public Entitlement GetEntitlement(HttpContext _, IScopedIdentity identity)
{
var groups = mProvider.GetMembership(identity.Identity);
var mask = GetMask(groups);
return(new Entitlement
{
Mask = mask,
Groups = groups.Where(e => !roles.Roles.Contains(e))
});
}
/// <summary>
/// Starts the session for user (entity) defined by the unique identity.
/// </summary>
/// <param name="userId">The user identifier.</param>
/// <returns></returns>
/// <exception cref="InvalidOperationException">Unknown membership for creating token (userId:{userId})</exception>
public IToken <TIdentity> StartSession(TIdentity userId)
{
// lookup the current users membership
var currentUserMembership = _membershipProvider.GetMembership(userId);
if (currentUserMembership == null)
{
throw new InvalidOperationException($"Unknown membership for creating token (userId:{userId})");
}
var session = new SessionPermissions <TIdentity>(currentUserMembership, _membershipProvider, _aclProvider);
return(new Token <TIdentity>(userId, session));
}
/// <summary>
/// Gets available permissions for current user and checked object.
/// </summary>
/// <param name="trusteesMembership">The trustees membership.</param>
/// <param name="protectedObject">The checked object.</param>
/// <returns>
/// An enumeration of all allowed permissions for user and object combination.
/// </returns>
public Right GetPermissions(
IObjectIdentity <TIdentity>[][] trusteesMembership,
TIdentity protectedObject)
{
return(GetPermissions(trusteesMembership, protectedObject, _membershipProvider.GetMembership(protectedObject)));
}