/// <summary>
/// If current role has been specified check that
/// user has this role in the specified context.
/// Authorities for specified role is replaced
/// with information from UserService for
/// security reasons.
/// </summary>
/// <exception cref="ArgumentException">Thrown if user does not have the specified role in this context.</exception>
private void CheckCurrentRole()
{
WebRole verifiedRole;
if (CurrentRole.IsNotNull())
{
// Don't trust client information. Verify role information
// and get authorities from UserService.
verifiedRole = null;
foreach (WebRole role in WebServiceData.UserManager.GetRoles(this))
{
if (role.Id == CurrentRole.Id)
{
verifiedRole = role;
break;
}
}
if (verifiedRole.IsNull())
{
// User does not have specified role.
throw new ArgumentException("User " + GetUser().UserName + " is not in role name:" + CurrentRole.Name + " id:" + CurrentRole.Id);
}
else
{
_currentRole = verifiedRole;
}
}
}
