protected internal virtual List <string> DoGetRolesForUser(IPrincipal currentUser)
{
TraceUtility.WriteTrace(this.GetType(), "DoGetRolesForUser", TraceUtility.TraceType.Begin);
Exception roleCheckException = null;
List <string> userRoles = new List <string>();
Open.SPF.Utility.TraceUtility.WriteTrace(this.GetType(), "DoGetRolesForUser", "foreach(permissionRole)", String.Format("username: {0}, authenticationType: {1}", currentUser.Identity.Name, ((currentUser.Identity.IsAuthenticated) ? currentUser.Identity.AuthenticationType : "NOT AUTHENTICATED")), Open.SPF.Utility.TraceUtility.TraceType.Watch);
foreach (string permissionRole in _permissionRoles)
{
try
{
bool isUserInRole = currentUser.IsInRole(permissionRole);
TraceUtility.WriteTrace(this.GetType(), "DoGetRolesForUser", "currentUser.IsInRole()", String.Format("role: {0}, isInRole: {1}", permissionRole, isUserInRole.ToString().ToLower()), TraceUtility.TraceType.Watch);
if (isUserInRole)
{
userRoles.Add(permissionRole);
}
}
catch (Exception ex)
{
// This could fail and if it does, there's nothing we can do.
roleCheckException = ex;
}
}
if (roleCheckException != null)
{
EventLogUtility.LogWarningMessage(String.Format("There was an error reading the roles for the current user: {0}.\r\n\r\n{1}", currentUser.Identity.Name, EventLogUtility.FormatExceptionMessage(roleCheckException)));
}
TraceUtility.WriteTrace(this.GetType(), "DoGetRolesForUser", null, "from currentUser.IsInRole(permissionRole)", TraceUtility.TraceType.End);
return(userRoles);
}
void logUtility_OnLogError(object sender, LogErrorEventArgs e, DateTime currentDate)
{
EventLogUtility logUtility = new EventLogUtility();
LogEntry entry = new LogEntry();
entry.Category = LogCategory.Error;
entry.Message = e.LogErrorException.ToString();
logUtility.Write(entry);
}
protected internal override List <string> DoGetRolesForUser(IPrincipal currentUser)
{
TraceUtility.WriteTrace(this.GetType(), "DoGetRolesForUser", TraceUtility.TraceType.Begin);
List <string> userRoles = null;
try
{
string[] roleArray = Roles.GetRolesForUser();
userRoles = new List <string>(roleArray);
}
catch (Exception ex)
{
EventLogUtility.LogWarningMessage(String.Format("There was an error reading the roles for the current user: {0}.\r\n\r\n{1}", CurrentUser.Identity.Name, EventLogUtility.FormatExceptionMessage(ex)));
}
if (userRoles == null)
{
userRoles = base.DoGetRolesForUser(currentUser);
}
TraceUtility.WriteTrace(this.GetType(), "DoGetRolesForUser", null, "from Roles.GetRolesForUser()", TraceUtility.TraceType.End);
return(userRoles);
}
public bool DoAssertPermission(string permissionName)
{
bool isPermitted;
lock (_authorizationFlagLookup)
{
IPrincipal currentUser = CurrentUser;
Dictionary <string, bool> authorizationFlags;
if (_authorizationFlagLookup.ContainsKey(currentUser.Identity.Name))
{
authorizationFlags = _authorizationFlagLookup[currentUser.Identity.Name];
if (authorizationFlags.ContainsKey(permissionName))
{
return(authorizationFlags[permissionName]);
}
}
else
{
authorizationFlags = new Dictionary <string, bool>();
try
{
_authorizationFlagLookup.Add(currentUser.Identity.Name, authorizationFlags);
}
catch (System.ArgumentException argEx)
{
// Record the error, then rethrow it so that it is made obvious that an error occurred
EventLogUtility.LogException(argEx);
string itemsAlreadyInList = String.Join(", ", _authorizationFlagLookup.Keys.ToArray());
string detailMessage = String.Format("Here are details surrounding the previous error. Key attempted to be added: {0}. Items already in the list: {1}.", currentUser.Identity.Name, itemsAlreadyInList);
EventLogUtility.LogWarningMessage(detailMessage);
throw new ApplicationException("An error occurred while attempting to check permissions on a new user. A duplicate user name was found. The inner exception will have more details.", argEx);
}
}
// else need to check permission
List <string> userRoles = GetUserRoles(currentUser);
isPermitted = DoAssertPermission(permissionName, currentUser.Identity, userRoles, null, null);
// if permission existed, would have returned it around line 83. Therefore we need to add it now.
try
{
authorizationFlags.Add(permissionName, isPermitted);
}
catch (System.ArgumentException argEx)
{
// Record the error, then rethrow it so that it is made obvious that an error occurred
EventLogUtility.LogException(argEx);
string itemsAlreadyInList = String.Join(", ", authorizationFlags.Keys.ToArray());
string detailMessage = String.Format("Here are details surrounding the previous error. Key attempted to be added: {0}. Items already in the list: {1}.", permissionName, itemsAlreadyInList);
EventLogUtility.LogWarningMessage(detailMessage);
throw new ApplicationException("An error occurred while attempting to check a new permission on an existing user. A duplicate permission name was found. The inner exception will have more details.", argEx);
}
}
return(isPermitted);
}
