public void Authorise(IAuthorisable authorisable)
{
if (!ClaimsPrincipal.Current.HasClaim(c => c.Type == ClaimConstants.CanCreateOrderClaim))
{
var user = ClaimsPrincipal.Current.Identity.Name;
throw new SecurityException(string.Format("User {0} does not have a claim to create new orders.", user));
}
}
public void Authorise(IAuthorisable authorisable)
{
var applicableStrategies = this.authorisationStrategies.Where(a => a.IsApplicable(authorisable));
foreach (var applicableStrategy in applicableStrategies)
{
applicableStrategy.Authorise(authorisable);
}
}
public bool IsApplicable(IAuthorisable authorisable)
{
var authoriseReadCustomer = authorisable as IAuthoriseReadCustomer;
return(authoriseReadCustomer != null);
}
public bool IsApplicable(IAuthorisable authorisable)
{
var authoriseCreateOrder = authorisable as IAuthoriseCreateOrder;
return(authoriseCreateOrder != null);
}