/// <summary>
/// Authorize permission
/// </summary>
/// <param name="permission">Permission record</param>
/// <param name="user">User</param>
/// <returns>true - authorized; otherwise, false</returns>
public virtual bool Authorize(PermissionRecord permission, User user)
{
if (permission == null)
return false;
if (user == null)
return false;
var userRoles = user.UserRoles.Where(ur => ur.Active);
foreach (var role in userRoles)
foreach (var userPermission in role.PermissionRecords)
if (userPermission.SystemName.Equals(permission.SystemName, StringComparison.InvariantCultureIgnoreCase))
return true;
return false;
}
/// <summary>
/// Delete a permission
/// </summary>
/// <param name="permission">Permission</param>
public virtual void DeletePermissionRecord(PermissionRecord permission)
{
if (permission == null)
throw new ArgumentNullException("permission");
_permissionRecordRepository.Delete(permission);
}
/// <summary>
/// Authorize permission
/// </summary>
/// <param name="permission">Permission record</param>
/// <returns>true - authorized; otherwise, false</returns>
public virtual bool Authorize(PermissionRecord permission)
{
return Authorize(permission, _workContext.CurrentUser);
}
