use the following variables:

• #Permission:A VGIPermission object containing the permission for which the security action is executed. You can access to the value of a permission argument by using the syntax: #Permission['myarg'].
• #EventArgs: This variable references the arguments passed to the event that raises the security action. This variable is available only when the security action is raised for a specific event. The type of this variable depends of the type of the event handler used to handles the event. For example, when you create an action raised on the 'Validating' event of a textbox, the type of the  #EventArgs variable will be 'CancelEventArgs' since the type of the event is 'CancelEventHandler'.
• #UserId: A string value containing the Visual Guard repository Id of the user for which the action is executed.
• #UserName:  A string value containing the name of the user for which the action is executed.
• #Principal:  A VGIPrincipal object containing the principal for which the action is executed. You can use this variable to check whether the user is authenticated or not (#Principal.Identity.IsAuthenticated) or if the current user is member of a specific role (#Principal.IsInRole('administrator')).

The context of the expression corresponds to the target object on which the action is executed. The type of this context depends on the type of the target of the action. When you define an action for a Windows form, the type of the variable is 'System.Windows.Forms.Form'. When you define an action for a WebForm page, the type is 'System.Web.UI.Page'.

For example, when the action is executed on a Windows Form, the expression "myDataGridView.Columns[0].Visible = false" hides the first column of the datagridview 'myDataGridView'.

At runtime, the expression is evaluated when the action is executed. When the action is declared for a specific event, the expression will be evaluated when the event is raised. Visual Guard resolves the type of the object graph at runtime. if the expression is not valid at runtime because an object is null or a member does not exist, Visual Guard will throw an InvalidActionException exception.

The Visual Guard security action designer tries to check the expression at design time. It parses the expression and evaluates the type of the objects statically declared.

In some cases, Visual Guard cannot evaluate the right type of an object and generates warning. For example, the expression 'Controls['MyCheckBox'].Checked = true' will generate a warning indicating that 'Checked' is not a property of the 'System.Windows.Forms.Control' class since the 'Controls[]' property returns a 'System.Windows.Forms.Control' object.

If you are sure that the type of the object returned by 'Controls['MyCheckBox']' is a checkbox at runtime, you can ignore this warning or use the cast operator (e.g.: C(Controls['MyCheckBox'],T(System.Windows.Forms.Checkbox)).Checked = true)

The following expression will call the 'ChangeReadOnlyMode' method of  the target on the 'RowCreated' event of a GridView in an ASP.Net page.

#EventArgs.Row.FindControl('SalaryTextBox').Visible = false

The following expression sets the current form in read only mode by calling the SetReadOnly() method.

SetReadOnly()

Other Resources