private List<OperationAllowedResult> GenerateAuthorizationResponse(JsonDocumentMetadata[] documents, string[] docIds, string operation, string userId) { var list = new List<OperationAllowedResult>(); for (var index = 0; index < documents.Length; index++) { var document = documents[index]; var docId = docIds[index]; if (document == null) { list.Add(new OperationAllowedResult { IsAllowed = false, Reasons = new List<string> { "Document " + docId + " does not exists" } }); continue; } var reasons = new List<string>(); var authorizationDecisions = new AuthorizationDecisions(Database); var isAllowed = authorizationDecisions.IsAllowed(userId, operation, docId, document.Metadata, reasons.Add); list.Add(new OperationAllowedResult { IsAllowed = isAllowed, Reasons = reasons }); } return list; }
private List <OperationAllowedResult> GenerateAuthorizationResponse(JsonDocumentMetadata[] documents, string[] docIds, string operation, string userId) { var list = new List <OperationAllowedResult>(); for (var index = 0; index < documents.Length; index++) { var document = documents[index]; var docId = docIds[index]; if (document == null) { list.Add(new OperationAllowedResult { IsAllowed = false, Reasons = new List <string> { "Document " + docId + " does not exists" } }); continue; } var reasons = new List <string>(); var authorizationDecisions = new AuthorizationDecisions(Database); var isAllowed = authorizationDecisions.IsAllowed(userId, operation, docId, document.Metadata, reasons.Add); list.Add(new OperationAllowedResult { IsAllowed = isAllowed, Reasons = reasons }); } return(list); }
public override void Respond(IHttpContext context) { var match = urlMatcher.Match(context.GetRequestUrl()); var userId = match.Groups[1].Value; var docIds = context.Request.QueryString.GetValues("id"); var operation = context.Request.QueryString["operation"]; var transactionInformation = GetRequestTransaction(context); if (docIds == null || string.IsNullOrEmpty(operation) || string.IsNullOrEmpty(userId)) { context.SetStatusToBadRequest(); return; } var list = new List <OperationAllowedResult>(); // we don't want security to take hold when we are trying to ask about security using (Database.DisableAllTriggersForCurrentThread()) { foreach (var docId in docIds) { var document = Database.GetDocumentMetadata(docId, transactionInformation); if (document == null) { list.Add(new OperationAllowedResult { IsAllowed = false, Reasons = new List <string> { "Document " + docId + " does not exists" } }); continue; } var reasons = new List <string>(); var authorizationDecisions = new AuthorizationDecisions(Database); var isAllowed = authorizationDecisions.IsAllowed(userId, operation, docId, document.Metadata, reasons.Add); list.Add(new OperationAllowedResult { IsAllowed = isAllowed, Reasons = reasons }); } } context.WriteJson(list); }
public override void Respond(IHttpContext context) { var match = urlMatcher.Match(context.GetRequestUrl()); var userId = match.Groups[1].Value; var docIds = context.Request.QueryString.GetValues("id"); var operation = context.Request.QueryString["operation"]; var transactionInformation = GetRequestTransaction(context); if (docIds == null || string.IsNullOrEmpty(operation) || string.IsNullOrEmpty(userId)) { context.SetStatusToBadRequest(); return; } var list = new List<OperationAllowedResult>(); // we don't want security to take hold when we are trying to ask about security using (Database.DisableAllTriggersForCurrentThread()) { foreach (var docId in docIds) { var document = Database.GetDocumentMetadata(docId, transactionInformation); if (document == null) { list.Add(new OperationAllowedResult { IsAllowed = false, Reasons = new List<string> { "Document " + docId + " does not exists" } }); continue; } var reasons = new List<string>(); var authorizationDecisions = new AuthorizationDecisions(Database); var isAllowed = authorizationDecisions.IsAllowed(userId, operation, docId, document.Metadata, reasons.Add); list.Add(new OperationAllowedResult{ IsAllowed = isAllowed, Reasons = reasons }); } } context.WriteJson(list); }
public CanHandleAuthQuestions() { authorizationDecisions = new AuthorizationDecisions(server.Database); }
public override void Initialize() { AuthorizationDecisions = new AuthorizationDecisions(Database); }
public override void Initialize() { AuthorizationDecisions = new AuthorizationDecisions(Database); }
public CanHandleAuthQuestions() { authorizationDecisions = new AuthorizationDecisions(server.Database); }
public CanHandleAuthQuestions() { authorizationDecisions = new AuthorizationDecisions(server.Database, HttpRuntime.Cache); }
public override void Initialize() { AuthorizationDecisions = new AuthorizationDecisions(Database, HttpRuntime.Cache); }
public CanHandleAuthQuestions() { authorizationDecisions = new AuthorizationDecisions(server.Database, HttpRuntime.Cache); }
public override void Initialize() { AuthorizationDecisions = new AuthorizationDecisions(Database, HttpRuntime.Cache); }