protected override void ConfigureSecurity(ExecutionContext context)
{
context.Assertions.Add(c => {
if (SystemRoles.IsSystemRole(RoleName))
return AssertResult.Deny(new SecurityException(String.Format("The role '{0}' is system protected.", RoleName)));
return AssertResult.Allow();
});
context.Assertions.Add(c => {
if (!c.User.CanDropRole(RoleName))
return AssertResult.Deny(new SecurityException(String.Format("User '{0}' has not enough rights to drop a role.", c.User.Name)));
return AssertResult.Allow();
});
}