AuthorizationContext.Instance Property
[WCF RIA Services Version 1 Service Pack 2 is compatible with either .NET framework 4 or .NET Framework 4.5, and with either Silverlight 4 or Silverlight 5.]
Gets the object instance being authorized.
Namespace: System.ComponentModel.DataAnnotations
Assembly: System.ServiceModel.DomainServices.Server (in System.ServiceModel.DomainServices.Server.dll)
Syntax
'Declaration
Public ReadOnly Property Instance As Object
Get
'Usage
Dim instance As AuthorizationContext
Dim value As Object
value = instance.Instance
public Object Instance { get; }
public:
property Object^ Instance {
Object^ get ();
}
member Instance : Object
function get Instance () : Object
Property Value
Type: System.Object
The object instance being authorized.
Remarks
You use the Instance property to retrieve the entity object that is involved in the authorization. The Instance property is nulla null reference (Nothing in Visual Basic) when no object instance is available, such as when authorizing queries or evaluating whether an operation can be attempted. When you create a class that derives from the AuthorizationAttribute class, check whether the Instance property is nulla null reference (Nothing in Visual Basic) when implementing your customized authorization process.
Examples
The following example shows an implementation of the AuthorizationAttribute that uses an AuthorizationContext value to customize authentication.
Public Class CheckAttendeeNameAttribute
Inherits System.Web.DomainServices.AuthorizationAttribute
Public Overrides Function Authorize(ByVal principal As System.Security.Principal.IPrincipal) As Boolean
If (principal.IsInRole("Attendee") And principal.Identity.Name.StartsWith("A")) Then
Return True
Else
Return False
End If
End Function
End Class
Public Class RestrictAccessToAssignedManagers
Inherits AuthorizationAttribute
Protected Overrides Function IsAuthorized(ByVal principal As System.Security.Principal.IPrincipal, ByVal authorizationContext As System.ComponentModel.DataAnnotations.AuthorizationContext) As System.ComponentModel.DataAnnotations.AuthorizationResult
Dim eph As EmployeePayHistory
Dim selectedEmployee As Employee
Dim authenticatedUser As Employee
eph = CType(authorizationContext.Instance, EmployeePayHistory)
Using context As New AdventureWorksEntities()
selectedEmployee = context.Employees.SingleOrDefault(Function(e) e.EmployeeID = eph.EmployeeID)
authenticatedUser = context.Employees.SingleOrDefault(Function(e) e.LoginID = principal.Identity.Name)
End Using
If (selectedEmployee.ManagerID = authenticatedUser.EmployeeID) Then
Return AuthorizationResult.Allowed
Else
Return New AuthorizationResult("Only the authenticated manager for the employee can add a new record.")
End If
End Function
End Class
public class CheckAttendeeNameAttribute : System.Web.DomainServices.AuthorizationAttribute
{
public override bool Authorize(System.Security.Principal.IPrincipal principal)
{
if (principal.IsInRole("Attendee") && principal.Identity.Name.StartsWith("A"))
{
return true;
}
else
{
return false;
}
}
}
public class RestrictAccessToAssignedManagers : AuthorizationAttribute
{
protected override AuthorizationResult IsAuthorized(System.Security.Principal.IPrincipal principal, AuthorizationContext authorizationContext)
{
EmployeePayHistory eph = (EmployeePayHistory)authorizationContext.Instance;
Employee selectedEmployee;
Employee authenticatedUser;
using (AdventureWorksEntities context = new AdventureWorksEntities())
{
selectedEmployee = context.Employees.SingleOrDefault(e => e.EmployeeID == eph.EmployeeID);
authenticatedUser = context.Employees.SingleOrDefault(e => e.LoginID == principal.Identity.Name);
}
if (selectedEmployee.ManagerID == authenticatedUser.EmployeeID)
{
return AuthorizationResult.Allowed;
}
else
{
return new AuthorizationResult("Only the authenticated manager for the employee can add a new record.");
}
}
}