internal static bool GetGrantExpectation(TopicPermission topicPermission, TestIdentity identity, params AuthorizationRule[] rules)
{
List<AuthorizationRule> sortedRules = new List<AuthorizationRule>();
sortedRules.AddRange(rules);
sortedRules.Sort();
bool granted = false;
foreach (AuthorizationRule rule in sortedRules)
{
if (DoesRuleApply(rule, identity))
{
if (rule.Polarity == AuthorizationRulePolarity.Allow)
{
if ((int)topicPermission >= (int)rule.Action)
{
granted = true;
}
}
else if (rule.Polarity == AuthorizationRulePolarity.Deny)
{
if ((int)topicPermission <= (int)rule.Action)
{
granted = false;
}
}
else
{
throw new NotImplementedException();
}
}
}
return granted;
}
private static bool DoesRuleApply(AuthorizationRule rule, TestIdentity identity)
{
if (rule.Who.WhoType == AuthorizationRuleWhoType.GenericAll)
{
return true;
}
else if (rule.Who.WhoType == AuthorizationRuleWhoType.GenericAnonymous)
{
return !identity.IsAuthenticated;
}
else if (rule.Who.WhoType == AuthorizationRuleWhoType.GenericAuthenticated)
{
return identity.IsAuthenticated;
}
else if (rule.Who.WhoType == AuthorizationRuleWhoType.Role)
{
return identity.Roles.Contains(rule.Who.Who);
}
else if (rule.Who.WhoType == AuthorizationRuleWhoType.User)
{
return identity.Name == rule.Who.Who;
}
else
{
throw new NotImplementedException();
}
}
