public void Authorize(AuthorizeRequest clientRequest) { ClientRequest = clientRequest; if(!typeof(Csla.Core.ICommandObject).IsAssignableFrom(clientRequest.ObjectType)) throw new SecurityException("Authorization Failed"); }
/// <summary> /// Checks authorization rules for the request. /// </summary> /// <param name="clientRequest"> /// Client request information. /// </param> public void Authorize(AuthorizeRequest clientRequest) { if (ApplicationContext.LogicalExecutionLocation == ApplicationContext.LogicalExecutionLocations.Server && ApplicationContext.ExecutionLocation == ApplicationContext.ExecutionLocations.Server) { if (clientRequest.Operation == DataPortalOperations.Update || clientRequest.Operation == DataPortalOperations.Execute) { // Per-Instance checks if (!BusinessRules.HasPermission(ApplicationContext, clientRequest.Operation.ToAuthAction(), clientRequest.RequestObject)) { throw new SecurityException( string.Format(Resources.UserNotAuthorizedException, clientRequest.Operation.ToSecurityActionDescription(), clientRequest.ObjectType.Name) ); } } // Per-Type checks if (!BusinessRules.HasPermission(ApplicationContext, clientRequest.Operation.ToAuthAction(), clientRequest.ObjectType)) { throw new SecurityException( string.Format(Resources.UserNotAuthorizedException, clientRequest.Operation.ToSecurityActionDescription(), clientRequest.ObjectType.Name) ); } } }
/// <summary> /// Authorizes the specified client request. /// </summary> /// <param name="clientRequest">The client request.</param> public void Authorize(AuthorizeRequest clientRequest) { if (Csla.ApplicationContext.LocalContext["FirstRun"] == null && Csla.ApplicationContext.AuthenticationType == "Windows") { // the firstrun check is required, because server-side code // can call the data portal, so the data portal may be invoked // many times to handle a single client request // LocalContext is used to ensure this value is per-user, // because the application server is probably servicing // many users at once on different threads Csla.ApplicationContext.LocalContext["FirstRun"] = false; // the app is configured to not auto-impersonate, (the // authentication type is "Windows", so create principal // from database, using the username value provided // by the client in the ClientContext dictionary var username = (string)Csla.ApplicationContext.ClientContext["Username"]; if (string.IsNullOrWhiteSpace(username)) Csla.ApplicationContext.User = new UnauthenticatedPrincipal(); else MQ1Principal.Load(username); } }
/// <summary> /// Creates an instance of the type. /// </summary> /// <param name="clientRequest"> /// Client request information. /// </param> public void Authorize(AuthorizeRequest clientRequest) { /* default is to allow all requests */ }
private static void AuthorizeRequest(AuthorizeRequest clientRequest) { _authorizer.Authorize(clientRequest); }
internal void Authorize(AuthorizeRequest clientRequest) { AuthorizeRequest(clientRequest); }
private void AuthorizeRequest(AuthorizeRequest clientRequest) { Authorizer.Authorize(clientRequest); }
public void Authorize(AuthorizeRequest clientRequest) { ClientRequest = clientRequest; }