/// <summary> /// Determines whether person is authorized for the EntityType /// </summary> /// <param name="action">The action.</param> /// <param name="person">The person.</param> /// <returns></returns> public virtual bool IsAuthorized(string action, Rock.Model.Person person) { if (this.IsSecured) { object entity = null; try { var type = EntityTypeCache.Get(this).GetEntityType(); entity = System.Activator.CreateInstance(type); } catch { // unable to create the entity, so return false since we can't do anything with it return(false); } if (entity is Rock.Security.ISecured) { Rock.Security.ISecured iSecured = (Rock.Security.ISecured)entity; return(iSecured.IsAuthorized(action, person)); } } return(true); }
protected override void OnInit(EventArgs e) { // Read parameter values string entityName = Rock.Security.Authorization.DecodeEntityTypeName(PageParameter("EntityType")); int entityId = Convert.ToInt32(PageParameter("EntityId")); // Get object type Type entityType = Type.GetType(entityName); // Instantiate object iSecured = entityType.InvokeMember("Read", System.Reflection.BindingFlags.InvokeMethod, null, entityType, new object[] { entityId }) as Rock.Security.ISecured; if (iSecured.Authorized("Configure", CurrentUser)) { rptActions.DataSource = iSecured.SupportedActions; rptActions.DataBind(); ShowActionNote(); rGrid.DataKeyNames = new string[] { "id" }; rGrid.GridReorder += new GridReorderEventHandler(rGrid_GridReorder); rGrid.GridRebind += new GridRebindEventHandler(rGrid_GridRebind); rGrid.ShowHeaderWhenEmpty = false; rGrid.EmptyDataText = string.Empty; rGrid.ShowActionRow = false; BindRoles(); string script = string.Format(@" Sys.Application.add_load(function () {{ $('#{0} td.grid-icon-cell.delete a').click(function(){{ return confirm('Are you sure you want to delete this role/user?'); }}); $('#modal-popup div.modal-header h3 small', window.parent.document).html('{1}'); }}); ", rGrid.ClientID, iSecured.ToString()); this.Page.ClientScript.RegisterStartupScript(this.GetType(), string.Format("grid-confirm-delete-{0}", rGrid.ClientID), script, true); } base.OnInit(e); }
protected override void OnInit( EventArgs e ) { // Read parameter values string entityName = Rock.Security.Authorization.DecodeEntityTypeName(PageParameter( "EntityType" )); int entityId = Convert.ToInt32( PageParameter( "EntityId" ) ); // Get object type Type entityType = Type.GetType( entityName ); // Instantiate object iSecured = entityType.InvokeMember( "Read", System.Reflection.BindingFlags.InvokeMethod, null, entityType, new object[] { entityId } ) as Rock.Security.ISecured; if ( iSecured.Authorized( "Configure", CurrentUser ) ) { rptActions.DataSource = iSecured.SupportedActions; rptActions.DataBind(); ShowActionNote(); rGrid.DataKeyNames = new string[] { "id" }; rGrid.GridReorder += new GridReorderEventHandler( rGrid_GridReorder ); rGrid.GridRebind += new GridRebindEventHandler( rGrid_GridRebind ); rGrid.ShowHeaderWhenEmpty = false; rGrid.EmptyDataText = string.Empty; rGrid.ShowActionRow = false; BindRoles(); string script = string.Format( @" Sys.Application.add_load(function () {{ $('#{0} td.grid-icon-cell.delete a').click(function(){{ return confirm('Are you sure you want to delete this role/user?'); }}); $('#modal-popup div.modal-header h3 small', window.parent.document).html('{1}'); }}); ", rGrid.ClientID, iSecured.ToString() ); this.Page.ClientScript.RegisterStartupScript( this.GetType(), string.Format( "grid-confirm-delete-{0}", rGrid.ClientID ), script, true ); } base.OnInit( e ); }