CSLA.NET 5.4.2
CSLA .NET is a software development framework that helps you build a reusable, maintainable object-oriented business layer for your app.
AuthorizeRequest.cs
Go to the documentation of this file.
1//-----------------------------------------------------------------------
2// <copyright file="AuthorizeRequest.cs" company="Marimer LLC">
3// Copyright (c) Marimer LLC. All rights reserved.
4// Website: https://cslanet.com
5// </copyright>
6// <summary>Object containing information about the</summary>
7//-----------------------------------------------------------------------
8using System;
9using Csla.Properties;
10using Csla.Rules;
11using Csla.Security;
12
13namespace Csla.Server
14{
19 public class AuthorizeRequest
20 {
25 public Type ObjectType { get; private set; }
31 public object RequestObject { get; private set; }
36 public DataPortalOperations Operation { get; private set; }
37
38 internal AuthorizeRequest(Type objectType, object requestObject, DataPortalOperations operation)
39 {
40 this.ObjectType = objectType;
41 this.RequestObject = requestObject;
42 this.Operation = operation;
43 }
44
51 public void CheckPermissions()
52 {
53 if (Operation == DataPortalOperations.Update ||
55 {
56 // Per-Instance checks
58 {
59 throw new SecurityException(
61 Operation.ToSecurityActionDescription(),
62 ObjectType.Name)
63 );
64 }
65 }
66
67 // Per-Type checks
68 if (!BusinessRules.HasPermission(Operation.ToAuthAction(), ObjectType))
69 {
70 throw new SecurityException(
72 Operation.ToSecurityActionDescription(),
73 ObjectType.Name)
74 );
75 }
76 }
77 }
78}
A strongly-typed resource class, for looking up localized strings, etc.
static string UserNotAuthorizedException
Looks up a localized string similar to User not authorized to {0} object type {1}.
Tracks the business rules for a business object.
static bool HasPermission(AuthorizationActions action, Type objectType)
Checks per-type authorization rules.
Object containing information about the client request to the data portal.
object RequestObject
Gets a reference to the criteria or business object passed from the client to the server.
Type ObjectType
Gets the type of business object affected by the client request.
DataPortalOperations Operation
Gets the data portal operation requested by the client.
void CheckPermissions()
Checks that the current identity has permission to carry out this operation, and if not throws a Secu...
DataPortalOperations
List of data portal operations.