tags:

views:

141

answers:

1
+1  Q: 

MVVM/ViewModels and handling Authorization

Hey guys

Just wondering how how people handle Authorization when using MVVM and/or View Models.

If I wasn't using VM's I would be passing back the Model and it would have a property which I could check if a user can edit a given object/property but when using MVVM I am disconnecting myself from the business object... and thus doen't know what the security should be any more.

Is this a case where the mapper should be aware of the Authorization that is in place and don't copy across the data if the Authorization check fails. If this was the case I am guessing that the mapper would have to see some properties on the VM to let the interface know which fields are missing data because of the Authorization failure.

If this does occur within the mapper, how does this fit in with things like AutoMapper, etc.

Cheers Anthony

+1  A: 

The ViewModel can expose this property from the Model to your View. That's the purpose of the ViewModel in MVVM.

Instead of directly attaching to your Model (which is what you specified you'd do without MVVM), you can just expose this through your VM, and attach to the VM.

Reed Copsey  2010-02-14 22:23:30
So are you saying that my VM would internally store the BO and publicly expose an Authorization property which is actually just a proxy wrapper for an Authorization property on the BO?
vdh_ant  2010-02-14 22:37:06
Pretty much... It's frequent that VM's just expose Model properties for the View layer. That's a very common task of the VM layer.
Reed Copsey  2010-02-14 23:01:17
Do you know of any good resources that go into the patterns and practices in more depth in regards to VM's and MVVM?
vdh_ant  2010-02-15 05:02:53
You can read my series on the subject - It goes into this in quite a bit of depth, starting from standard events-based programming, and transitioning to MVVM and why it works: http://reedcopsey.com/2010/01/07/better-user-and-developer-experiences-from-windows-forms-to-wpf-with-mvvm/
Reed Copsey  2010-02-15 18:09:15

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?