protected override bool IsAuthorized(HttpActionContext context)
{
if (context == null)
{
throw new ArgumentException("HttpActionContext does not exist!");
}
Identity = GetWebApiIdentity(context);
if (Identity == null)
{
return(false);
}
return(Identity.Permissions.Contains(context.Request.Method == HttpMethod.Get ?
ReadPermission :
WritePermission));
}
static WebApiIdentityRepository()
{
FakeDataStore = new Dictionary <string, WebApiIdentity>();
FakeDataStore["readonly"] = new WebApiIdentity
{
Token = "readonly",
AppIds = new HashSet <int>(new[] { 1, 2, 3 }),
Permissions = new HashSet <Permission>(new[] { Permission.UsersRead, Permission.AppsRead })
};
FakeDataStore["writeonly"] = new WebApiIdentity
{
Token = "writeonly",
AppIds = new HashSet <int>(new[] { 1, 2, 3 }),
Permissions = new HashSet <Permission>(new[] { Permission.UsersWrite, Permission.AppsWrite })
};
FakeDataStore["admin"] = new WebApiIdentity
{
Token = "admin",
AppIds = new HashSet <int>(new[] { 1, 2, 3 }),
Permissions = new HashSet <Permission>(new[] { Permission.UsersWrite, Permission.UsersRead, Permission.AppsRead, Permission.AppsWrite })
};
}
