private List<OperationAllowedResult> GenerateAuthorizationResponse(JsonDocumentMetadata[] documents, string[] docIds, string operation, string userId)
{
var list = new List<OperationAllowedResult>();
for (var index = 0; index < documents.Length; index++)
{
var document = documents[index];
var docId = docIds[index];
if (document == null)
{
list.Add(new OperationAllowedResult
{
IsAllowed = false,
Reasons = new List<string>
{
"Document " + docId + " does not exists"
}
});
continue;
}
var reasons = new List<string>();
var authorizationDecisions = new AuthorizationDecisions(Database);
var isAllowed = authorizationDecisions.IsAllowed(userId, operation, docId, document.Metadata, reasons.Add);
list.Add(new OperationAllowedResult { IsAllowed = isAllowed, Reasons = reasons });
}
return list;
}
private List <OperationAllowedResult> GenerateAuthorizationResponse(JsonDocumentMetadata[] documents, string[] docIds, string operation, string userId)
{
var list = new List <OperationAllowedResult>();
for (var index = 0; index < documents.Length; index++)
{
var document = documents[index];
var docId = docIds[index];
if (document == null)
{
list.Add(new OperationAllowedResult
{
IsAllowed = false,
Reasons = new List <string>
{
"Document " + docId + " does not exists"
}
});
continue;
}
var reasons = new List <string>();
var authorizationDecisions = new AuthorizationDecisions(Database);
var isAllowed = authorizationDecisions.IsAllowed(userId, operation, docId, document.Metadata, reasons.Add);
list.Add(new OperationAllowedResult {
IsAllowed = isAllowed, Reasons = reasons
});
}
return(list);
}
public override void Respond(IHttpContext context)
{
var match = urlMatcher.Match(context.GetRequestUrl());
var userId = match.Groups[1].Value;
var docIds = context.Request.QueryString.GetValues("id");
var operation = context.Request.QueryString["operation"];
var transactionInformation = GetRequestTransaction(context);
if (docIds == null || string.IsNullOrEmpty(operation) || string.IsNullOrEmpty(userId))
{
context.SetStatusToBadRequest();
return;
}
var list = new List <OperationAllowedResult>();
// we don't want security to take hold when we are trying to ask about security
using (Database.DisableAllTriggersForCurrentThread())
{
foreach (var docId in docIds)
{
var document = Database.GetDocumentMetadata(docId, transactionInformation);
if (document == null)
{
list.Add(new OperationAllowedResult
{
IsAllowed = false,
Reasons = new List <string>
{
"Document " + docId + " does not exists"
}
});
continue;
}
var reasons = new List <string>();
var authorizationDecisions = new AuthorizationDecisions(Database);
var isAllowed = authorizationDecisions.IsAllowed(userId, operation, docId, document.Metadata, reasons.Add);
list.Add(new OperationAllowedResult {
IsAllowed = isAllowed, Reasons = reasons
});
}
}
context.WriteJson(list);
}
public override void Respond(IHttpContext context)
{
var match = urlMatcher.Match(context.GetRequestUrl());
var userId = match.Groups[1].Value;
var docIds = context.Request.QueryString.GetValues("id");
var operation = context.Request.QueryString["operation"];
var transactionInformation = GetRequestTransaction(context);
if (docIds == null || string.IsNullOrEmpty(operation) || string.IsNullOrEmpty(userId))
{
context.SetStatusToBadRequest();
return;
}
var list = new List<OperationAllowedResult>();
// we don't want security to take hold when we are trying to ask about security
using (Database.DisableAllTriggersForCurrentThread())
{
foreach (var docId in docIds)
{
var document = Database.GetDocumentMetadata(docId, transactionInformation);
if (document == null)
{
list.Add(new OperationAllowedResult
{
IsAllowed = false,
Reasons = new List<string>
{
"Document " + docId + " does not exists"
}
});
continue;
}
var reasons = new List<string>();
var authorizationDecisions = new AuthorizationDecisions(Database);
var isAllowed = authorizationDecisions.IsAllowed(userId, operation, docId, document.Metadata, reasons.Add);
list.Add(new OperationAllowedResult{ IsAllowed = isAllowed, Reasons = reasons });
}
}
context.WriteJson(list);
}
public CanHandleAuthQuestions()
{
authorizationDecisions = new AuthorizationDecisions(server.Database);
}
public override void Initialize()
{
AuthorizationDecisions = new AuthorizationDecisions(Database);
}
public override void Initialize()
{
AuthorizationDecisions = new AuthorizationDecisions(Database);
}
public CanHandleAuthQuestions()
{
authorizationDecisions = new AuthorizationDecisions(server.Database);
}
public CanHandleAuthQuestions()
{
authorizationDecisions = new AuthorizationDecisions(server.Database, HttpRuntime.Cache);
}
public override void Initialize()
{
AuthorizationDecisions = new AuthorizationDecisions(Database, HttpRuntime.Cache);
}
public CanHandleAuthQuestions()
{
authorizationDecisions = new AuthorizationDecisions(server.Database, HttpRuntime.Cache);
}
public override void Initialize()
{
AuthorizationDecisions = new AuthorizationDecisions(Database, HttpRuntime.Cache);
}
