/// <summary>
/// Gets the <see cref="AuthorizationRulesManager"/> for the
/// specified object type, optionally creating a new instance
/// of the object if necessary.
/// </summary>
/// <param name="objectType">
/// Type of business object for which the rules apply.
/// </param>
/// <param name="create">Indicates whether to create
/// a new instance of the object if one doesn't exist.</param>
internal static AuthorizationRulesManager GetManager(Type objectType, bool create)
{
AuthorizationRulesManager result = null;
if (!_managers.TryGetValue(objectType, out result) && create)
{
lock (_managers)
{
if (!_managers.TryGetValue(objectType, out result))
{
result = new AuthorizationRulesManager();
_managers.Add(objectType, result);
}
}
}
return(result);
}
/// <summary>
/// Returns <see langword="true" /> if the user is in a role
/// explicitly allowed read access.
/// </summary>
/// <param name="principal">A <see cref="System.Security.Principal.IPrincipal" />
/// representing the user.</param>
/// <returns><see langword="true" /> if the user is allowed read access.</returns>
/// <remarks></remarks>
public bool IsReadAllowed(IPrincipal principal)
{
return(AuthorizationRulesManager.PrincipalRoleInList(principal, ReadAllowed));
}
/// <summary>
/// Returns True if the user is in a role
/// explicitly denied execute access.
/// </summary>
/// <param name="principal">A System.Security.Principal.IPrincipal representing the user.</param>
/// <returns>True if the user is denied execute access.</returns>
/// <remarks></remarks>
public bool IsExecuteDenied(IPrincipal principal)
{
return(AuthorizationRulesManager.PrincipalRoleInList(principal, ExecuteDenied));
}