/// <summary> /// This method will return all allowed permission for the given <paramref name="userToken"/> and given the <paramref name="entityToken"/>. /// </summary> /// <param name="userToken">UserToken to get permissions for.</param> /// <param name="entityToken">EntityToken to get permissions for.</param> /// <returns>Allowed permission types</returns> public static IEnumerable <PermissionType> GetPermissions(UserToken userToken, EntityToken entityToken) { IEnumerable <UserPermissionDefinition> userPermissionDefinitions = PermissionTypeFacade.GetUserPermissionDefinitions(userToken.Username); IEnumerable <UserGroupPermissionDefinition> userGroupPermissionDefinitions = PermissionTypeFacade.GetUserGroupPermissionDefinitions(userToken.Username); IEnumerable <PermissionType> permissions = PermissionTypeFacade.GetCurrentPermissionTypes(userToken, entityToken, userPermissionDefinitions, userGroupPermissionDefinitions).Evaluate(); return(permissions); }
/// <exclude /> public static SecurityResult Resolve(UserToken userToken, IEnumerable <PermissionType> requiredPermissions, EntityToken entityToken, IEnumerable <UserPermissionDefinition> userPermissionDefinitions, IEnumerable <UserGroupPermissionDefinition> userGroupPermissionDefinition) { if (userToken == null) { throw new ArgumentNullException("userToken"); } if (requiredPermissions == null) { throw new ArgumentNullException("requiredPermissions"); } if ((entityToken is NoSecurityEntityToken)) { return(SecurityResult.Allowed); } requiredPermissions = requiredPermissions.Evaluate(); if (!requiredPermissions.Any()) { return(SecurityResult.Allowed); } IEnumerable <PermissionType> currentPermissionTypes = PermissionTypeFacade.GetCurrentPermissionTypes(userToken, entityToken, userPermissionDefinitions, userGroupPermissionDefinition); if (!currentPermissionTypes.Any()) { return(SecurityResult.Disallowed); } // At least one of the permissions should be allowed foreach (PermissionType permissionType in currentPermissionTypes) { if (requiredPermissions.Contains(permissionType)) { return(SecurityResult.Allowed); } } return(SecurityResult.Disallowed); }