private void AddPermissionDescriptionToAuthorizationInformation <TEntity>(string operation,
AuthorizationInformation info,
IUser user, Permission[] permissions,
TEntity entity)
where TEntity : class
{
string entityDescription = "";
string entitiesGroupsDescription = "";
if (entity != null)
{
EntitiesGroup[] entitiesGroups = authorizationRepository.GetAssociatedEntitiesGroupsFor(entity);
entityDescription = Security.GetDescription(entity);
entitiesGroupsDescription = Strings.Join(entitiesGroups);
}
if (permissions.Length == 0)
{
UsersGroup[] usersGroups = authorizationRepository.GetAssociatedUsersGroupFor(user);
if (entity == null) //not on specific entity
{
info.AddDeny(Resources.PermissionForOperationNotGrantedToUser,
operation,
user.SecurityInfo.Name,
Strings.Join(usersGroups)
);
}
else
{
info.AddDeny(Resources.PermissionForOperationNotGrantedToUserOnEntity,
operation,
user.SecurityInfo.Name,
Strings.Join(usersGroups),
entityDescription,
entitiesGroupsDescription);
}
return;
}
foreach (Permission permission in permissions)
{
AddUserLevelPermissionMessage(operation, info, user, permission, entityDescription,
entitiesGroupsDescription);
AddUserGroupLevelPermissionMessage(operation, info, user, permission, entityDescription,
entitiesGroupsDescription);
}
}