/// <summary> /// Demand the permission /// </summary> public void Demand() { var pdp = ApplicationContext.Current.GetService <IPolicyDecisionService>(); var principal = this.m_principal ?? AuthenticationContext.Current.Principal; // Non system principals must be authenticated if (!principal.Identity.IsAuthenticated && principal != AuthenticationContext.SystemPrincipal) { throw new PolicyViolationException(this.m_policyId, PolicyDecisionOutcomeType.Deny); } PolicyDecisionOutcomeType action = PolicyDecisionOutcomeType.Deny; if (pdp == null) // No way to verify { action = PolicyDecisionOutcomeType.Deny; } else if (pdp != null) { action = pdp.GetPolicyOutcome(principal, this.m_policyId); } this.m_traceSource.TraceInformation("Policy Enforce: {0}({1}) = {2}", principal?.Identity?.Name, this.m_policyId, action); if (action != PolicyDecisionOutcomeType.Grant) { throw new PolicyViolationException(this.m_policyId, action); } }
/// <summary> /// Creates a new instance of the policy violation /// </summary> public PolicyViolationException(String policyId, PolicyDecisionOutcomeType outcome) { if (policyId == null) { throw new ArgumentNullException(nameof(policyId)); } this.PolicyId = policyId; this.PolicyDecision = outcome; }
/// <summary> /// Creates a new instance of the policy violation exception /// </summary> public PolicyViolationException(IPolicy policy, PolicyDecisionOutcomeType outcome) { if (policy == null) { throw new ArgumentNullException(nameof(policy)); } this.Policy = policy; this.PolicyId = policy.Oid; this.PolicyDecision = outcome; }
/// <summary> /// Creates a new policy decision outcome /// </summary> public PolicyDecisionDetail(String policyId, PolicyDecisionOutcomeType outcome) { this.PolicyId = policyId; this.Outcome = outcome; }