I have the following class:
[ClaimsPrincipalPermission(SecurityAction.Demand, Operation = "view", Resource = "agreement")]
public class AgreementViewModel : Screen
{
[ClaimsPrincipalPermission(SecurityAction.Assert, Operation = "save", Resource = "agreement")]
public async void Save()
{
}
}
My problem is that even though the principal has both claims specified above, the call to Save fails. If i take off the claims from class level it works fine. The class also instantiates just fine. My "manual" check to figure out if the user can execute action works fine, it's the actual execution the fails. Manual check is defined as following:
public bool CanExecute(object sender, [CallerMemberName] string callerMethod = null)
{
string targetMethodName = callerMethod;
if (callerMethod == null)
return true;
if (callerMethod.StartsWith("Can"))
targetMethodName = callerMethod.Substring(3, callerMethod.Length - 3);
if (string.IsNullOrEmpty(targetMethodName))
return true;
var claimsAttribute = sender.GetType().GetMethods()
.Where(x => x.Name == targetMethodName)
.SelectMany(x => x.GetCustomAttributes(typeof(ClaimsPrincipalPermissionAttribute), true).Cast<ClaimsPrincipalPermissionAttribute>())
.FirstOrDefault();
return CanExecute(claimsAttribute);
}
private bool CanExecute(ClaimsPrincipalPermissionAttribute claimsAttribute)
{
if (claimsAttribute == null)
return true;
try
{
claimsAttribute.CreatePermission().Demand();
}
catch (SecurityException)
{
return false;
}
return true;
}