public virtual bool CanReadProperty(string propertyName) { bool result = true; if (AuthorizationRules.HasReadAllowedRoles(propertyName)) { // some users are explicitly granted read access // in which case all other users are denied. if (!AuthorizationRules.IsReadAllowed(propertyName)) { result = false; } } else if (AuthorizationRules.HasReadDeniedRoles(propertyName)) { // some users are explicitly denied read access. if (AuthorizationRules.IsReadDenied(propertyName)) { result = false; } } return(result); }