Class SecurityContext

Manages access to information about the current user and their permissions.

Inheritance

System.Object

SecurityContext

Inherited Members

System.Object.ToString()

System.Object.Equals(System.Object)

System.Object.Equals(System.Object, System.Object)

System.Object.ReferenceEquals(System.Object, System.Object)

System.Object.GetHashCode()

System.Object.GetType()

System.Object.MemberwiseClone()

Namespace: Mediachase.Commerce.Security

Assembly: Mediachase.Commerce.dll

Version: 11.8.3

Syntax

public class SecurityContext

Constructors

SecurityContext(ISecurityProvider)

Creates a new instance of SecurityContext.

Declaration

public SecurityContext(ISecurityProvider securityProvider)

Parameters

Type	Name	Description
ISecurityProvider	securityProvider	The ISecurityProvider instance to use.

Remarks

Some implementations of security providers may implement both the ISecurityCheck and IRoleManagement, but not ISecurityProvider. The SecurityProviderUpgradeProxy class is provided to wrap a class implementing ISecurityCheck and IRoleManagement in a proxy implementing ISecurityProvider, so that that the service locator will know that the two interfaces are implemented by the same class (the configuration file format does not support specifying separate classes for ISecurityCheck and IRoleManagement).

SecurityContext(ISecurityProvider, SecurityEntityProvider, PermissionService, SecurityRole)

Declaration

[Obsolete("Use SecurityContext.ctor(ISecurityProvider). Will remain at least until July 2018.")]
public SecurityContext(ISecurityProvider securityProvider, SecurityEntityProvider securityEntityProvider, PermissionService permissionService, SecurityRole everyoneRole)

Parameters

Type	Name	Description
ISecurityProvider	securityProvider
EPiServer.Security.SecurityEntityProvider	securityEntityProvider
EPiServer.Security.PermissionService	permissionService
SecurityRole	everyoneRole

SecurityContext(ISecurityProvider, CustomerContext, IUserImpersonation)

Declaration

[Obsolete("Use SecurityContext.ctor(ISecurityProvider). Will remain at least until November 2018.")]
public SecurityContext(ISecurityProvider securityProvider, CustomerContext customerContext, IUserImpersonation userImpersonation)

Parameters

Type	Name	Description
ISecurityProvider	securityProvider
CustomerContext	customerContext
EPiServer.Security.IUserImpersonation	userImpersonation

SecurityContext(ISecurityProvider, CustomerContext, SecurityRole)

Declaration

[Obsolete("Use SecurityContext.ctor(ISecurityProvider). Will remain at least until July 2018.")]
public SecurityContext(ISecurityProvider securityProvider, CustomerContext customerContext, SecurityRole everyoneRole)

Parameters

Type	Name	Description
ISecurityProvider	securityProvider
CustomerContext	customerContext
SecurityRole	everyoneRole

Fields

Anonymous

Declaration

public static readonly string Anonymous

Field Value

Type	Description
System.String

Properties

Current

Gets or sets the instance of SecurityContext associated with the current thread or http request.

Declaration

public static SecurityContext Current { get; set; }

Property Value

Type	Description
SecurityContext

CurrentUserProfile

Gets a wrapper for the profile in System.Web.HttpContext.Current, or null if the profile in System.Web.HttpContext.Current is null.

Declaration

public ProfileBase CurrentUserProfile { get; }

Property Value

Type	Description
System.Web.Profile.ProfileBase

Remarks

This property passes directly into the System.Web namespace. The information provided may be retrieved without use of SecurityContext.

IsPermissionCheckEnable

Gets the value of PermissionCheckEnable from the configured security provider.

Declaration

public bool IsPermissionCheckEnable { get; }

Property Value

Type	Description
System.Boolean

IsSecurityScopeEnable

Gets the value of the EnableSecurityScope configuration setting.

Declaration

public bool IsSecurityScopeEnable { get; }

Property Value

Type	Description
System.Boolean

SecurityCheckInstance

Gets the underlying ISecurityCheck provider instance.

Declaration

public ISecurityCheck SecurityCheckInstance { get; }

Property Value

Type	Description
ISecurityCheck

SecurityManagerInstance

Gets the underlying IRoleManagement provider instance.

Declaration

public IRoleManagement SecurityManagerInstance { get; }

Property Value

Type	Description
IRoleManagement

Methods

DeleteUserAndAllRelatedData(MembershipUser)

Deletes the user and all related data.

Declaration

public void DeleteUserAndAllRelatedData(MembershipUser user)

Parameters

Type	Name	Description
System.Web.Security.MembershipUser	user	The user to delete.

DeployPrincipalByUser(MembershipUser)

Deploys the principal by user.

Declaration

public IEnumerable<Principal> DeployPrincipalByUser(MembershipUser user)

Parameters

Type	Name	Description
System.Web.Security.MembershipUser	user	The user.

Returns

Type	Description
System.Collections.Generic.IEnumerable<Principal>

Remarks

This method is a direct pass through to DeployPrincipalByUser(MembershipUser). The CustomerContact associated with the user must be saved before calling this method. Otherwise contact information might be lost.

GetPrincipalByUser(MembershipUser)

Gets the principal by user.

Declaration

public Principal GetPrincipalByUser(MembershipUser user)

Parameters

Type	Name	Description
System.Web.Security.MembershipUser	user	The user.

Returns

Type	Description
Principal

Remarks

This method is a direct pass-through to CreateUserRoleAssignments(SecurityRoleAssignment). The CustomerContact associated with the user must be saved before calling this method. Otherwise contact information might be lost.

GetProfileByUserProviderKey(Guid)

Gets the System.Web.Profile.ProfileBase for the user specified by userProviderKey.

Declaration

public ProfileBase GetProfileByUserProviderKey(Guid userProviderKey)

Parameters

Type	Name	Description
System.Guid	userProviderKey	The ID of the desired user.

Returns

Type	Description
System.Web.Profile.ProfileBase	A System.Web.Profile.ProfileBase for the user specified by `userProviderKey`, created by name for an unauthenticated used; or null if the specified user's profile is not found.

ValidateMembershipUserPassword(String)

Validates the membership user password against the strong password requirements.

Declaration

public static UserPasswordValidationResult ValidateMembershipUserPassword(string password)

Parameters

Type	Name	Description
System.String	password	The password to validate.

Returns

Type	Description
UserPasswordValidationResult	A UserPasswordValidationResult value indicating the results of the validation.