/// <summary>
/// Checks whether the current user is authorised to update the provided entity.
/// </summary>
/// <param name="entity">The entity to be updated.</param>
/// <returns>A value indicating whether the current user is authorised to update the provided entity.</returns>
public override bool IsAuthorised(IEntity entity)
{
if (entity == null)
{
throw new ArgumentNullException("entity");
}
User user = (User)entity;
bool isAuthenticated = AuthenticationState.IsAuthenticated;
if (isAuthenticated && AuthenticationState.User != null)
{
bool isAdministrator = AuthenticationState.UserIsInRole("Administrator");
bool isSelf = (user.ID.Equals(AuthenticationState.User.ID));
return(isAdministrator || // Administrators
isSelf); // Editing own account
}
else
{
return(false);
}
}
public override bool IsAuthorised(IEntity entity)
{
if (entity == null)
{
throw new ArgumentNullException("entity");
}
return(AuthenticationState.UserIsInRole("Administrator"));
}
/// <summary>
/// Checks whether the current user is authorised to delete the provided entity.
/// </summary>
/// <param name="shortTypeName">The type of entity being deleted.</param>
/// <returns>A value indicating whether the current user is authorised to delete the provided entity.</returns>
public override bool IsAuthorised(IEntity entity)
{
if (!RequireAuthorisation)
{
return(true);
}
return(AuthenticationState.UserIsInRole("Administrator"));
}
/// <summary>
/// Checks whether the current user is authorised to delete an entity of the specified type.
/// </summary>
/// <param name="shortTypeName">The type of entity being deleted.</param>
/// <returns>A value indicating whether the current user is authorised to delete an entity of the specified type.</returns>
public override bool IsAuthorised(string shortTypeName)
{
if (!RequireAuthorisation)
{
return(true);
}
return(AuthenticationState.UserIsInRole("Administrator"));
}
/// <summary>
/// Checks whether the current user is authorised to save an entity of the specified type.
/// </summary>
/// <param name="shortTypeName">The type of entity being saved.</param>
/// <returns>A value indicating whether the current user is authorised to save an entity of the specified type.</returns>
public override bool IsAuthorised(string shortTypeName)
{
bool isAuthenticated = AuthenticationState.IsAuthenticated;
bool isAdministrator = AuthenticationState.UserIsInRole("Administrator");
bool allowRegistration = Configuration.Config.Application.Settings.GetBool("EnableUserRegistration");
return((isAuthenticated && isAdministrator) || // Administrators
(allowRegistration && !isAuthenticated)); // New users registering
}
/// <summary>
/// Checks whether the current user is authorised to save an entity of the specified type.
/// </summary>
/// <param name="shortTypeName">The type of entity being saved.</param>
/// <returns>A value indicating whether the current user is authorised to save an entity of the specified type.</returns>
public override bool IsAuthorised(string shortTypeName)
{
bool isAuthorised = false;
using (LogGroup logGroup = LogGroup.StartDebug("Authorising the save of the '" + shortTypeName + "' type."))
{
if (AuthenticationState.IsAuthenticated &&
AuthenticationState.UserIsInRole("Administrator"))
{
isAuthorised = true;
}
LogWriter.Debug("Is authorised: " + isAuthorised.ToString());
}
return(isAuthorised);
}
/// <summary>
/// Checks whether the current user is authorised to delete the provided entity.
/// </summary>
/// <param name="entity">The entity to be deleted.</param>
/// <returns>A value indicating whether the current user is authorised to delete the provided entity.</returns>
public override bool IsAuthorised(IEntity entity)
{
if (entity == null)
{
throw new ArgumentNullException("entity");
}
User user = (User)entity;
bool isAuthenticated = AuthenticationState.IsAuthenticated;
bool isAdministrator = AuthenticationState.UserIsInRole("Administrator");
bool isSelf = (AuthenticationState.User != null && user.ID.Equals(AuthenticationState.User.ID));
return(isAuthenticated && // Is authenticated
(isAdministrator || // Is administrator
isSelf)); // Deleting own account
}
public override bool IsAuthorised(SoftwareMonkeys.SiteStarter.Entities.IEntity entity)
{
IAuthored authoredEntity = (IAuthored)entity;
// If the user is an administrator they are authorised
if (AuthenticationState.UserIsInRole("Administrator"))
{
return(true);
}
// If the current user is the author
if (UserIsAuthor((IAuthored)entity))
{
return(true);
}
else
{
// otherwise NOT authorised
return(false);
}
}
/// <summary>
/// Checks whether the current user is authorised to update an entity of the specified type.
/// </summary>
/// <param name="shortTypeName">The type of entity being updated.</param>
/// <returns>A value indicating whether the current user is authorised to update an entity of the specified type.</returns>
public override bool IsAuthorised(string shortTypeName)
{
bool isAuthorised = false;
using (LogGroup logGroup = LogGroup.Start("Checking whether current user is authorised to update entities of type '" + shortTypeName + "'.", NLog.LogLevel.Debug))
{
if (!RequireAuthorisation)
{
isAuthorised = true;
}
else
{
if (AuthenticationState.IsAuthenticated &&
AuthenticationState.UserIsInRole("Administrator"))
{
isAuthorised = true;
}
}
LogWriter.Debug("Is authorised: " + isAuthorised);
}
return(isAuthorised);
}
/// <summary>
/// Checks whether the current user is authorised to create the provided entity.
/// </summary>
/// <param name="entity">The entity to be created.</param>
/// <returns>A value indicating whether the current user is authorised to create the provided entity.</returns>
public override bool IsAuthorised(IEntity entity)
{
if (entity == null)
{
throw new ArgumentNullException("entity");
}
if (!RequireAuthorisation)
{
return(true);
}
if (!AuthenticationState.IsAuthenticated)
{
return(false);
}
if (!AuthenticationState.UserIsInRole("Administrator"))
{
return(false);
}
return(true);
}
public override bool IsAuthorised(string shortTypeName)
{
return(AuthenticationState.IsAuthenticated &&
AuthenticationState.UserIsInRole("Administrator"));
}
public override bool IsAuthorised(IEntity entity)
{
return(AuthenticationState.UserIsInRole("Administrator"));
}
