private void modifyEditAction(ActionCall action) { // At least one Crud controller 'ignores' its Edit method if (action == null) { return; } var chain = action.ParentChain(); chain.Route = action.BuildRouteForPattern("{0}/{{Id}}".ToFormat(_routeName)); // If there are no if (!action.HasAttribute <AuthorizationAttribute>()) { var permissionName = CrudRules.SecurableNameForViewing(_entityType); chain.Authorization.AddRole(permissionName); } // apply data restrictions var policyType = typeof(RestrictedDataAuthorizationPolicy <>).MakeGenericType(_entityType); chain.Authorization.AddPolicy(policyType); action.AddAfter(Wrapper.For <CrudUrlBehavior>()); }
public override void Alter(ActionCall call) { var entityType = _entityType ?? call.HandlerType.GetEntityType(); var role = CrudRules.SecurableNameForViewing(entityType); call.ParentChain().Authorization.AddRole(role); }