void DemandPermission(SessionRights rights)
{
// throw an access denied permission if the rights aren't granted
if (!Security.HasPermission(OperationContext.Current.ServiceSecurityContext.WindowsIdentity.Token, rights))
{
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.Forbidden;
throw new UnauthorizedAccessException();
}
}
public static bool HasPermission(IntPtr clientToken, SessionRights desiredAccess)
{
// check the token
if (clientToken == IntPtr.Zero)
{
throw new ArgumentNullException("clientToken");
}
// check if the rights are granted or throw an error
var mapping = genericMapping;
var dummy = new Win32.PRIVILEGE_SET();
var dummyLen = Marshal.SizeOf(typeof(Win32.PRIVILEGE_SET));
var granted = 0U;
var result = false;
if (!Win32.AccessCheck(Program.SecurityDescriptor, clientToken, (uint)desiredAccess, ref mapping, ref dummy, ref dummyLen, out granted, out result))
{
throw new Win32Exception();
}
return(result);
}
UserData(string connectionString, SessionRights effectivePermissions)
{
ConnectionString = connectionString;
EffectivePermissions = effectivePermissions;
}
