protected override void ConfigureSecurity(ExecutionContext context)
{
context.Assertions.Add(c => {
if (!c.User.CanManageRoles())
return AssertResult.Deny(new SecurityException(String.Format("User '{0}' has not enough rights to create roles.", c.User.Name)));
return AssertResult.Allow();
});
}