General - Authentication/Authorization
SapphireDb has mechanisms to identity users and to control what the user is allowed to do.
Make sure to setup the server before trying to use this options: Server setup
- Without attributes: Authentication required
- Policies: A comma separated string of policy-names. All policies have to succeed. Check out Policies for more details
- Function name: You can optionally pass the name of a function in the class that has to return a boolean. The function will get executed to check if the user is allowed for the action.
Heredity: If you define AuthAttributes for a base class all sub classes will inherit this attributes until custom attributes of the same type are defined in the subclasses.
[ActionAuth]-attribute can be used on action handler classes or actions to control which user can do what.
You can also control the permissions for some actions using the server side configuration. Check out this section for more details: Server - Configuration