public TOutput Find <TOutput>(
ISerialization <TOutput> output,
IServiceLocator locator,
IPermissionManager permissions,
string uri)
{
var repository = locator.Resolve <IRepository <TDomainObject> >();
var data = repository.Find(new[] { uri });
var filtered = permissions.ApplyFilters(data).FirstOrDefault();
return(filtered != null?output.Serialize(filtered) : default(TOutput));
}
public Stream Find(string uri)
{
if (!Permissions.CanAccess(typeof(T)))
{
return(Explain("You don't have permission to access: " + typeof(T)));
}
var aggs = Cache.Find(new[] { uri });
var filtered = Permissions.ApplyFilters(aggs);
if (filtered.Length == 1)
{
ThreadContext.Response.StatusCode = HttpStatusCode.OK;
var cms = ChunkedMemoryStream.Create();
var ct = Serialization.Serialize(filtered[0], ThreadContext.Request.Accept, cms);
ThreadContext.Response.ContentType = ct;
ThreadContext.Response.ContentLength = cms.Position;
cms.Position = 0;
return(cms);
}
ThreadContext.Response.StatusCode = HttpStatusCode.NotFound;
return(Explain("Can't find " + typeof(T).FullName + " with Uri: " + uri));
}
public FindResult <TOutput> Find <TOutput>(
ISerialization <TOutput> output,
IServiceLocator locator,
IPermissionManager permissions,
string[] uris)
{
var repository = locator.Resolve <IRepository <TResult> >();
var found = repository.Find(uris);
var filtered = permissions.ApplyFilters(found);
return(new FindResult <TOutput> {
Result = output.Serialize(filtered), Count = filtered.Length
});
}
public TOutput Find <TOutput>(
ISerialization <TOutput> output,
IServiceProvider locator,
IPermissionManager permissions,
IPrincipal principal,
string uri)
{
var repository = locator.Resolve <IRepository <TDomainObject> >();
var data = repository.Find(new[] { uri });
var filtered = permissions.ApplyFilters(principal, data);
if (filtered.Length == 1)
{
return(output.Serialize(filtered[0]));
}
return(default(TOutput));
}
public SearchResult <TOutput> FindAndSerialize <TInput, TOutput>(
ISerialization <TInput> input,
ISerialization <TOutput> output,
IDomainModel domainModel,
IServiceLocator locator,
IPermissionManager permissions,
TInput data,
int?offset,
int?limit,
IDictionary <string, bool> order)
{
var result = FindBy(input, domainModel, locator, data, offset, limit, order);
var filtered = permissions.ApplyFilters(result);
return(new SearchResult <TOutput> {
Result = output.Serialize(filtered), Count = filtered.Length
});
}
public FindResult <TOutput> Find <TOutput>(
ISerialization <TOutput> output,
IServiceProvider locator,
IPermissionManager permissions,
IPrincipal principal,
string[] uris,
bool matchOrder)
{
var repository = locator.Resolve <IRepository <TResult> >();
var found = repository.Find(uris);
var filtered = permissions.ApplyFilters(principal, found);
if (matchOrder && uris.Length > 1)
{
Array.Sort(filtered, new UriComparer(uris));
}
return(new FindResult <TOutput> {
Result = output.Serialize(filtered), Count = filtered.Length
});
}
/// <summary>
/// Filter data based on user principal bound to current Thread.
/// This will apply various permissions registered for this user and for data of type T
/// If interface is provided, permissions must be defined explicitly for that interface.
/// </summary>
/// <typeparam name="T">object type</typeparam>
/// <param name="manager">permission service</param>
/// <param name="data">data to filter</param>
/// <returns>filtered data based on permission rules</returns>
public static T[] ApplyFilters <T>(this IPermissionManager manager, T[] data)
{
Contract.Requires(manager != null);
return(manager.ApplyFilters(Thread.CurrentPrincipal, data));
}
