How to secure LinQ ?

Estimated reading: 4 minutes 481 views

To secure Linq with Visual Guard you have to:

  • Add the assemblies of Visual Guard as references of your project.
  • Integrate Visual Guard in the code of your application.
  • Create a Visual Guard repository and declare your application by using the
    Visual Guard console. This repository will contain all security items (users,
    roles, permissions …) of your application.
  • Generate the Visual Guard configuration
    files by using the Visual Guard console. These configuration files will be
    needed to connect your application to the repository.
  • Grant read/write permissions to the repository.

Referencing Visual Guard assemblies

  • Opens the solution of your project in Visual Studio.
  • In the solution explorer, expands the project node.
  • Right-click the Project node for the project and select
    Add Reference
    from the shortcut menu.
  • In .Net tab, select the 3 assemblies
    1. Novalys.VisualGuard.Security
    2. Novalys.VisualGuard.Security.<RepositoryType> (Files, SQLServer or Oracle)
    3. Novalys.VisualGuard.Security.<ApplicationFrameworkType> (Depending on type of application’s framework, whether .NetFramework or .NetCore)

And, then click the Select button, and then click the OK button

Note Note
In the list of assemblies, Visual Studio can display different
versions of the Visual Guard assemblies. You must select the assembly
corresponding to the version of the framework used in your project.

Note Note
Once the Visual Guard assemblies are referenced into project, you need to mark “Copy Local” property to “true” for each assembly.

Note Note
You must add either Novalys.VisualGuard.Security.NetFramework or Novalys.VisualGuard.Security.Core (Depending on type of application’s framework)
  • Novalys.VisualGuard.Security contains the main Visual Guard classes.
  • Novalys.VisualGuard.Security.Files contains the classes needed to access
    to a file based repository.
  • Novalys.VisualGuard.Security.SQLServer contains the classes
    needed to access to a repository stored in a Microsoft SQLServer database
    (SQLServer 2005 or higher). Available only in Visual Guard Enterprise Edition
  • Novalys.VisualGuard.Security.Oracle
    contains the classes needed to access to a repository stored in an Oracle
    database (9i or higher). Available only in Visual Guard Enterprise Edition
  • Novalys.VisualGuard.Security.NetFramework contains all classes required to support .Net Framework applications.
    This assembly is needed only if you want to integrate Visual Guard in .net framework applications.
  • Novalys.VisualGuard.Security.Core contains all classes required to support .Net Core applications.
    This assembly is needed only if you want to integrate Visual Guard in .net core applications.

Secure a stored Procedure

  • Novalys.VisualGuard.SecurityVGSecurityManager
    provides the main access point for interacting with Visual Guard. It
    provides authentication and authorization features, it allows to set
    the security of the object of your application.
CREATE PROCEDURE selectProduct 
AS 
BEGIN 
        SELECT [ID]
                 ,[ProductCode]
                 ,[ProductName]
                 ,[CreateDate]
                 ,[PaysID] 
        FROM 
                [ProductDB].[dbo].[Product] 
END
class ClassProduct: VGISecurable 
{ 
        .... 
        public ClassProduct() 
        { 
                VGSecurityManager.SetSecurity(this); //Load the security 
        } 
}
[VGPrincipalPermission(SecurityAction.Demand, Name = "canReadProduct", Type = 
VGPermissionType.Permission)] //Secure the stored procedure 
public IEnumerable <Product> getProduct() 
{ 
         var result = dc.selectProduct(); 
         return result; 
}
private void loadProduct() 
{ 
         ClassProduct cProduct = new ClassProduct(); 
         try 
         { 
                  DataContext = cProduct.getProduct(); //Call the stored procedure 
         } 
         catch (Exception E) 
         { 
                  MessageBox.Show(E.Message); 
         } 
}

How to initialise a parameter of a stored procedure with a permission of a
user

CREATE PROCEDURE selectProductByCodePays 
( 
@codePays char(3) 
) 
AS 
BEGIN 
      SELECT 
            Prod.* 
         FROM 
            Product Prod, 
         Pays P 
         WHERE Prod.PaysID = P.ID 
         AND P.CodePays = @codePays 
END
string userPaysCode;
public string userPays
{
    get
    {
       return "";
    }
    set
    {
        ClassPays cPays = new ClassPays();
        var res = cPays.getPaysByName(value);
        userPaysCode = res.Single().CodePays;
    }
}
this.userPays=<#Permission['PaysCode']>
public IEnumerable <Product> getProductByCodePays()
{
    var result =  dc.selectProductByCodePays(userPaysCode);
    return result;
}

How to secure a linq querry

  1. Create a property to initialise it throw the permission,
  2. Create a permission with a Argument in Visual Guard console,
  3. Filter the linq querry with the parameter.
public int  userPaysID { get; set; }

public IEnumerable<Product> getProductByID()
{
    var result = from prod in dc.selectProduct() where prod.PaysID == userPaysID select prod;
    return result;
}