Table of Contents

Interface IPermissionEvaluator

Namespace
Dynamicweb.Security.Permissions
Assembly
Dynamicweb.Core.dll

Evaluates permission levels on IPermissionEntity instances.

This is not an extensibility point - it exists to allow constructor injection and unit testing of components that need to check permissions.

Inject via constructor and use in place of the static HasPermission extension method: 
internal AssortmentSaveCommand(
    IPermissionEvaluator permissionEvaluator,
    AssortmentService assortmentService)
{
    _permissionEvaluator = permissionEvaluator;
    _assortmentService = assortmentService;
}

public override CommandResult Handle()
{
    var entity = _assortmentService.GetAssortmentById(id);
    if (!_permissionEvaluator.HasPermission(entity, PermissionLevel.Edit))
        return new() { Status = CommandResult.ResultType.NotAllowed };
    // ... continue with handling
}
 
public interface IPermissionEvaluator

Methods

HasPermission(IPermissionEntity, PermissionLevel)

Determines whether the current user has the specified permission level on the given entity.

bool HasPermission(IPermissionEntity entity, PermissionLevel level)

Parameters

entity IPermissionEntity

The entity to check permissions for.

level PermissionLevel

The required permission level.

Returns

bool

true if the current user satisfies level; otherwise false.

Improve this doc
To top