CSLA has validation build in their business object. Cool!
Authorization is also embed, a guy even created a mix security mode. It’s just the one we are looking for.
The thing I don’t like so far, authorization rules should not defined in BO, like this:
public static bool CanEditObject()
return Csla.ApplicationContext.User.IsInRole(“ProjectManager”) || Csla.ApplicationContext.User.IsInRole(“Webmasters”);
instead, it should be configurable outside of BO, either through db or xml.
I hope CSLA will change this in the future, otherwise we have to make our modification if we decide to go CSLA way.