IEntityIdAuthorizer
Members
Namespace: ASPSecurityKit.Authorization
Assembly: ASPSecurityKit.dll
Summary
Provides an interface to perform data authorization on operation parameters, request DTOs etc. in conjunction with IReferencesProvider<TIdMemberReference>.
Remarks
At a high level, data authorization is performed as follows:
-
Traverse through the given object/parameters (including their nested properties in case of complex type) and capture the special parameters/properties (having a non-nul value or at least one element in case of collections) that are deemed as identifiers (entityIds).
-
Obtain related references using IReferencesProvider<TIdMemberReference> for each such captured entityId if a loader is available for it; otherwise, just use that entityId value. Related references are usually ancestors, or higher level entityIds in terms of entity relationship hierarchy, which can be used to authorize operations on child or lower level entityIds.
-
Authorize each such entityId using its related references collection via IsAuthorized. Only one permitted reference is enough to authorize an entityId for the current operation.
-
If any of the entityIds couldn’t be authorized, Failed will be returned with Unauthorized, DoNotOwnEntityIds and AuthError collection having unauthorized entityId(s) information.
-
Finally, perform The entity suspension check using IsSuspended and report the failure if any. For detailed information, visit https://ASPSecurityKit.net/docs/how-to-perform-activity-based-data-aware-authorization/
Methods
Authorize(permissionCode,method,arguments,entityName,doNotPerformGeneralPermitCheck,doNotPerformPossessesPermissionCheck,possessesPermissionCheckIfNoIdParamProvided)
Summary
Performs data authorization on the operation’s parameters. See IEntityIdAuthorizer remarks to learn about the flow.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| method | System.Reflection.MethodInfo | The method. |
| arguments | System.Collections.Generic.IDictionary{System.String,System.Object} | The operation’s arguments. |
| entityName | System.String | The entity name that can be used to prefix entityId parameter names that are incomplete for instance ‘Id’, to locate the right related references provider for them. |
| doNotPerformGeneralPermitCheck | System.Boolean | Indicates whether or not general permit based authorization is performed. If set to false (the default) and the current identity has a general permit with the given permissionCode, no data authorization will be performed as the current identity is deemed authorized on all records for the associated permission already. |
| doNotPerformPossessesPermissionCheck | System.Boolean | Indicates whether or not possesses permission check is performed. If set to false (the default) and the current identity does not have any permit with the given permissionCode, no data authorization will be performed as the current identity is deemed unauthorized on all records for the associated permission. |
| possessesPermissionCheckIfNoIdParamProvided | System.Boolean | Optional. Indicates whether to perform just the PossessesPermission check in case arguments has no valid identifier and consider as authorized if the check passes. The default is false. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When method or arguments is null, or permissionCode is null/empty/whitespace. |
Authorize(permissionCode,dto,entityName,doNotPerformGeneralPermitCheck,doNotPerformPossessesPermissionCheck,possessesPermissionCheckIfNoIdParamProvided)
Summary
Performs data authorization on the given request DTO. See IEntityIdAuthorizer remarks to learn about the flow.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| dto | System.Object | The request DTO object. |
| entityName | System.String | The entity name that can be used to prefix entityId property names that are incomplete for instance ‘Id’, to locate the right related references provider for them. |
| doNotPerformGeneralPermitCheck | System.Boolean | Indicates whether or not general permit based authorization is performed. If set to false (the default) and the current identity has a general permit with the given permissionCode, no data authorization will be performed as the current identity is deemed authorized on all records for the associated permission already. |
| doNotPerformPossessesPermissionCheck | System.Boolean | Indicates whether or not possesses permission check is performed. If set to false (the default) and the current identity does not have any permit with the given permissionCode, no data authorization will be performed as the current identity is deemed unauthorized on all records for the associated permission. |
| possessesPermissionCheckIfNoIdParamProvided | System.Boolean | Optional. Indicates whether to perform just the PossessesPermission check in case dto has no valid identifier and consider as authorized if the check passes. The default is false. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When dto is null or permissionCode is null/empty/whitespace. |
IsAuthorized(permissionCode,idContainers)
Summary
Performs data authorization on the entityIds mentioned as properties in the given container objects. See IsAuthorized overload for more details.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| idContainers | System.Object[] | One or more container objects (usually anonymous types) each of which just contains entityId properties to authorize. Only properties having a non-nul value (or at least one element in case of collections) will be considered. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When permissionCode is null/empty/whitespace. |
| System.ArgumentException | When idContainers is null/empty. |
Remarks
This method invokes its other overload IsAuthorized passing both the bool arguments as false.
IsAuthorized(permissionCode,doNotPerformGeneralPermitCheck,doNotPerformPossessesPermissionCheck,idContainers,possessesPermissionCheckIfNoIdParamProvided)
Summary
Performs data authorization on the entityIds mentioned as properties in the given container objects. Though all properties are assumed to be entityId properties, yet only properties having a non-nul value (or at least one element in case of collections) will be considered. If you’re looking to select specific properties as entityIds, use Authorize method instead.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| doNotPerformGeneralPermitCheck | System.Boolean | Indicates whether or not general permit based authorization is performed. If set to false and the current identity has a general permit with the given permissionCode, no data authorization will be performed as the current identity is deemed authorized on all records for the associated permission already. |
| doNotPerformPossessesPermissionCheck | System.Boolean | Indicates whether or not possesses permission check is performed. If set to false and the current identity does not have any permit with the given permissionCode, no data authorization will be performed as the current identity is deemed unauthorized on all records for the associated permission. |
| idContainers | System.Boolean | One or more container objects (usually anonymous types) each of which just contains entityId properties to authorize. Only properties having a non-nul value (or at least one element in case of collections) will be considered. |
| possessesPermissionCheckIfNoIdParamProvided | System.Object[] | Indicates whether to perform just the PossessesPermission check in case idContainers has no valid identifier and consider as authorized if the check passes. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When permissionCode is null/empty/whitespace. |
| System.ArgumentException | When idContainers is null/empty. |
Remarks
Use this method from authDefinitions, for example, to authorize entityIds using the flow mentioned on IEntityIdAuthorizer. For instance you can call IsAuthorized(permissionCode, false, false, new { UserId = someObj.Id, someObj.ClientId },..). Only properties having a non-nul value (or at least one element in case of collections) will be considered. See IEntityIdAuthorizer remarks for more information.
IsAuthorized(permissionCode,idMembers,possessesPermissionCheckIfNoIdParamProvided)
Summary
Authorizes the given permission and entityIds against the loaded permit set (using IsAuthorized). To authorize an entityId, its References collection will be used. Only one permitted reference is enough to authorize an entityId.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure (likely Unauthorized).
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| idMembers | System.Collections.Generic.HashSet{ASPSecurityKit.Authorization.IIdMemberReference} | The entityIds collection. |
| possessesPermissionCheckIfNoIdParamProvided | System.Boolean | Indicates whether to perform just the PossessesPermission check in case idMembers has no item and consider as authorized if the check passes. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When idMembers is null or permissionCode is null/empty/whitespace. |
Remarks
The default implementation may return one of the following error messages for failure: DoNotOwnEntityIds, DidNotProvideRequiredEntityId, DoNotPossessPermission or Unauthorized depending on the failure reason. Once entityIds are authorized, The entity suspension check is invoked on them using IsSuspended.
IsSuspended(permissionCode,idMembers)
Summary
Performs the entity suspension check based on the given entityIds. See remarks for more details.
Returns
AuthResult instance with Code as Success if the given entityIds and their related references have no suspension being enforced; otherwise, Suspended) with FailureDescription as EntitiesSuspended and Errors containing list of details about suspended entityIds.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| idMembers | System.Collections.Generic.HashSet{ASPSecurityKit.Authorization.IIdMemberReference} | The entityIds collection. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When idMembers is null or permissionCode is null/empty/whitespace. |
Remarks
The default implementation works as follows: First, a call to GetSuspendedIds is made to get a list of ISuspendedId. Second, for each suspendedId received, a call is made to IsAllowed to determine if suspended id is permitted for the requested operation based on exclusion rules. Last, if there’s any suspended id left, the same is reported as per mentioned in return docs. For detailed information, visit https://ASPSecurityKit.net/docs/suspension/#entity-suspension
AuthorizeAsync(permissionCode,method,arguments,entityName,doNotPerformGeneralPermitCheck,doNotPerformPossessesPermissionCheck,possessesPermissionCheckIfNoIdParamProvided)
Summary
Performs data authorization on the operation’s parameters. See IEntityIdAuthorizer remarks to learn about the flow.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| method | System.Reflection.MethodInfo | The method. |
| arguments | System.Collections.Generic.IDictionary{System.String,System.Object} | The operation’s arguments. |
| entityName | System.String | The entity name that can be used to prefix entityId parameter names that are incomplete for instance ‘Id’, to locate the right related references provider for them. |
| doNotPerformGeneralPermitCheck | System.Boolean | Indicates whether or not general permit based authorization is performed. If set to false (the default) and the current identity has a general permit with the given permissionCode, no data authorization will be performed as the current identity is deemed authorized on all records for the associated permission already. |
| doNotPerformPossessesPermissionCheck | System.Boolean | Indicates whether or not possesses permission check is performed. If set to false (the default) and the current identity does not have any permit with the given permissionCode, no data authorization will be performed as the current identity is deemed unauthorized on all records for the associated permission. |
| possessesPermissionCheckIfNoIdParamProvided | System.Boolean | Optional. Indicates whether to perform just the PossessesPermission check in case arguments has no valid identifier and consider as authorized if the check passes. The default is false. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When method or arguments is null, or permissionCode is null/empty/whitespace. |
AuthorizeAsync(permissionCode,method,arguments,entityName,doNotPerformGeneralPermitCheck,doNotPerformPossessesPermissionCheck,possessesPermissionCheckIfNoIdParamProvided,cancellationToken)
Summary
Performs data authorization on the operation’s parameters. See IEntityIdAuthorizer remarks to learn about the flow.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| method | System.Reflection.MethodInfo | The method. |
| arguments | System.Collections.Generic.IDictionary{System.String,System.Object} | The operation’s arguments. |
| entityName | System.String | The entity name that can be used to prefix entityId parameter names that are incomplete for instance ‘Id’, to locate the right related references provider for them. |
| doNotPerformGeneralPermitCheck | System.Threading.CancellationToken | Indicates whether or not general permit based authorization is performed. If set to false (the default) and the current identity has a general permit with the given permissionCode, no data authorization will be performed as the current identity is deemed authorized on all records for the associated permission already. |
| doNotPerformPossessesPermissionCheck | System.Boolean | Indicates whether or not possesses permission check is performed. If set to false (the default) and the current identity does not have any permit with the given permissionCode, no data authorization will be performed as the current identity is deemed unauthorized on all records for the associated permission. |
| possessesPermissionCheckIfNoIdParamProvided | System.Boolean | Optional. Indicates whether to perform just the PossessesPermission check in case arguments has no valid identifier and consider as authorized if the check passes. The default is false. |
| cancellationToken | System.Boolean | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When method or arguments is null, or permissionCode is null/empty/whitespace. |
AuthorizeAsync(permissionCode,dto,entityName,doNotPerformGeneralPermitCheck,doNotPerformPossessesPermissionCheck,possessesPermissionCheckIfNoIdParamProvided)
Summary
Performs data authorization on the given request DTO. See IEntityIdAuthorizer remarks to learn about the flow.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| dto | System.Object | The request DTO object. |
| entityName | System.String | The entity name that can be used to prefix entityId property names that are incomplete for instance ‘Id’, to locate the right related references provider for them. |
| doNotPerformGeneralPermitCheck | System.Boolean | Indicates whether or not general permit based authorization is performed. If set to false (the default) and the current identity has a general permit with the given permissionCode, no data authorization will be performed as the current identity is deemed authorized on all records for the associated permission already. |
| doNotPerformPossessesPermissionCheck | System.Boolean | Indicates whether or not possesses permission check is performed. If set to false (the default) and the current identity does not have any permit with the given permissionCode, no data authorization will be performed as the current identity is deemed unauthorized on all records for the associated permission. |
| possessesPermissionCheckIfNoIdParamProvided | System.Boolean | Optional. Indicates whether to perform just the PossessesPermission check in case dto has no valid identifier and consider as authorized if the check passes. The default is false. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When dto is null or permissionCode is null/empty/whitespace. |
AuthorizeAsync(permissionCode,dto,entityName,cancellationToken,doNotPerformGeneralPermitCheck,doNotPerformPossessesPermissionCheck,possessesPermissionCheckIfNoIdParamProvided)
Summary
Performs data authorization on the given request DTO. See IEntityIdAuthorizer remarks to learn about the flow.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| dto | System.Object | The request DTO object. |
| entityName | System.String | The entity name that can be used to prefix entityId property names that are incomplete for instance ‘Id’, to locate the right related references provider for them. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
| doNotPerformGeneralPermitCheck | System.Boolean | Indicates whether or not general permit based authorization is performed. If set to false (the default) and the current identity has a general permit with the given permissionCode, no data authorization will be performed as the current identity is deemed authorized on all records for the associated permission already. |
| doNotPerformPossessesPermissionCheck | System.Boolean | Indicates whether or not possesses permission check is performed. If set to false (the default) and the current identity does not have any permit with the given permissionCode, no data authorization will be performed as the current identity is deemed unauthorized on all records for the associated permission. |
| possessesPermissionCheckIfNoIdParamProvided | System.Boolean | Optional. Indicates whether to perform just the PossessesPermission check in case dto has no valid identifier and consider as authorized if the check passes. The default is false. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When dto is null or permissionCode is null/empty/whitespace. |
IsAuthorizedAsync(permissionCode,idContainers)
Summary
Performs data authorization on the entityIds mentioned as properties in the given container objects. See IsAuthorized overload for more details.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| idContainers | System.Object[] | One or more container objects (usually anonymous types) each of which just contains entityId properties to authorize. Only properties having a non-nul value (or at least one element in case of collections) will be considered. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When permissionCode is null/empty/whitespace. |
| System.ArgumentException | When idContainers is null/empty. |
Remarks
This method invokes its other overload IsAuthorized passing both the bool arguments as false.
IsAuthorizedAsync(permissionCode,cancellationToken,idContainers)
Summary
Performs data authorization on the entityIds mentioned as properties in the given container objects. See IsAuthorized overload for more details.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
| idContainers | System.Object[] | One or more container objects (usually anonymous types) each of which just contains entityId properties to authorize. Only properties having a non-nul value (or at least one element in case of collections) will be considered. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When permissionCode is null/empty/whitespace. |
| System.ArgumentException | When idContainers is null/empty. |
Remarks
This method invokes its other overload IsAuthorized passing both the bool arguments as false.
IsAuthorizedAsync(permissionCode,doNotPerformGeneralPermitCheck,doNotPerformPossessesPermissionCheck,idContainers,possessesPermissionCheckIfNoIdParamProvided)
Summary
Performs data authorization on the entityIds mentioned as properties in the given container objects. Though all properties are assumed to be entityId properties, yet only properties having a non-nul value (or at least one element in case of collections) will be considered. If you’re looking to select specific properties as entityIds, use Authorize method instead.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| doNotPerformGeneralPermitCheck | System.Boolean | Indicates whether or not general permit based authorization is performed. If set to false and the current identity has a general permit with the given permissionCode, no data authorization will be performed as the current identity is deemed authorized on all records for the associated permission already. |
| doNotPerformPossessesPermissionCheck | System.Boolean | Indicates whether or not possesses permission check is performed. If set to false and the current identity does not have any permit with the given permissionCode, no data authorization will be performed as the current identity is deemed unauthorized on all records for the associated permission. |
| idContainers | System.Boolean | One or more container objects (usually anonymous types) each of which just contains entityId properties to authorize. Only properties having a non-nul value (or at least one element in case of collections) will be considered. |
| possessesPermissionCheckIfNoIdParamProvided | System.Object[] | Indicates whether to perform just the PossessesPermission check in case idContainers has no valid identifier and consider as authorized if the check passes. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When permissionCode is null/empty/whitespace. |
| System.ArgumentException | When idContainers is null/empty. |
Remarks
Use this method from authDefinitions, for example, to authorize entityIds using the flow mentioned on IEntityIdAuthorizer. For instance you can call IsAuthorized(permissionCode, false, false, new { UserId = someObj.Id, someObj.ClientId },..). Only properties having a non-nul value (or at least one element in case of collections) will be considered. See IEntityIdAuthorizer remarks for more information.
IsAuthorizedAsync(permissionCode,doNotPerformGeneralPermitCheck,doNotPerformPossessesPermissionCheck,idContainers,cancellationToken,possessesPermissionCheckIfNoIdParamProvided)
Summary
Performs data authorization on the entityIds mentioned as properties in the given container objects. Though all properties are assumed to be entityId properties, yet only properties having a non-nul value (or at least one element in case of collections) will be considered. If you’re looking to select specific properties as entityIds, use Authorize method instead.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| doNotPerformGeneralPermitCheck | System.Boolean | Indicates whether or not general permit based authorization is performed. If set to false and the current identity has a general permit with the given permissionCode, no data authorization will be performed as the current identity is deemed authorized on all records for the associated permission already. |
| doNotPerformPossessesPermissionCheck | System.Boolean | Indicates whether or not possesses permission check is performed. If set to false and the current identity does not have any permit with the given permissionCode, no data authorization will be performed as the current identity is deemed unauthorized on all records for the associated permission. |
| idContainers | System.Boolean | One or more container objects (usually anonymous types) each of which just contains entityId properties to authorize. Only properties having a non-nul value (or at least one element in case of collections) will be considered. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
| possessesPermissionCheckIfNoIdParamProvided | System.Object[] | Indicates whether to perform just the PossessesPermission check in case idContainers has no valid identifier and consider as authorized if the check passes. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When permissionCode is null/empty/whitespace. |
| System.ArgumentException | When idContainers is null/empty. |
Remarks
Use this method from authDefinitions, for example, to authorize entityIds using the flow mentioned on IEntityIdAuthorizer. For instance you can call IsAuthorized(permissionCode, false, false, new { UserId = someObj.Id, someObj.ClientId },..). Only properties having a non-nul value (or at least one element in case of collections) will be considered. See IEntityIdAuthorizer remarks for more information.
IsAuthorizedAsync(permissionCode,idMembers,possessesPermissionCheckIfNoIdParamProvided)
Summary
Authorizes the given permission and entityIds against the loaded permit set (using IsAuthorized). To authorize an entityId, its References collection will be used. Only one permitted reference is enough to authorize an entityId.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure (likely Unauthorized).
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| idMembers | System.Collections.Generic.HashSet{ASPSecurityKit.Authorization.IIdMemberReference} | The entityIds collection. |
| possessesPermissionCheckIfNoIdParamProvided | System.Boolean | Indicates whether to perform just the PossessesPermission check in case idMembers has no item and consider as authorized if the check passes. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When idMembers is null or permissionCode is null/empty/whitespace. |
Remarks
The default implementation may return one of the following error messages for failure: DoNotOwnEntityIds, DidNotProvideRequiredEntityId, DoNotPossessPermission or Unauthorized depending on the failure reason. Once entityIds are authorized, The entity suspension check is invoked on them using IsSuspended.
IsAuthorizedAsync(permissionCode,idMembers,possessesPermissionCheckIfNoIdParamProvided,cancellationToken)
Summary
Authorizes the given permission and entityIds against the loaded permit set (using IsAuthorized). To authorize an entityId, its References collection will be used. Only one permitted reference is enough to authorize an entityId.
Returns
AuthResult instance with Code as Success if the current identity has the necessary permit; otherwise, a possible reason of failure (likely Unauthorized).
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| idMembers | System.Collections.Generic.HashSet{ASPSecurityKit.Authorization.IIdMemberReference} | The entityIds collection. |
| possessesPermissionCheckIfNoIdParamProvided | System.Boolean | Indicates whether to perform just the PossessesPermission check in case idMembers has no item and consider as authorized if the check passes. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When idMembers is null or permissionCode is null/empty/whitespace. |
Remarks
The default implementation may return one of the following error messages for failure: DoNotOwnEntityIds, DidNotProvideRequiredEntityId, DoNotPossessPermission or Unauthorized depending on the failure reason. Once entityIds are authorized, The entity suspension check is invoked on them using IsSuspended.
IsSuspendedAsync(permissionCode,idMembers)
Summary
Performs the entity suspension check based on the given entityIds. See remarks for more details.
Returns
AuthResult instance with Code as Success if the given entityIds and their related references have no suspension being enforced; otherwise, Suspended) with FailureDescription as EntitiesSuspended and Errors containing list of details about suspended entityIds.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| idMembers | System.Collections.Generic.HashSet{ASPSecurityKit.Authorization.IIdMemberReference} | The entityIds collection. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When idMembers is null or permissionCode is null/empty/whitespace. |
Remarks
The default implementation works as follows: First, a call to GetSuspendedIds is made to get a list of ISuspendedId. Second, for each suspendedId received, a call is made to IsAllowed to determine if suspended id is permitted for the requested operation based on exclusion rules. Last, if there’s any suspended id left, the same is reported as per mentioned in return docs. For detailed information, visit https://ASPSecurityKit.net/docs/suspension/#entity-suspension
IsSuspendedAsync(permissionCode,idMembers,cancellationToken)
Summary
Performs the entity suspension check based on the given entityIds. See remarks for more details.
Returns
AuthResult instance with Code as Success if the given entityIds and their related references have no suspension being enforced; otherwise, Suspended) with FailureDescription as EntitiesSuspended and Errors containing list of details about suspended entityIds.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | The permission code. |
| idMembers | System.Collections.Generic.HashSet{ASPSecurityKit.Authorization.IIdMemberReference} | The entityIds collection. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When idMembers is null or permissionCode is null/empty/whitespace. |
Remarks
The default implementation works as follows: First, a call to GetSuspendedIds is made to get a list of ISuspendedId. Second, for each suspendedId received, a call is made to IsAllowed to determine if suspended id is permitted for the requested operation based on exclusion rules. Last, if there’s any suspended id left, the same is reported as per mentioned in return docs. For detailed information, visit https://ASPSecurityKit.net/docs/suspension/#entity-suspension