WindowsIdentity identity = WindowsIdentity.GetCurrent();
IAzClientContext client = app.InitializeClientContextFromToken((ulong)identity.Token.ToInt64(), null);
object[] scopes = new object[] { (object)"" };
object[] grantOps = new object[] { (object)1, (object)2, (object)3, (object)4};
object[] denyOps = new object[] { (object)100001, (object)100002,
(object)100003, (object)100004 };
object[] grantResults = (object[])client.AccessCheck("check for grant",
scopes, grantOps, null, null, null, null, null);
object[] denyResults = (object[])client.AccessCheck("check for deny",
scopes, denyOps, null, null, null, null, null);
for (int i = 0; i < grantResults.Length; i++)
{
if(((int)grantResults[i] == 0) && ((int)denyResults[i] != 0))
Console.WriteLine("Grant");
else
Console.WriteLine("Deny");
}
We'll hide all the details in the administration tool, so that all the user will see is radio buttons for Grant and Deny for each operations.
I'm pretty happy with this for a number of reasons
Powered by: newtelligence dasBlog 2.3.9074.18820
Disclaimer The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.
© Copyright 2019, Patrick Cauldwell
E-mail