private async Task <SecurityPolicyResult> EvaluatePackagePoliciesInternalAsync(
            SecurityPolicyAction action,
            Package package,
            User sourceAccount,
            User targetAccount,
            HttpContextBase httpContext,
            IEnumerable <UserSecurityPolicy> policies = null,
            bool auditSuccess = true)
        {
            policies = policies ?? targetAccount.SecurityPolicies;

            var relevantHandlers = PackageHandlers.Where(h => h.Action == action).ToList();

            var packagePoliciesResult = SecurityPolicyResult.SuccessResult;

            foreach (var handler in relevantHandlers)
            {
                var foundPolicies = policies.Where(p => p.Name.Equals(handler.Name, StringComparison.OrdinalIgnoreCase)).ToList();

                if (foundPolicies.Any())
                {
                    var context = new PackageSecurityPolicyEvaluationContext(
                        _userService.Value,
                        _packageOwnershipManagementService.Value,
                        _telemetryService,
                        foundPolicies,
                        package,
                        sourceAccount,
                        targetAccount,
                        httpContext);

                    var result = await handler.EvaluateAsync(context);

                    if (auditSuccess || !result.Success)
                    {
                        await Auditing.SaveAuditRecordAsync(new UserSecurityPolicyAuditRecord(
                                                                context.TargetAccount.Username, GetAuditAction(action), foundPolicies, result.Success, result.ErrorMessage));
                    }

                    if (!result.Success)
                    {
                        Diagnostics.Information(
                            $"Security policy from subscription '{foundPolicies.First().Subscription}' - '{handler.Name}' failed with error '{result.ErrorMessage}'.");

                        return(result);
                    }

                    if (result.HasWarnings)
                    {
                        if (packagePoliciesResult == SecurityPolicyResult.SuccessResult)
                        {
                            packagePoliciesResult = result;
                        }
                        else
                        {
                            packagePoliciesResult.AddWarnings(result.WarningMessages);
                        }
                    }
                }
            }

            return(packagePoliciesResult);
        }