private void modifyEditAction(ActionCall action)
{
// At least one Crud controller 'ignores' its Edit method
if (action == null)
{
return;
}
var chain = action.ParentChain();
chain.Route = action.BuildRouteForPattern("{0}/{{Id}}".ToFormat(_routeName));
// If there are no
if (!action.HasAttribute <AuthorizationAttribute>())
{
var permissionName = CrudRules.SecurableNameForViewing(_entityType);
chain.Authorization.AddRole(permissionName);
}
// apply data restrictions
var policyType = typeof(RestrictedDataAuthorizationPolicy <>).MakeGenericType(_entityType);
chain.Authorization.AddPolicy(policyType);
action.AddAfter(Wrapper.For <CrudUrlBehavior>());
}
public override void Alter(ActionCall call)
{
var entityType = _entityType ?? call.HandlerType.GetEntityType();
var role = CrudRules.SecurableNameForViewing(entityType);
call.ParentChain().Authorization.AddRole(role);
}
private void addCreationPermission(ActionCall action)
{
// If there are no other permissioning, add one
if (!action.HasAttribute <AuthorizationAttribute>())
{
var permissionName = CrudRules.SecurableNameForCreation(_entityType);
action.ParentChain().Authorization.AddRole(permissionName);
}
}
