/// <summary>
/// Returns true if <paramref name="operationType"/> on <paramref name="entity"/> is allowed.
/// </summary>
public bool IsAuthorized(TEntity entity, OcDataOperationType operationType)
{
if (AuthorizationService == null)
{
return(true);
}
return(AuthorizationService.IsAuthorized(entity, Request, ResourceName, operationType));
}
/// <summary>
/// Applies logic specific to the <paramref name="operationType"/> on the passed in <paramref name="entities"/>.
/// Any messages generated during the process will be added to the <see cref="OcApiMessages"/> collection in <see cref="OcLayerBase{TRequest}.Request"/>.
/// Actions taken during processing will depend on the flags set in <see cref="OcLayerBase{TRequest}.Options"/>.
/// </summary>
/// <param name="entities">Collection of entities the operation is being performed on</param>
/// <param name="operationType">Indicates the type of data operation being performed</param>
/// <returns>Returns true if all operations and configured validation were performed successful, false otherwise.</returns>
protected virtual bool ApplyLogic(IEnumerable <TEntity> entities, OcDataOperationType operationType)
{
Debug.Assert(entities != null);
bool success;
if (operationType == OcDataOperationType.Read)
{
success = false; // Only successful if at least one record passes and can be returned.
foreach (var entity in entities)
{
success = success || ApplyLogic(entity, OcDataOperationType.Read);
}
}
else
{
success = true; // Successful if all operations processing succeeds. If any step in processing fails abort the entire request.
foreach (var entity in entities)
{
success = success && ApplyLogic(entity, operationType);
}
}
return(success);
}
=> true; // Its an example, allow everything public bool IsAuthorized <TEntity>(TEntity entity, IMyRequest request, string resourceName, OcDataOperationType operationType) => true; // Its an example, allow everything
/// <summary>
/// Applies logic specific to the <paramref name="operationType"/> on the passed in <paramref name="entity"/>.
/// Any messages generated during the process will be added to the <see cref="OcApiMessages"/> collection in <see cref="OcLayerBase{TRequest}.Request"/>.
/// Actions taken during processing will depend on the flags set in <see cref="OcLayerBase{TRequest}.Options"/>.
/// </summary>
/// <param name="entity">Entity which is having the operation performed on it</param>
/// <param name="operationType">Indicates the type of data operation being performed</param>
/// <returns>Returns true if the operation was completed successfully, false otherwise.</returns>
protected virtual bool ApplyLogic([NotNull] TEntity entity, OcDataOperationType operationType)
{
Debug.Assert(entity != null);
// Handle Read operations
if (operationType == OcDataOperationType.Read)
{
// Authorization
if (Options.HasFlag(OcRequestOptions.ExcludeUnauthorized) && !IsAuthorized(entity, OcDataOperationType.Read))
{
if (Options.HasFlag(OcRequestOptions.MessageUnauthorized))
{
ResponseMessageAdd(OcApiMessageType.NotificationSystem, $"Excluding {EntityStatusSummary(entity)} in {ResourceName} because the user is not authorized");
}
return(false);
}
// Deleted
if (Options.HasFlag(OcRequestOptions.ExcludeInactive) && EntityIsInactive(entity))
{
if (Options.HasFlag(OcRequestOptions.MessageExcluded))
{
ResponseMessageAdd(OcApiMessageType.NotificationSystem, $"Excluding {EntityStatusSummary(entity)} in {ResourceName} because it is marked as inactive");
}
return(false);
}
// Execute read and return success
return(ApplyReadLogic(entity));
}
// Authorization
if (!IsAuthorized(entity, operationType))
{
ResponseMessageAdd(OcApiMessageType.AuthorizationFailure, $"{operationType} of {EntityStatusSummary(entity)} in {ResourceName} not performed because the user is not authorized");
return(false);
}
// Perform operation
bool success;
switch (operationType)
{
case OcDataOperationType.Create:
success = ApplyCreateLogic(entity);
break;
case OcDataOperationType.Update:
success = ApplyUpdateLogic(entity);
break;
case OcDataOperationType.Delete:
success = ApplyDeleteLogic(entity);
break;
case OcDataOperationType.Other:
success = ApplyOtherLogic(entity);
break;
default:
throw new ArgumentOutOfRangeException(nameof(operationType), operationType, null);
}
if (!success)
{
if (Options.HasFlag(OcRequestOptions.VerboseMessages))
{
ResponseMessageAdd(OcApiMessageType.ValidationFailure, $"{operationType} of {EntityStatusSummary(entity)} in {ResourceName} failed during processing");
}
return(false);
}
// Validation
if (Options.HasFlag(OcRequestOptions.ValidateEntities) && IsValid(entity) == false)
{
if (!ResponseMessagesHas(OcApiMessageType.ValidationFailure) || Options.HasFlag(OcRequestOptions.VerboseMessages))
{
ResponseMessageAdd(OcApiMessageType.ValidationFailure, $"{operationType} of {EntityStatusSummary(entity)} in {ResourceName} not performed because the entity failed validation");
}
return(false);
}
return(true);
}