protected void SetContext(Ratna.Profile.User user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
Jardalu.Ratna.Core.Context.SetCurrentContext(user);
}
private bool HasUserAccess(Ratna.Profile.User user, AccessAttribute accessAttribute)
{
bool access = false;
if (accessAttribute != null)
{
Group g = null;
if (GroupStore.Instance.TryGetGroup(accessAttribute.Group, out g))
{
if (user.IsMemberOfGroup(g))
{
access = true;
}
}
}
else
{
access = true;
}
return access;
}
/// <summary>
/// checks for access attribute defined on the class
/// and method.
///
/// to get an access to the method, user must have access
/// to both the conditions defined at class level and method level.
/// </summary>
/// <param name="user">user for which access is checked</param>
/// <returns>false if the user does not have access</returns>
protected bool IsAccessAllowed(Ratna.Profile.User user)
{
if (user == null)
{
return false;
}
bool access = false;
AccessAttribute accessAttribute = null;
object[] attributes = this.GetType().GetCustomAttributes(false);
accessAttribute = FindAccessAttribute(attributes);
access = HasUserAccess(user, accessAttribute);
// if the user has access to the class level, make sure
// user also has access at the method level.
if (access)
{
attributes = MethodBase.GetCurrentMethod().GetCustomAttributes(false);
accessAttribute = FindAccessAttribute(attributes);
access = HasUserAccess(user, accessAttribute);
}
return access;
}