/// <summary> /// Gets the permissions for the specified user and entity /// </summary> /// <typeparam name="TEntity"></typeparam> /// <param name="user">The user.</param> /// <param name="entity"></param> /// <returns></returns> public Permission[] GetPermissionsFor <TEntity>(IUser user, TEntity entity) where TEntity : class { Guid key = Security.ExtractKey(entity); EntitiesGroup[] entitiesGroups = authorizationRepository.GetAssociatedEntitiesGroupsFor(entity); DetachedCriteria criteria = DetachedCriteria.For <Permission>() .Add(Expression.Eq("User", user) || Subqueries.PropertyIn("UsersGroup.Id", SecurityCriterions.AllGroups(user).SetProjection(Projections.Id()))) .Add(Expression.Eq("EntitySecurityKey", key) || Expression.In("EntitiesGroup", entitiesGroups)); return(FindResults(criteria)); }
private void AddPermissionDescriptionToAuthorizationInformation <TEntity>(string operation, AuthorizationInformation info, IUser user, Permission[] permissions, TEntity entity) where TEntity : class { string entityDescription = ""; string entitiesGroupsDescription = ""; if (entity != null) { EntitiesGroup[] entitiesGroups = authorizationRepository.GetAssociatedEntitiesGroupsFor(entity); entityDescription = Security.GetDescription(entity); entitiesGroupsDescription = Strings.Join(entitiesGroups); } if (permissions.Length == 0) { UsersGroup[] usersGroups = authorizationRepository.GetAssociatedUsersGroupFor(user); if (entity == null) //not on specific entity { info.AddDeny(Resources.PermissionForOperationNotGrantedToUser, operation, user.SecurityInfo.Name, Strings.Join(usersGroups) ); } else { info.AddDeny(Resources.PermissionForOperationNotGrantedToUserOnEntity, operation, user.SecurityInfo.Name, Strings.Join(usersGroups), entityDescription, entitiesGroupsDescription); } return; } foreach (Permission permission in permissions) { AddUserLevelPermissionMessage(operation, info, user, permission, entityDescription, entitiesGroupsDescription); AddUserGroupLevelPermissionMessage(operation, info, user, permission, entityDescription, entitiesGroupsDescription); } }