/// <summary>Checks whether this request has the specified rights.</summary> /// <param name="container">Container to check.</param> /// <param name="requiredRights">Required rights.</param> /// <exception cref="DataServiceException">Thrown if <paramref name="requiredRights"/> aren't available.</exception> internal static void CheckResourceRights(ResourceSetWrapper container, EntitySetRights requiredRights) { Debug.Assert(container != null, "container != null"); Debug.Assert(requiredRights != EntitySetRights.None, "requiredRights != EntitySetRights.None"); if ((requiredRights & container.Rights) == 0) { throw DataServiceException.CreateForbidden(); } }
/// <summary>Checks whether this request has the specified rights.</summary> /// <param name="operation">Operation to check.</param> /// <param name="requiredRights">Required rights.</param> /// <exception cref="DataServiceException">Thrown if <paramref name="requiredRights"/> aren't available.</exception> internal static void CheckServiceOperationRights(OperationWrapper operation, ServiceOperationRights requiredRights) { Debug.Assert(operation != null, "operation != null"); Debug.Assert(requiredRights != ServiceOperationRights.None, "requiredRights != EntitySetRights.None"); ServiceOperationRights effectiveRights = operation.ServiceOperationRights; if ((requiredRights & effectiveRights) == 0) { throw DataServiceException.CreateForbidden(); } }
/// <summary> /// Creates a segment for the given service action. /// </summary> /// <param name="previousSegment">The previous segment before the operation to be invoked.</param> /// <param name="serviceAction">The service action to create the segment for.</param> /// <returns>A fully populated PathSegment representing the service action</returns> private SegmentInfo CreateSegmentForServiceAction(SegmentInfo previousSegment, OperationWrapper serviceAction) { Debug.Assert(serviceAction != null && serviceAction.Kind == OperationKind.Action, "serviceAction != null && serviceAction.Kind == OperationKind.Action"); SegmentInfo segment = new SegmentInfo() { Identifier = serviceAction.Name, Operation = serviceAction }; WebUtil.DebugEnumIsDefined(serviceAction.ResultKind); Debug.Assert(segment.IsServiceActionSegment, "IsServiceActionSegment(segment)"); if (previousSegment != null && previousSegment.TargetKind == RequestTargetKind.Link) { throw DataServiceException.CreateBadRequestError(Strings.RequestUriProcessor_LinkSegmentMustBeFollowedByEntitySegment(serviceAction.Name, XmlConstants.UriLinkSegment)); } segment.TargetSource = RequestTargetSource.ServiceOperation; if (serviceAction.ResultKind != ServiceOperationResultKind.Void) { segment.TargetResourceSet = serviceAction.GetResultSet(this.providerWrapper, previousSegment == null ? null : previousSegment.TargetResourceSet); segment.TargetResourceType = serviceAction.ReturnType; segment.TargetKind = TargetKindFromType(segment.TargetResourceType); if (segment.TargetKind == RequestTargetKind.Resource && segment.TargetResourceSet == null) { // Service actions are either visible (ServiceActionRights.Invoke) or not (ServiceActionRight.None). The fact that // DataServiceActionProviderWrapper.TryResolveServiceAction() returns a non-null value means the action is visible. // If the result of the action is of entity type, we need to make sure the target set is visible or else the self // and edit links of the entities in the response payload would not be usable. Debug.Assert(serviceAction.IsVisible, "serviceAction.IsVisible"); throw DataServiceException.CreateForbidden(); } segment.SingleResult = serviceAction.ResultKind == ServiceOperationResultKind.DirectValue; Debug.Assert(serviceAction.ResultKind != ServiceOperationResultKind.QueryWithSingleResult, "QueryWithSingleResult is not applicable for Actions."); } else { segment.TargetResourceSet = null; segment.TargetResourceType = null; segment.TargetKind = RequestTargetKind.VoidOperation; } return(segment); }