private async Task <dynamic> GetUserPermissions(dynamic param) { var userPermissionRequest = this.Bind <UserInfoRequest>(); var isGrainEmpty = string.IsNullOrEmpty(userPermissionRequest.Grain); await SetDefaultRequest(userPermissionRequest); CheckReadAccess(); // cast is required due to dynamic inputs - otherwise the compiler thinks the return type is a dynamic var groups = await _userService.GetGroupsForUser(param.subjectId, param.identityProvider, true) as IEnumerable <Group>; var permissionResolutionResult = await _permissionResolverService.Resolve(new PermissionResolutionRequest { SubjectId = param.subjectId, IdentityProvider = param.identityProvider, Grain = userPermissionRequest.Grain, SecurableItem = userPermissionRequest.SecurableItem, IncludeSharedPermissions = isGrainEmpty, UserGroups = groups }); return(permissionResolutionResult.AllowedPermissions .Concat(permissionResolutionResult.DeniedPermissions) .Select(p => p.ToResolvedPermissionApiModel())); }
private async Task <dynamic> GetUserPermissions(dynamic param) { var userPermissionRequest = this.Bind <UserInfoRequest>(); var isGrainEmpty = string.IsNullOrEmpty(userPermissionRequest.Grain); await SetDefaultRequest(userPermissionRequest); CheckReadAccess(); var permissionResolutionResult = await _permissionResolverService.Resolve(new PermissionResolutionRequest { SubjectId = param.subjectId, IdentityProvider = param.identityProvider, Grain = userPermissionRequest.Grain, SecurableItem = userPermissionRequest.SecurableItem, IncludeSharedPermissions = isGrainEmpty, UserGroups = await _userService.GetGroupsForUser(param.subjectId, param.identityProvider) }); return(permissionResolutionResult.AllowedPermissions .Concat(permissionResolutionResult.DeniedPermissions) .Select(p => p.ToResolvedPermissionApiModel())); }
private async Task<IEnumerable<string>> GetPermissions<T>(FabricModule<T> module, string grain, string securableItemName) { var permissionResolutionResult = await _permissionResolverService.Resolve(new PermissionResolutionRequest { SubjectId = module.SubjectId, IdentityProvider = module.IdentityProvider, Grain = grain, SecurableItem = securableItemName, UserGroups = await GetGroupsForAuthenticatedUser(module.SubjectId, module.IdentityProvider, module.Context.CurrentUser) }); var permissions = permissionResolutionResult.AllowedPermissions .Except(permissionResolutionResult.DeniedPermissions) .Select(p => p.ToString()); return permissions; }