コード例 #1
0
ファイル: SecurityRules.cs プロジェクト: blyzer/Heep
        public virtual void Authorize(ApplicationResource resoruce, Permission permission, AuthenticationContext authContext)
        {
            var user = _repository.Db.Set <User>()
                       .Include(u => u.Roles.Select(r => r.Access))
                       .FirstOrDefault(u => u.UserName == authContext.UserName);

            if (user == null)
            {
                throw new AuthorizationExeption("Unauthorized Access");
            }

            var access = user.Roles.SelectMany(r => r.Access);

            if (access.All(a => a.Description != resoruce.ToString()))
            {
                throw new AuthorizationExeption("Unauthorized Access");
            }
        }