protected override bool OnValidateRequest(string userId, HttpContext context) { if (!this.CanUseQueues(userId)) { context.Response.EndWithDataServiceError(401, "Unauthorized", "You have no permission to use queues."); } var queueName = StorageRequestAnalyzer.GetRequestedQueue(context.Request); if (!this.CanUseQueue(userId, queueName, context.Request)) { context.Response.EndWithDataServiceError(401, "Unauthorized", "You have no permission to use this queue."); } return(true); }
private bool CanUseTable(string userId, string tableName, HttpRequest request) { var publicTablePrivilege = string.Format(CultureInfo.InvariantCulture, "{0}{1}", tableName, PrivilegeConstants.PublicTablePrivilegeSuffix); if (!this.userPrivilegesRepository.PublicPrivilegeExists(publicTablePrivilege)) { var accessTablePrivilege = string.Format(CultureInfo.InvariantCulture, "{0}{1}", tableName, PrivilegeConstants.TablePrivilegeSuffix); if (!this.userPrivilegesRepository.HasUserPrivilege(userId, accessTablePrivilege)) { // Check if the user is listing the available tables or creating a new table. return(StorageRequestAnalyzer.IsListingTables(request) || StorageRequestAnalyzer.IsCreatingTable(request, tableName)); } } return(true); }
private bool CanUseQueue(string userId, string queueName, HttpRequest request) { if (string.IsNullOrWhiteSpace(queueName)) { return(true); } var publicQueuePrivilege = string.Format(CultureInfo.InvariantCulture, "{0}{1}", queueName, PrivilegeConstants.PublicQueuePrivilegeSuffix); if (!this.userPrivilegesRepository.PublicPrivilegeExists(publicQueuePrivilege)) { var accessQueuePrivilege = string.Format(CultureInfo.InvariantCulture, "{0}{1}", queueName, PrivilegeConstants.QueuePrivilegeSuffix); if (!this.userPrivilegesRepository.HasUserPrivilege(userId, accessQueuePrivilege)) { // Check if the user is creating a new queue. return(StorageRequestAnalyzer.IsCreatingQueue(request)); } } return(true); }