public Entitlement GetEntitlement(HttpContext _, IScopedIdentity identity) { var groups = mProvider.GetMembership(identity.Identity); var mask = GetMask(groups); return(new Entitlement { Mask = mask, Groups = groups.Where(e => !roles.Roles.Contains(e)) }); }
/// <summary> /// Starts the session for user (entity) defined by the unique identity. /// </summary> /// <param name="userId">The user identifier.</param> /// <returns></returns> /// <exception cref="InvalidOperationException">Unknown membership for creating token (userId:{userId})</exception> public IToken <TIdentity> StartSession(TIdentity userId) { // lookup the current users membership var currentUserMembership = _membershipProvider.GetMembership(userId); if (currentUserMembership == null) { throw new InvalidOperationException($"Unknown membership for creating token (userId:{userId})"); } var session = new SessionPermissions <TIdentity>(currentUserMembership, _membershipProvider, _aclProvider); return(new Token <TIdentity>(userId, session)); }
/// <summary> /// Gets available permissions for current user and checked object. /// </summary> /// <param name="trusteesMembership">The trustees membership.</param> /// <param name="protectedObject">The checked object.</param> /// <returns> /// An enumeration of all allowed permissions for user and object combination. /// </returns> public Right GetPermissions( IObjectIdentity <TIdentity>[][] trusteesMembership, TIdentity protectedObject) { return(GetPermissions(trusteesMembership, protectedObject, _membershipProvider.GetMembership(protectedObject))); }