Example #1
0
        /// <summary>
        /// Associates a per-type authorization rule with
        /// the business type.
        /// </summary>
        /// <param name="objectType">Type of business object.</param>
        /// <param name="rule">Rule object.</param>
        /// <param name="ruleSet">Rule set name.</param>
        public static void AddRule(Type objectType, IAuthorizationRule rule, string ruleSet)
        {
            var typeRules = AuthorizationRuleManager.GetRulesForType(objectType, ruleSet);

            EnsureUniqueRule(typeRules, rule);
            typeRules.Rules.Add(rule);
        }
Example #2
0
        private static bool HasPermission(AuthorizationActions action, object obj, Type objType, string ruleSet)
        {
            if (action == AuthorizationActions.ReadProperty ||
                action == AuthorizationActions.WriteProperty ||
                action == AuthorizationActions.ExecuteMethod)
            {
                throw new ArgumentOutOfRangeException("action");
            }

            bool result = true;
            var  rule   =
                AuthorizationRuleManager.GetRulesForType(objType, ruleSet).Rules.FirstOrDefault(c => c.Element == null && c.Action == action);

            if (rule != null)
            {
                var context = new AuthorizationContext {
                    Rule = rule, Target = obj, TargetType = objType
                };
                rule.Execute(context);
                result = context.HasPermission;
            }
            return(result);
        }