/// <summary> /// Record retrieved /// </summary> public List <DetectedIssue> RetrievedRecord(SVC.Core.ComponentModel.HealthServiceRecordComponent hsr) { var iconfig = ApplicationContext.Current.GetService <ISystemConfigurationService>(); var isessionService = ApplicationContext.Current.GetService <ISessionManagerService>(); var subject = (hsr as HealthServiceRecordContainer).FindComponent(HealthServiceRecordSiteRoleType.SubjectOf) as Person; List <DetectedIssue> retVal = new List <DetectedIssue>(); if (isessionService != null && subject != null) { for (int i = subject.AlternateIdentifiers.Count - 1; i >= 0; i--) { var itm = subject.AlternateIdentifiers[i]; var oid = iconfig.OidRegistrar.FindData(itm.Domain); if (oid == null) { continue; } else { var demand = oid.Attributes.FirstOrDefault(o => o.Key == "demand"); if (!String.IsNullOrEmpty(demand.Value)) { // User must have permission var scopeClaim = (AuthenticationContext.Current?.Principal as ClaimsPrincipal)?.FindAll("scope"); if (scopeClaim == null || scopeClaim.Count() == 0 || !scopeClaim.Any(c => c.Type == "scope" && c.Value == demand.Value)) { subject.AlternateIdentifiers.RemoveAt(i); retVal.Add(new DetectedIssue() { MitigatedBy = ManagementType.OtherActionTaken, Severity = IssueSeverityType.Moderate, Type = IssueType.InsufficientAuthorization, Priority = IssuePriorityType.Informational }); } } } } } return(retVal); }
/// <summary> /// Record is about to be persisted /// </summary> public List <DetectedIssue> RecordPersisting(SVC.Core.ComponentModel.HealthServiceRecordComponent hsr) { return(new List <DetectedIssue>()); }