/// <summary> /// Check wither the user has access to the specified entity. /// </summary> /// <param name="entities"> /// The entities to check for. This cannot be null. /// </param> /// <param name="permissions"> /// The permissions to check for. This cannot be null. /// </param> /// <exception cref="ArgumentException"> /// <paramref name="permissions"/> cannot contain null. /// </exception> /// <returns> /// True if the current user has all the specified permissions to the specified /// entity, false otherwise. /// </returns> /// <exception cref="ArgumentNullException"> /// No argument can be null. /// </exception> /// <exception cref="InvalidOperationException"> /// <see cref="RequestContext"/> must be set. /// </exception> public IDictionary <long, bool> Check(IList <EntityRef> entities, IList <EntityRef> permissions) { if (entities == null) { throw new ArgumentNullException("entities"); } if (entities.Contains(null)) { throw new ArgumentException("Cannot check access for null entities", "entities"); } if (permissions == null) { throw new ArgumentNullException("permissions"); } if (permissions.Contains(null)) { throw new ArgumentException(@"Cannot contain null", "permissions"); } if (!RequestContext.IsSet) { throw new InvalidOperationException("RequestContext not set"); } if (entities.Count == 0) { return(new Dictionary <long, bool>()); } if (SkipCheck( )) { return(entities.ToDictionarySafe(x => x.Id, x => true)); } // Only process the most specific permission IList <EntityRef> permissionsOptimised = permissions; if (permissions.Count > 1) { long mostSpecificPermission = Permissions.MostSpecificPermission(permissions.Select(perm => perm.Id)); permissionsOptimised = new List <EntityRef> { new EntityRef(mostSpecificPermission) }; } IDictionary <long, bool> result; using (MessageContext messageContext = new MessageContext(MessageName, GetBehavior(entities.Select(e => e.Id)))) { if (!AccessControl.EntityAccessControlChecker.SkipCheck(new EntityRef(RequestContext.GetContext().Identity.Id))) { WriteHeaderMessage(entities, permissionsOptimised, messageContext); result = EntityAccessControlChecker.CheckAccess(entities, permissionsOptimised, RequestContext.GetContext().Identity.Id); WriteFooterMessage(result, messageContext); if (ShouldWriteSecurityTraceMessage(result)) { WriteSecurityTraceMessage(messageContext); } } else { result = entities.ToDictionary(e => e.Id, e => true); } } return(result); }