ActiveDirectoryAuthorization.Services.ActiveDirectoryAuthorizationService.TryCheckAccess C# (CSharp) Méthode

ActiveDirectoryAuthorizationService Class Documentation Afficher le fichier Open project: moov2/Orchard.ActiveDirectoryAuthorization

TryCheckAccess() public méthode

public TryCheckAccess ( Orchard.Security.Permissions.Permission permission, IUser user, IContent content ) : bool
permission Orchard.Security.Permissions.Permission
user IUser
content IContent
Résultat bool 
        public bool TryCheckAccess(Permission permission, IUser user, IContent content)
        {
            var context = new CheckAccessContext { Permission = permission, User = user, Content = content };
            _authorizationServiceEventHandler.Checking(context);

            for (var adjustmentLimiter = 0; adjustmentLimiter != 3; ++adjustmentLimiter)
            {
                if (!context.Granted && context.User != null)
                {
                    if (!String.IsNullOrEmpty(_workContextAccessor.GetContext().CurrentSite.SuperUser) &&
                           String.Equals(context.User.UserName, _workContextAccessor.GetContext().CurrentSite.SuperUser, StringComparison.Ordinal))
                    {
                        context.Granted = true;
                    }
                }

                if (!context.Granted)
                {

                    // determine which set of permissions would satisfy the access check
                    var grantingNames = PermissionNames(context.Permission, Enumerable.Empty<string>()).Distinct().ToArray();

                    // determine what set of roles should be examined by the access check
                    IEnumerable<string> rolesToExamine;
                    if (context.User == null)
                    {
                        rolesToExamine = AnonymousRole;
                    }
                    else if (context.User.Has<IUserRoles>())
                    {
                        // the current user is not null, so get his roles and add "Authenticated" to it
                        rolesToExamine = context.User.As<IUserRoles>().Roles.Union(new ActiveDirectoryUser().Roles).ToList();

                        // when it is a simulated anonymous user in the admin
                        if (!rolesToExamine.Contains(AnonymousRole[0]))
                        {
                            rolesToExamine = rolesToExamine.Concat(AuthenticatedRole);
                        }
                    }
                    else
                    {
                        // the user is not null and has no specific role, then it's just "Authenticated"
                        rolesToExamine = AuthenticatedRole;
                    }

                    foreach (var role in rolesToExamine)
                    {
                        foreach (var permissionName in _roleService.GetPermissionsForRoleByName(role))
                        {
                            string possessedName = permissionName;
                            if (grantingNames.Any(grantingName => String.Equals(possessedName, grantingName, StringComparison.OrdinalIgnoreCase)))
                            {
                                context.Granted = true;
                            }

                            if (context.Granted)
                                break;
                        }

                        if (context.Granted)
                            break;
                    }
                }

                context.Adjusted = false;
                _authorizationServiceEventHandler.Adjust(context);
                if (!context.Adjusted)
                    break;
            }

            _authorizationServiceEventHandler.Complete(context);

            return context.Granted;
        }
ActiveDirectoryAuthorizationService
ActiveDirectoryAuthorizationService
CheckAccess
PermissionNames
TryCheckAccess