public Task <AccessLevel> AuthorizeAsync(User user, Permission permission) => Task.FromResult(AccessLevel.DeniedFor(user, permission));
protected sealed override bool DoCheckAccessLevel(ISecurityManager secman, ISession session, AccessLevel access) { if (!base.DoCheckAccessLevel(secman, session, access)) { return(false); } var dataContextName = session.NonNull(nameof(session)).DataContextName; if (dataContextName.IsNullOrWhiteSpace()) { return(false); // false;//deny for unspecified stores } var segments = dataContextName.Split(DELIMS); var wereAny = false; for (var i = 0; i < segments.Length; i++) { var segment = segments[i]; if (segment.IsNullOrWhiteSpace()) { continue; } wereAny = true; var nds = access.Data[DATA_ACL_PREFIX + segment]; if (!nds.Exists)//no data-specific override found - try to find ANY { nds = access.Data[DATA_ACL_ANY]; } if (!nds.Exists) { return(false); //no data-specific or ANY override found - denied } var passed = DoCheckDataStoreAccessLevel(secman, session, dataContextName, nds, access); if (!passed) { return(false); } } return(wereAny); }
public AccessLevel Authorize(User user, Permission permission) => AccessLevel.DeniedFor(user, permission);
/// <summary> /// Override to perform access level checks per user's AccessLevel ACL entry. /// True if accessLevel satisfies permission requirements. /// The default implementation just checks the access.Level /// </summary> protected virtual bool DoCheckAccessLevel(ISecurityManager secman, ISession session, AccessLevel access) { return(access.Level >= m_Level); }
protected override bool DoCheckAccessLevel(IApplication app, ISession session, AccessLevel access) => session.User.Status >= UserStatus.Administrator && base.DoCheckAccessLevel(app, session, access);
/// <summary> /// Override to perform access level checks per user's AccessLevel ACL entry. /// True if accessLevel satisfies permission requirements. /// The default implementation just checks the access.Level /// </summary> protected virtual bool DoCheckAccessLevel(IApplication app, ISession session, AccessLevel access) { return(access.Level >= m_Level); }
protected override bool DoCheckAccessLevel(ISecurityManager secman, ISession session, AccessLevel access) => session.User.Status >= UserStatus.Administrator && base.DoCheckAccessLevel(secman, session, access);