public AuthorizationException(string message, Type entityType, AccessType accessType, bool isRecordLevel,
UserRecordPermission grantedPermissions, SecureSession session = null) : base(message)
{
EntityType = entityType;
AccessType = accessType;
IsRecordLevel = isRecordLevel;
GrantedPermissions = grantedPermissions;
if (session != null)
{
RequireReadMode = session.DemandReadAccessLevel;
CurrentDenyReadMode = session.DenyReadAction;
var ctx = session.Context;
UserName = ctx.User.UserName;
UserContextValues = string.Join(string.Empty, ctx.Values.Select(kv => StringHelper.SafeFormat(" [{0}]={1}\r\n", kv.Key, kv.Value)));
var user = ctx.User;
if (user.Authority == null)
{
UserRoles = "(UserContext.Authority is not set)";
}
else
{
UserRoles = user.Authority.GetRoleNames();
PermissionSummary = user.Authority.GetPermissionsSummary(EntityType);
var enDynGrants = user.Authority.DynamicGrants.Where(g => g.IsEnabled(session.Context));
EnabledDynamicGrants = string.Join(",", enDynGrants.Select(g => g.Activity.Name));
}
}
}
public AuthorizationException(string message, Type entityType, AccessType accessType, bool isRecordLevel,
UserRecordPermission grantedPermissions, SecureSession session = null)
: base(message)
{
EntityType = entityType;
AccessType = accessType;
IsRecordLevel = isRecordLevel;
GrantedPermissions = grantedPermissions;
if (session != null) {
RequireReadMode = session.DemandReadAccessLevel;
CurrentDenyReadMode = session.DenyReadAction;
var ctx = session.Context;
UserName = ctx.User.UserName;
UserContextValues = string.Join(string.Empty, ctx.Values.Select(kv => StringHelper.SafeFormat(" [{0}]={1}\r\n", kv.Key, kv.Value)));
var user = ctx.User;
if (user.Authority == null) {
UserRoles = "(UserContext.Authority is not set)";
} else {
UserRoles = user.Authority.GetRoleNames();
PermissionSummary = user.Authority.GetPermissionsSummary(EntityType);
var enDynGrants = user.Authority.DynamicGrants.Where(g => g.IsEnabled(session.Context));
EnabledDynamicGrants = string.Join(",", enDynGrants.Select(g => g.Activity.Name));
}
}
}
public SecureSession(OperationContext context) : base(context)
{
// Check if user Authority is assigned and it is not Invalidated
var autD = context.User.GetAuthorityDescriptor();
if (autD == null || autD.Invalidated)
{
autD = Context.App.AuthorizationService.GetAuthority(Context.User);
Context.User.SetAuthority(autD);
}
DemandReadAccessLevel = ReadAccessLevel.Peek;
DenyReadAction = DenyReadActionType.Throw;
}
