/// <summary>
/// Ensures that the user is authorised to perform the desired operation.
/// </summary>
/// <param name="action"></param>
/// <param name="typeName"></param>
/// <returns>A value indicating whether the user is authorised.</returns>
public virtual bool EnsureAuthorised(string action, string typeName)
{
bool output = false;
using (LogGroup logGroup = LogGroup.Start("Ensuring that the current user is authorised to performed the desired action.", NLog.LogLevel.Debug))
{
LogWriter.Debug("Require authorisation: " + RequireAuthorisation.ToString());
bool isAuthorised = false;
if (RequireAuthorisation)
{
isAuthorised = Authorisation.UserCan(action, typeName);
LogWriter.Debug("Is authorised: " + isAuthorised);
if (!isAuthorised)
{
FailAuthorisation(action, typeName);
}
output = isAuthorised;
}
else // Authorisation is not required, so the user is authorised by default
{
output = true;
}
LogWriter.Debug("Return value: " + output.ToString());
}
return(output);
}
/// <summary>
///
/// </summary>
/// <param name="action"></param>
/// <param name="entity"></param>
/// <returns></returns>
public virtual bool IsAuthorised(string action, IEntity entity)
{
bool output = false;
LogWriter.Debug("Require authorisation: " + RequireAuthorisation.ToString());
if (RequireAuthorisation)
{
bool isAuthorised = Authorisation.UserCan(action, entity);
LogWriter.Debug("Is authorised: " + isAuthorised);
output = isAuthorised;
}
// If authorisation isn't required then the user is authorised by default
else
{
output = true;
}
LogWriter.Debug("Output: " + output.ToString());
return(output);
}