Esempio n. 1
0
        private bool FilterByPolicies(OperationInspector inspector, ODataOperationMethodDescriptor action, Content content)
        {
            if (action.OperationInfo.Policies.Length == 0)
            {
                return(true);
            }

            //TODO:~ set HttpContext in OperationCallingContext
            var context = new OperationCallingContext(content, action.OperationInfo);

            switch (inspector.CheckPolicies(action.OperationInfo.Policies, context))
            {
            case OperationMethodVisibility.Invisible:
                return(false);

            case OperationMethodVisibility.Disabled:
                // according to the policy this action is visible to the user but cannot be executed
                action.Forbidden = true;
                break;

            case OperationMethodVisibility.Enabled:
                break;

            default:
                throw new ArgumentOutOfRangeException();
            }

            return(true);
        }
Esempio n. 2
0
        private bool FilterByPermissions(OperationInspector inspector, ODataOperationMethodDescriptor action, Content content)
        {
            action.Forbidden |= !IsPermitted(inspector, content, action.OperationInfo.Permissions);

            return(true);
        }