protected override bool IsAuthorized(HttpActionContext actionContext)
{
bool globalResult = false;
// global
if (SkipGlobalPolicy == false)
{
if (actionContext.ControllerContext.Configuration.Properties.ContainsKey(PropertyName))
{
var authZmanager = actionContext.ControllerContext.Configuration.Properties[PropertyName] as IAuthorizationManager;
if (authZmanager != null)
{
globalResult = authZmanager.CheckAccess(actionContext);
if (globalResult == false)
{
return(false);
}
}
}
}
// local
EnsureAuthZManager(actionContext);
if (_authZ != null)
{
return(_authZ.CheckAccess(actionContext));
}
return(globalResult);
}