/// <summary>
/// Conditionally render HTML output according to the provided authorization member action and underlyiong object type.
/// </summary>
/// <param name="htmlHelper">The HTML helper instance that this method extends.</param>
/// <param name="action">AuthorizationActions for which the authorization is required.</param>
/// <param name="target">CSLA object instance.</param>
/// <param name="member">CSLA object member.</param>
/// <param name="granted">The rendered HTML output for granted users.</param>
/// <param name="denied">The rendered HTML output for denied users.</param>
/// <returns>The appropriate HTML rendered output.</returns>
public static MvcHtmlString HasPermission(
this HtmlHelper htmlHelper,
Csla.Rules.AuthorizationActions action,
object target,
Csla.Core.IMemberInfo member,
string granted,
string denied)
{
var instance = target as Csla.Security.IAuthorizeReadWrite;
if (instance == null)
{
return(MvcHtmlString.Create(denied));
}
if ((action == Rules.AuthorizationActions.ReadProperty && instance.CanReadProperty(member.Name)) ||
(action == Rules.AuthorizationActions.WriteProperty && instance.CanWriteProperty(member.Name)) ||
(action == Rules.AuthorizationActions.ExecuteMethod && instance.CanExecuteMethod(member.Name)))
{
return(MvcHtmlString.Create(granted));
}
else
{
return(MvcHtmlString.Create(denied));
}
}
/// <summary>
/// Conditionally render HTML output according to the provided authorization member action and underlyiong object type.
/// </summary>
/// <param name="htmlHelper">The HTML helper instance that this method extends.</param>
/// <param name="action">AuthorizationActions for which the authorization is required.</param>
/// <param name="target">CSLA object instance.</param>
/// <param name="member">CSLA object member.</param>
/// <param name="grantedAction">The rendered HTML helper action for granted users.</param>
/// <param name="denieddAction">The rendered HTML helper action for denied users.</param>
/// <returns>The appropriate HTML rendered output.</returns>
public static HtmlString HasPermission(
this IHtmlHelper htmlHelper,
Csla.Rules.AuthorizationActions action,
object target,
Csla.Core.IMemberInfo member,
Func <IHtmlHelper, HtmlString> grantedAction,
Func <IHtmlHelper, HtmlString> denieddAction)
{
var instance = target as Csla.Security.IAuthorizeReadWrite;
if (instance == null)
{
return(denieddAction.Invoke(htmlHelper));
}
if ((action == Rules.AuthorizationActions.ReadProperty && instance.CanReadProperty(member.Name)) ||
(action == Rules.AuthorizationActions.WriteProperty && instance.CanWriteProperty(member.Name)) ||
(action == Rules.AuthorizationActions.ExecuteMethod && instance.CanExecuteMethod(member.Name)))
{
return(grantedAction.Invoke(htmlHelper));
}
else
{
return(denieddAction.Invoke(htmlHelper));
}
}
/// <summary>
/// Conditionally render HTML output according to the provided authorization member action and underlyiong object type.
/// </summary>
/// <param name="htmlHelper">The HTML helper instance that this method extends.</param>
/// <param name="action">AuthorizationActions for which the authorization is required.</param>
/// <param name="target">CSLA object instance.</param>
/// <param name="member">CSLA object member.</param>
/// <param name="granted">The rendered HTML output for granted users.</param>
/// <param name="denied">The rendered HTML output for denied users.</param>
/// <returns>The appropriate HTML rendered output.</returns>
public static HtmlString HasPermission(
this IHtmlHelper htmlHelper,
Csla.Rules.AuthorizationActions action,
object target,
Csla.Core.IMemberInfo member,
HtmlString granted,
string denied)
{
if (target is not Csla.Security.IAuthorizeReadWrite instance)
{
return(new HtmlString(denied));
}
if ((action == Rules.AuthorizationActions.ReadProperty && instance.CanReadProperty(member.Name)) ||
(action == Rules.AuthorizationActions.WriteProperty && instance.CanWriteProperty(member.Name)) ||
(action == Rules.AuthorizationActions.ExecuteMethod && instance.CanExecuteMethod(member.Name)))
{
return(granted);
}
else
{
return(new HtmlString(denied));
}
}
/// <summary>
/// Creates an instance of the rule.
/// </summary>
/// <param name="action">Action this rule will enforce.</param>
/// <param name="element">Member to be authorized.</param>
/// <param name="privileges">List of allowed privileges.</param>
public HasPrivilegeClaim(AuthorizationActions action, Csla.Core.IMemberInfo element, params string[] privileges)
: base(action, element)
{
_privileges = new List <string>(privileges);
}
/// <summary>
/// Creates an instance of the rule.
/// </summary>
/// <param name="action">Action this rule will enforce.</param>
/// <param name="element">Member to be authorized.</param>
/// <param name="privileges">List of allowed privileges.</param>
public HasPrivilegeClaim(AuthorizationActions action, Csla.Core.IMemberInfo element, List <string> privileges)
: base(action, element)
{
_privileges = privileges;
}
/// <summary>
/// Creates an instance of the rule.
/// </summary>
/// <param name="action">Action this rule will enforce.</param>
/// <param name="element">Member to be authorized.</param>
/// <param name="roles">List of allowed roles.</param>
public IsInRole(AuthorizationActions action, Csla.Core.IMemberInfo element, params string[] roles)
: base(action, element)
{
_roles = new List <string>(roles);
}
/// <summary>
/// Creates an instance of the rule.
/// </summary>
/// <param name="action">Action this rule will enforce.</param>
/// <param name="element">Member to be authorized.</param>
/// <param name="roles">List of allowed roles.</param>
public IsInRole(AuthorizationActions action, Csla.Core.IMemberInfo element, List <string> roles)
: base(action, element)
{
_roles = roles;
}
public IsInUser(Csla.Rules.AuthorizationActions action, Csla.Core.IMemberInfo element)
: base(action, element)
{
}
public IsInProjectAndRole(Csla.Rules.AuthorizationActions action, Csla.Core.IMemberInfo element)
: base(action, element)
{
}
/// <summary>
/// Creates an instance of the rule.
/// </summary>
/// <param name="action">Action this rule will enforce.</param>
/// <param name="element">Method or property.</param>
public AuthorizationRule(AuthorizationActions action, Csla.Core.IMemberInfo element)
: this(action)
{
_element = element;
}
public AuthorizationRuleNoCacheResult(AuthorizationActions action, Csla.Core.IMemberInfo element) : base(action, element)
{
CacheResult = false;
}
/// <summary>
/// Creates an instance of the rule.
/// </summary>
/// <param name="action">Action this rule will enforce.</param>
/// <param name="element">Method or property.</param>
public AuthorizationRule(AuthorizationActions action, Csla.Core.IMemberInfo element)
: this(action)
{
_element = element;
}
