Пример #1
0
        /// <summary>
        /// Enforces that current user can invoke <paramref name="handler"/> with specific
        /// <paramref name="request"/> object.
        /// </summary>
        /// <typeparam name="TRequest">Type of request in <see cref="IRequestHandler{TRequest,TResponse}"/>.</typeparam>
        /// <typeparam name="TResponse">Type of response in <see cref="IRequestHandler{TRequest,TResponse}"/>.</typeparam>
        /// <param name="handler">Instance of <see cref="IRequestHandler{TRequest,TResponse}"/> or
        /// <see cref="IAsyncRequestHandler{TRequest,TResponse}"/>.</param>
        /// <param name="request">Instance of <typeparamref name="TRequest"/>.</param>
        /// <param name="dependencyInjectionContainer"></param>
        /// <param name="userContext">User to check permissions for.</param>
        /// <param name="permissionManager">Instance of <see cref="SystemPermissionManager"/>.</param>
        public void EnforceSecurity <TRequest, TResponse>(
            object handler,
            TRequest request,
            DependencyInjectionContainer dependencyInjectionContainer,
            UserContext userContext,
            SystemPermissionManager permissionManager) where TRequest : IRequest <TResponse>
        {
            if (this.ContextCommand != null)
            {
                // Call GetPermission from IContextCommand.GetPermission.
                var permission = this.GetPermission.Invoke(handler, null);

                // Get context.
                var repository = (IEntityRepository)dependencyInjectionContainer.GetInstance(this.EntitySecurityConfiguration.Repository);
                var context    = repository.Find(((ISecureHandlerRequest)request).ContextId);

                // Enforce permission.
                var pm = dependencyInjectionContainer.GetInstance(this.EntitySecurityConfiguration.PermissionManager);
                this.EnforceContextPermission.Invoke(pm, new[]
                {
                    permission,
                    userContext,
                    context
                });
            }

            // If command implements ISecureHandler.
            if (this.SystemCommand != null)
            {
                var permission = this.GetPermission.Invoke(handler, null);
                permissionManager.EnforceCanDo((SystemAction)permission, userContext);
            }
        }