public void Authorize(AuthorizeRequest clientRequest)
{
ClientRequest = clientRequest;
if(!typeof(Csla.Core.ICommandObject).IsAssignableFrom(clientRequest.ObjectType))
throw new SecurityException("Authorization Failed");
}
/// <summary>
/// Checks authorization rules for the request.
/// </summary>
/// <param name="clientRequest">
/// Client request information.
/// </param>
public void Authorize(AuthorizeRequest clientRequest)
{
if (ApplicationContext.LogicalExecutionLocation == ApplicationContext.LogicalExecutionLocations.Server &&
ApplicationContext.ExecutionLocation == ApplicationContext.ExecutionLocations.Server)
{
if (clientRequest.Operation == DataPortalOperations.Update ||
clientRequest.Operation == DataPortalOperations.Execute)
{
// Per-Instance checks
if (!BusinessRules.HasPermission(ApplicationContext, clientRequest.Operation.ToAuthAction(), clientRequest.RequestObject))
{
throw new SecurityException(
string.Format(Resources.UserNotAuthorizedException,
clientRequest.Operation.ToSecurityActionDescription(),
clientRequest.ObjectType.Name)
);
}
}
// Per-Type checks
if (!BusinessRules.HasPermission(ApplicationContext, clientRequest.Operation.ToAuthAction(), clientRequest.ObjectType))
{
throw new SecurityException(
string.Format(Resources.UserNotAuthorizedException,
clientRequest.Operation.ToSecurityActionDescription(),
clientRequest.ObjectType.Name)
);
}
}
}
/// <summary>
/// Authorizes the specified client request.
/// </summary>
/// <param name="clientRequest">The client request.</param>
public void Authorize(AuthorizeRequest clientRequest)
{
if (Csla.ApplicationContext.LocalContext["FirstRun"] == null &&
Csla.ApplicationContext.AuthenticationType == "Windows")
{
// the firstrun check is required, because server-side code
// can call the data portal, so the data portal may be invoked
// many times to handle a single client request
// LocalContext is used to ensure this value is per-user,
// because the application server is probably servicing
// many users at once on different threads
Csla.ApplicationContext.LocalContext["FirstRun"] = false;
// the app is configured to not auto-impersonate, (the
// authentication type is "Windows", so create principal
// from database, using the username value provided
// by the client in the ClientContext dictionary
var username = (string)Csla.ApplicationContext.ClientContext["Username"];
if (string.IsNullOrWhiteSpace(username))
Csla.ApplicationContext.User = new UnauthenticatedPrincipal();
else
MQ1Principal.Load(username);
}
}
/// <summary>
/// Creates an instance of the type.
/// </summary>
/// <param name="clientRequest">
/// Client request information.
/// </param>
public void Authorize(AuthorizeRequest clientRequest)
{ /* default is to allow all requests */
}
private static void AuthorizeRequest(AuthorizeRequest clientRequest)
{
_authorizer.Authorize(clientRequest);
}
internal void Authorize(AuthorizeRequest clientRequest)
{
AuthorizeRequest(clientRequest);
}
/// <summary>
/// Creates an instance of the type.
/// </summary>
/// <param name="clientRequest">
/// Client request information.
/// </param>
public void Authorize(AuthorizeRequest clientRequest)
{ /* default is to allow all requests */ }
private static void AuthorizeRequest(AuthorizeRequest clientRequest)
{
_authorizer.Authorize(clientRequest);
}
internal void Authorize(AuthorizeRequest clientRequest)
{
AuthorizeRequest(clientRequest);
}
private void AuthorizeRequest(AuthorizeRequest clientRequest)
{
Authorizer.Authorize(clientRequest);
}
public void Authorize(AuthorizeRequest clientRequest)
{
ClientRequest = clientRequest;
}
