Creating rules

There are three different business rule types:
  • Authorization
  • Access
  • Validation
Authorization and Access rules specify a Role that they apply to. A role name may be a "*" (for everyone), a "?" (for any authenticated user) or may be specified explicitly (such as "Administrators"). Specifying that all roles should be denied by a particular rule type will require a corresponding allow rule for all roles that are exceptions and vice versa.
Authorization Rules:
There are three different types of Authorization rules:
  • Fetch
  • Insert
  • Update
  • Delete
An Authorization Rule specifies which of these actions are available to users in a particular role. An Authorization rule specifies whether this rule allows or denies this role from performing this action. A "*" may be used to denote any role and a "?" may be used to denote that a user can be in any role but must be authenticated for this rule to apply. The syntax of a Authorization rule is like so:

authorize (allow|deny) ("role") (create|retrieve|update|delete);
family Business 
{ 
     entity Simple 
     { 
          field auto id int Sid;
          field string Data;

          authorize allow * fetch;
          authorize allow ? insert;
          authorize deny "Guests" update;
          authorize allow "Administrators" delete;
     } 
}
Access Rules:
There are two different types of Access rules:
  • get
  • set
An Access Rule specifies if a user in a role is able to get or set data from a particular field of an Entity. The syntax of an Access Rule is like so:

access (allow|deny) ("role") (get|set) (field);
family Business 
{ 
     entity Simple 
     { 
          field auto id int Sid;
          field string Data;

          access deny * set Data;
          access allow ? set Data;
     } 
}
Validation Rules:
There are 6 types of built in validation rules:
  • Required
  • MaxLength
  • MinLength
  • MaxValue
  • MinValue
  • RegEx
A Validation Rule specifies certain information about a field that it must conform to in order for it to be valid. Some validation rules may require arguments. The syntax of a Validation rule is like so:

validate (field) (rulename) (args...);
using NBusiness.Data.Valiation;

family Business 
{ 
     entity Simple 
     { 
          field auto id int Sid;
          field string Data;

          validate Data regex "\d+";
     } 
}


It is also possible to create custom validation rules. To do this you must make a class that inherits from NBusiness.Data.ValidationRule (and possibly NBusiness.Data.ValidationRuleArgs). Then you must reference the assembly containing your custom rule from your entity project and add the correct using statement, for example:

using MyCustom.Validation;

family Example
{	
    entity Test
    {
        field id int tid;
        field string Value;
		
        validate Value custom "example";
    }
}


Next: Specifying Actions

Last edited Sep 5, 2007 at 2:33 AM by justinc, version 11

Comments

No comments yet.