using System;
using System.Configuration;
+using System.Security.Principal;
#if NET_2_0
static AuthorizationSection ()
{
- rulesProp = new ConfigurationProperty ("", typeof (AuthorizationRuleCollection), null,
+ rulesProp = new ConfigurationProperty (String.Empty, typeof (AuthorizationRuleCollection), null,
null, PropertyHelper.DefaultValidator,
ConfigurationPropertyOptions.IsDefaultCollection);
properties = new ConfigurationPropertyCollection ();
properties.Add (rulesProp);
}
- [MonoTODO]
protected override void PostDeserialize()
{
base.PostDeserialize ();
get { return properties; }
}
+
+ internal bool IsValidUser (IPrincipal user, string verb)
+ {
+ string username = (user == null) ? String.Empty : user.Identity.Name;
+ foreach (AuthorizationRule rule in Rules) {
+ if (rule.Verbs.Count != 0 && !rule.CheckVerb (verb))
+ continue;
+
+ if (rule.CheckUser (username) || (user != null && rule.CheckRole(user)))
+ return (rule.Action == AuthorizationRuleAction.Allow);
+ }
+
+ return true;
+ }
+
}
}