private bool FilterByPolicies(OperationInspector inspector, ODataOperationMethodDescriptor action, Content content)
{
if (action.OperationInfo.Policies.Length == 0)
{
return(true);
}
//TODO:~ set HttpContext in OperationCallingContext
var context = new OperationCallingContext(content, action.OperationInfo);
switch (inspector.CheckPolicies(action.OperationInfo.Policies, context))
{
case OperationMethodVisibility.Invisible:
return(false);
case OperationMethodVisibility.Disabled:
// according to the policy this action is visible to the user but cannot be executed
action.Forbidden = true;
break;
case OperationMethodVisibility.Enabled:
break;
default:
throw new ArgumentOutOfRangeException();
}
return(true);
}
private bool FilterByRoles(OperationInspector inspector, string[] expectedRoles, IEnumerable <string> actualRoles)
{
if (expectedRoles.Length == 0)
{
return(true);
}
return(inspector.CheckByRoles(expectedRoles, actualRoles));
}
private bool IsPermitted(OperationInspector inspector, Content content, string[] permissionNames)
{
if (permissionNames == null || permissionNames.Length == 0)
{
return(true);
}
return(inspector.CheckByPermissions(content, permissionNames));
}
private static bool FilterByContentTypes(OperationInspector inspector, Content content, string[] allowedContentTypes)
{
if (allowedContentTypes.Length == 0)
{
return(true);
}
return(inspector.CheckByContentType(content, allowedContentTypes));
}
private static bool FilterByRolesAndPermissions(OperationInspector inspector, string[] roles, string[] permissions, Content content)
{
if (roles.Length > 0 && !inspector.CheckByRoles(roles))
{
return(false);
}
if (permissions.Length > 0 && !inspector.CheckByPermissions(content, permissions))
{
return(false);
}
return(true);
}
private bool FilterByPermissions(OperationInspector inspector, ODataOperationMethodDescriptor action, Content content)
{
action.Forbidden |= !IsPermitted(inspector, content, action.OperationInfo.Permissions);
return(true);
}