private void EnsureAuthorized(object securable) { var principal = Thread.CurrentPrincipal; if (!_authorizer.Allows(securable, principal)) { var msg = String.Format("Authorization failed, user {0}, transaction type: {1}", principal.Identity.Name, securable.GetType().FullName); throw new UnauthorizedAccessException(msg); } }
public bool Allows(Type securable, IPrincipal principal) { return(_authorizer.Allows(securable, principal)); }