/// <summary>
/// Check wither the user has access to the specified entity.
/// </summary>
/// <param name="entities">
/// The entities to check for. This cannot be null.
/// </param>
/// <param name="permissions">
/// The permissions to check for. This cannot be null.
/// </param>
/// <exception cref="ArgumentException">
/// <paramref name="permissions"/> cannot contain null.
/// </exception>
/// <returns>
/// True if the current user has all the specified permissions to the specified
/// entity, false otherwise.
/// </returns>
/// <exception cref="ArgumentNullException">
/// No argument can be null.
/// </exception>
/// <exception cref="InvalidOperationException">
/// <see cref="RequestContext"/> must be set.
/// </exception>
public IDictionary <long, bool> Check(IList <EntityRef> entities, IList <EntityRef> permissions)
{
if (entities == null)
{
throw new ArgumentNullException("entities");
}
if (entities.Contains(null))
{
throw new ArgumentException("Cannot check access for null entities", "entities");
}
if (permissions == null)
{
throw new ArgumentNullException("permissions");
}
if (permissions.Contains(null))
{
throw new ArgumentException(@"Cannot contain null", "permissions");
}
if (!RequestContext.IsSet)
{
throw new InvalidOperationException("RequestContext not set");
}
if (entities.Count == 0)
{
return(new Dictionary <long, bool>());
}
if (SkipCheck( ))
{
return(entities.ToDictionarySafe(x => x.Id, x => true));
}
// Only process the most specific permission
IList <EntityRef> permissionsOptimised = permissions;
if (permissions.Count > 1)
{
long mostSpecificPermission = Permissions.MostSpecificPermission(permissions.Select(perm => perm.Id));
permissionsOptimised = new List <EntityRef> {
new EntityRef(mostSpecificPermission)
};
}
IDictionary <long, bool> result;
using (MessageContext messageContext = new MessageContext(MessageName, GetBehavior(entities.Select(e => e.Id))))
{
if (!AccessControl.EntityAccessControlChecker.SkipCheck(new EntityRef(RequestContext.GetContext().Identity.Id)))
{
WriteHeaderMessage(entities, permissionsOptimised, messageContext);
result = EntityAccessControlChecker.CheckAccess(entities, permissionsOptimised, RequestContext.GetContext().Identity.Id);
WriteFooterMessage(result, messageContext);
if (ShouldWriteSecurityTraceMessage(result))
{
WriteSecurityTraceMessage(messageContext);
}
}
else
{
result = entities.ToDictionary(e => e.Id, e => true);
}
}
return(result);
}