/// <summary> /// Authorize permission /// </summary> /// <param name="permission">Permission record</param> /// <param name="user">User</param> /// <returns>true - authorized; otherwise, false</returns> public virtual bool Authorize(PermissionRecord permission, User user) { if (permission == null) return false; if (user == null) return false; var userRoles = user.UserRoles.Where(ur => ur.Active); foreach (var role in userRoles) foreach (var userPermission in role.PermissionRecords) if (userPermission.SystemName.Equals(permission.SystemName, StringComparison.InvariantCultureIgnoreCase)) return true; return false; }
/// <summary> /// Delete a permission /// </summary> /// <param name="permission">Permission</param> public virtual void DeletePermissionRecord(PermissionRecord permission) { if (permission == null) throw new ArgumentNullException("permission"); _permissionRecordRepository.Delete(permission); }
/// <summary> /// Authorize permission /// </summary> /// <param name="permission">Permission record</param> /// <returns>true - authorized; otherwise, false</returns> public virtual bool Authorize(PermissionRecord permission) { return Authorize(permission, _workContext.CurrentUser); }