private bool IsVisible(
DomainConfiguration configuration,
InvocationContext context,
string namespaceName,
string securableName)
{
List <string> assertedRoles = null;
if (context != null)
{
assertedRoles = context.GetProperty <List <string> >(AssertedRoles);
}
var permissions = configuration.GetProperty <IEnumerable <DomainPermission> >(Permissions);
if (permissions == null)
{
return(false);
}
permissions = permissions.Where(p => (
p.PermissionType == DomainPermissionType.All ||
p.PermissionType == DomainPermissionType.Inspect) && (
(p.NamespaceName == null && p.SecurableName == null) ||
(p.NamespaceName == namespaceName && p.SecurableName == securableName)) &&
p.ChildName == null && (p.Role == null || this.IsInRole(p.Role) ||
(assertedRoles != null && assertedRoles.Contains(p.Role))));
if (!permissions.Any() || permissions.Any(p => p.IsDeny))
{
return(false);
}
return(true);
}
/// <summary>
/// Asserts that a role should be present for the current principal.
/// </summary>
/// <param name="context">
/// An invocation context.
/// </param>
/// <param name="role">
/// The name of a role.
/// </param>
public static void AssertRole(
this InvocationContext context, string role)
{
Ensure.NotNull(context, "context");
Ensure.NotNull(role, "role");
var assertedRoles = context.GetProperty <List <string> >(AssertedRoles);
if (assertedRoles == null)
{
assertedRoles = new List <string>();
context.SetProperty(AssertedRoles, assertedRoles);
}
assertedRoles.Add(role);
}
/// <summary>
/// Revokes a previous assertion for a role.
/// </summary>
/// <param name="context">
/// An invocation context.
/// </param>
/// <param name="role">
/// The name of a role.
/// </param>
public static void RevokeRole(
this InvocationContext context, string role)
{
Ensure.NotNull(context, "context");
Ensure.NotNull(role, "role");
var assertedRoles = context.GetProperty <List <string> >(AssertedRoles);
if (assertedRoles != null)
{
int index = assertedRoles.LastIndexOf(role);
if (index >= 0)
{
assertedRoles.RemoveAt(index);
}
}
}