private SecurityPrincipal CreateSecurityPrincipal(ClientTransaction transaction)
{
using (SecurityFreeSection.Activate())
{
string user = GetUser(transaction).UserName;
ISecurityPrincipalRole role = null;
string substitutedUser = null;
ISecurityPrincipalRole substitutedRole = null;
Substitution substitution = GetSubstitution(transaction);
if (substitution != null)
{
substitutedUser = substitution.SubstitutedUser.UserName;
if (substitution.SubstitutedRole != null)
{
substitutedRole = new SecurityPrincipalRole(
substitution.SubstitutedRole.Group.UniqueIdentifier,
substitution.SubstitutedRole.Position.UniqueIdentifier);
}
}
return(new SecurityPrincipal(user, role, substitutedUser, substitutedRole));
}
}
public SecurityPrincipal(string user, ISecurityPrincipalRole role, string substitutedUser, ISecurityPrincipalRole substitutedRole)
{
ArgumentUtility.CheckNotNullOrEmpty("user", user);
ArgumentUtility.CheckNotEmpty("substitutedUser", substitutedUser);
if (substitutedRole != null && substitutedUser == null)
{
throw new ArgumentException("The substituted user must be specified if a substituted role is also specified.", "substitutedUser");
}
_user = user;
_substitutedRole = substitutedRole;
_substitutedUser = substitutedUser;
_role = role;
}
private bool IsRoleMatchingPrincipalRole(Role role, ISecurityPrincipalRole principalRole)
{
if (role == null)
{
return(false);
}
var principalPositionHandle = _securityContextRepository.GetPosition(principalRole.Position);
if (!principalPositionHandle.Equals(role.Position.GetHandle()))
{
return(false);
}
var principalRoleGroupHandle = _securityContextRepository.GetGroup(principalRole.Group);
if (!principalRoleGroupHandle.Equals(role.Group.GetHandle()))
{
return(false);
}
return(true);
}
