| public static GetCurrentUserRoles ( ) : string[] | ||
| return | string[] | |
public static string[] GetCurrentUserRoles()
{
if (!IsAuthenticated)
{
// This needs to be recreated each time, because it's possible
// that the array can fall into the wrong hands and then someone
// could alter it.
return new[] { BlogConfig.AnonymousRole };
}
else
{
return Roles.GetRolesForUser();
}
}
/// <summary>
/// Returns whether the current user passes authorization on the rights based on the given AuthorizationCheck.
/// </summary>
/// <param name="authCheck"></param>
/// <param name="rights"></param>
/// <returns></returns>
public static bool IsAuthorizedTo(AuthorizationCheck authCheck, IEnumerable <Rights> rights)
{
if (rights.Count() == 0)
{
// Always return false for this. If there's a mistake where authorization
// is being checked for on an empty collection, we don't want to return
// true.
return(false);
}
else
{
var roles = Security.GetCurrentUserRoles();
if (authCheck == AuthorizationCheck.HasAny)
{
foreach (var right in rights)
{
if (Right.HasRight(right, roles))
{
return(true);
}
}
return(false);
}
else if (authCheck == AuthorizationCheck.HasAll)
{
bool authCheckPassed = true;
foreach (var right in rights)
{
if (!Right.HasRight(right, roles))
{
authCheckPassed = false;
break;
}
}
return(authCheckPassed);
}
else
{
throw new NotSupportedException();
}
}
}