//-----------------------------------------------------------------------
//
// Copyright (C) 2011 Microsoft Corporation
//
//-----------------------------------------------------------------------
namespace Microsoft.Samples.Management.OData.RoleBasedPlugins
{
using System;
using System.Security.Principal;
using Microsoft.Management.Odata;
///
/// Custom Authorization implementation
///
public class CustomAuthorization : Microsoft.Management.Odata.CustomAuthorization
{
///
/// Authorizes a user
///
/// User information
/// Returns user quota
/// WindowsIdentity, if the user is authorized else throws an exception
public override WindowsIdentity AuthorizeUser(SenderInfo senderInfo, out UserQuota quota)
{
if ((senderInfo == null) || (senderInfo.Principal == null) || (senderInfo.Principal.Identity == null))
{
throw new ArgumentNullException("senderInfo");
}
if (senderInfo.Principal.Identity.IsAuthenticated == false)
{
throw new ArgumentException("User is not authenticated");
}
RbacUser.RbacUserInfo userInfo = null;
if (senderInfo.Principal.WindowsIdentity != null)
{
userInfo = new RbacUser.RbacUserInfo(senderInfo.Principal.WindowsIdentity);
}
else
{
userInfo = new RbacUser.RbacUserInfo(senderInfo.Principal.Identity);
}
return RbacSystem.Current.AuthorizeUser(userInfo, out quota);
}
///
/// Gets membership id
///
/// Sender information
/// Collection of management system execution state keys
public override string GetMembershipId(SenderInfo senderInfo)
{
if ((senderInfo == null) || (senderInfo.Principal == null) || (senderInfo.Principal.Identity == null))
{
throw new ArgumentNullException("senderInfo");
}
return RbacSystem.Current.GetMembershipId(new RbacUser.RbacUserInfo(senderInfo.Principal.Identity));
}
}
}