private void AuthorizeJob(IPersistenceManager pm, Guid jobId, DT.Permission requiredPermission)
{
var requiredPermissionEntity = requiredPermission.ToEntity();
DA.Permission permission = GetPermissionForJob(pm, jobId, UserManager.CurrentUserId);
if (permission == Permission.NotAllowed ||
((permission != requiredPermissionEntity) && requiredPermissionEntity == Permission.Full))
{
throw new SecurityException(NOT_AUTHORIZED);
}
}
public void GrantPermission(Guid jobId, Guid grantedUserId, DT.Permission permission)
{
RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
AuthorizationManager.AuthorizeForJob(jobId, Permission.Full);
var pm = PersistenceManager;
using (new PerformanceLogger("GrantPermission")) {
var jobPermissionDao = pm.JobPermissionDao;
var currentUserId = UserManager.CurrentUserId;
pm.UseTransaction(() => {
jobPermissionDao.SetJobPermission(jobId, currentUserId, grantedUserId, permission.ToEntity());
pm.SubmitChanges();
});
}
}
