5.4.2/html/_authorize_request_8cs_source.html

//-----------------------------------------------------------------------

// <copyright file="AuthorizeRequest.cs" company="Marimer LLC">

//     Copyright (c) Marimer LLC. All rights reserved.

//     Website: https://cslanet.com

// </copyright>

// <summary>Object containing information about the</summary>

//-----------------------------------------------------------------------

using System;

using Csla.Properties;

using Csla.Rules;

using Csla.Security;


namespace Csla.Server

{

  public class AuthorizeRequest

  {

    public Type ObjectType { get; private set; }

    public object RequestObject { get; private set; }

    public DataPortalOperations Operation { get; private set; }


    internal AuthorizeRequest(Type objectType, object requestObject, DataPortalOperations operation)

    {

      this.ObjectType = objectType;

      this.RequestObject = requestObject;

      this.Operation = operation;

    }


    public void CheckPermissions()

    {

      if (Operation == DataPortalOperations.Update ||

          Operation == DataPortalOperations.Execute)

      {

         // Per-Instance checks

         if (!BusinessRules.HasPermission(Operation.ToAuthAction(), RequestObject))

         {

            throw new SecurityException(

               string.Format(Resources.UserNotAuthorizedException,

                   Operation.ToSecurityActionDescription(),

                   ObjectType.Name)

               );

         }

      }


      // Per-Type checks

      if (!BusinessRules.HasPermission(Operation.ToAuthAction(), ObjectType))

      {

         throw new SecurityException(

            string.Format(Resources.UserNotAuthorizedException,

                Operation.ToSecurityActionDescription(),

                ObjectType.Name)

            );

      }

    }

  }

}

Csla.Properties.Resources
A strongly-typed resource class, for looking up localized strings, etc.
Definition: Resources.Designer.cs:25

Csla.Properties.Resources.UserNotAuthorizedException
static string UserNotAuthorizedException
Looks up a localized string similar to User not authorized to {0} object type {1}.
Definition: Resources.Designer.cs:1092

Csla.Rules.BusinessRules
Tracks the business rules for a business object.
Definition: BusinessRules.cs:29

Csla.Rules.BusinessRules.HasPermission
static bool HasPermission(AuthorizationActions action, Type objectType)
Checks per-type authorization rules.
Definition: BusinessRules.cs:311

Csla.Security.SecurityException
Security exception.
Definition: SecurityException.cs:17

Csla.Server.AuthorizeRequest
Object containing information about the client request to the data portal.
Definition: AuthorizeRequest.cs:20

Csla.Server.AuthorizeRequest.RequestObject
object RequestObject
Gets a reference to the criteria or business object passed from the client to the server.
Definition: AuthorizeRequest.cs:31

Csla.Server.AuthorizeRequest.ObjectType
Type ObjectType
Gets the type of business object affected by the client request.
Definition: AuthorizeRequest.cs:25

Csla.Server.AuthorizeRequest.Operation
DataPortalOperations Operation
Gets the data portal operation requested by the client.
Definition: AuthorizeRequest.cs:36

Csla.Server.AuthorizeRequest.CheckPermissions
void CheckPermissions()
Checks that the current identity has permission to carry out this operation, and if not throws a Secu...
Definition: AuthorizeRequest.cs:51

Csla.Properties
Definition: Resources.Designer.cs:11

Csla.Rules
Definition: AuthorizationActions.cs:14

Csla.Security
Definition: Csla.Validation.Shared/AuthorizationRules.cs:17

Csla.Server
Definition: BrokeredPortal.cs:9

Csla
Definition: Csla.AspNetCore.Shared/ApplicationContextManager.cs:16

Csla.DataPortalOperations
DataPortalOperations
List of data portal operations.
Definition: DataPortalOperations.cs:17