/// <summary> /// Evaluates the specified authority against the specified context. /// </summary> /// <param name="principal">Must be an <see cref="IPrincipal"/> object.</param> /// <param name="ruleName">Must be a string that is the name of the rule to evaluate.</param> /// <returns><c>true</c> if the expression evaluates to true, /// otherwise <c>false</c>.</returns> public bool Authorize(IPrincipal principal, string ruleName) { if (principal == null) { throw new ArgumentNullException("principal"); } if (ruleName == null || ruleName.Length == 0) { throw new ArgumentNullException("ruleName"); } SecurityAuthorizationCheckEvent.Fire(principal.Identity.Name, ruleName); BooleanExpression booleanExpression = GetParsedExpression(ruleName); if (booleanExpression == null) { throw new AuthorizationRuleNotFoundException(SR.AuthorizationRuleNotFoundMsg(ruleName)); } bool result = booleanExpression.Evaluate(principal); if (result == false) { SecurityAuthorizationFailedEvent.Fire(principal.Identity.Name, ruleName); } return(result); }
/// <summary> /// Evaluates the specified authority against the specified context that is either a task or operation in Authorization Manager. If the context is an operation it should be prefixed by "O". /// </summary> /// <param name="principal">Principal object containing a windows identity.</param> /// <param name="context">Name of the task or operation to evaluate.</param> /// <returns><strong>True</strong> if AzMan evaluates to true, /// otherwise <strong>false</strong>.</returns> public bool Authorize(IPrincipal principal, string context) { ArgumentValidation.CheckForNullReference(principal, "principal"); ArgumentValidation.CheckForNullReference(context, "context"); SecurityAuthorizationCheckEvent.Fire(principal.Identity.Name, context); AzManAuthorizationProviderData data = GetConfigurationData(); string auditIdentifier = data.AuditIdentifierPrefix + principal.Identity.Name + ":" + context; bool result = false; bool operation = false; if (context.IndexOf(OperationContextPrefix) == 0) { operation = true; context = context.Substring(OperationContextPrefix.Length); } if (operation) { string[] operations = new string[] { context }; result = CheckAccessOperations(data, auditIdentifier, principal.Identity, operations); } else { string[] tasks = new string[] { context }; result = CheckAccessTasks(data, auditIdentifier, principal.Identity, tasks); } if (result == false) { SecurityAuthorizationFailedEvent.Fire(principal.Identity.Name, context); } return(result); }
private void FireSecurityAuthorizationCheckEvent() { SecurityAuthorizationCheckEvent.Fire(testMessage, "action"); }
private void FireSecurityAuthorizationCheckEvent() { SecurityAuthorizationCheckEvent.Fire("test", "action"); }