private async Task <SecurityPolicyResult> EvaluatePackagePoliciesInternalAsync(
SecurityPolicyAction action,
Package package,
User sourceAccount,
User targetAccount,
HttpContextBase httpContext,
IEnumerable <UserSecurityPolicy> policies = null,
bool auditSuccess = true)
{
policies = policies ?? targetAccount.SecurityPolicies;
var relevantHandlers = PackageHandlers.Where(h => h.Action == action).ToList();
var packagePoliciesResult = SecurityPolicyResult.SuccessResult;
foreach (var handler in relevantHandlers)
{
var foundPolicies = policies.Where(p => p.Name.Equals(handler.Name, StringComparison.OrdinalIgnoreCase)).ToList();
if (foundPolicies.Any())
{
var context = new PackageSecurityPolicyEvaluationContext(
_userService.Value,
_packageOwnershipManagementService.Value,
_telemetryService,
foundPolicies,
package,
sourceAccount,
targetAccount,
httpContext);
var result = await handler.EvaluateAsync(context);
if (auditSuccess || !result.Success)
{
await Auditing.SaveAuditRecordAsync(new UserSecurityPolicyAuditRecord(
context.TargetAccount.Username, GetAuditAction(action), foundPolicies, result.Success, result.ErrorMessage));
}
if (!result.Success)
{
Diagnostics.Information(
$"Security policy from subscription '{foundPolicies.First().Subscription}' - '{handler.Name}' failed with error '{result.ErrorMessage}'.");
return(result);
}
if (result.HasWarnings)
{
if (packagePoliciesResult == SecurityPolicyResult.SuccessResult)
{
packagePoliciesResult = result;
}
else
{
packagePoliciesResult.AddWarnings(result.WarningMessages);
}
}
}
}
return(packagePoliciesResult);
}
