November Happy Hour will be moved to Thursday December 5th.

Class SecurityContext

Manages access to information about the current user and their permissions.

Inheritance
System.Object
SecurityContext
Inherited Members
System.Object.ToString()
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
Namespace: Mediachase.Commerce.Security
Assembly: Mediachase.Commerce.dll
Version: 12.17.2
Syntax
public class SecurityContext

Constructors

SecurityContext(ISecurityProvider)

Creates a new instance of SecurityContext.

Declaration
public SecurityContext(ISecurityProvider securityProvider)
Parameters
Type Name Description
ISecurityProvider securityProvider

The ISecurityProvider instance to use.

Remarks

Some implementations of security providers may implement both the ISecurityCheck and IRoleManagement, but not ISecurityProvider. The SecurityProviderUpgradeProxy class is provided to wrap a class implementing ISecurityCheck and IRoleManagement in a proxy implementing ISecurityProvider, so that that the service locator will know that the two interfaces are implemented by the same class (the configuration file format does not support specifying separate classes for ISecurityCheck and IRoleManagement).

SecurityContext(ISecurityProvider, SecurityEntityProvider, PermissionService, SecurityRole)

Declaration
[Obsolete("Use SecurityContext.ctor(ISecurityProvider). Will remain at least until July 2018.")]
public SecurityContext(ISecurityProvider securityProvider, SecurityEntityProvider securityEntityProvider, PermissionService permissionService, SecurityRole everyoneRole)
Parameters
Type Name Description
ISecurityProvider securityProvider
EPiServer.Security.SecurityEntityProvider securityEntityProvider
EPiServer.Security.PermissionService permissionService
SecurityRole everyoneRole

SecurityContext(ISecurityProvider, CustomerContext, IUserImpersonation)

Declaration
[Obsolete("Use SecurityContext.ctor(ISecurityProvider). Will remain at least until November 2018.")]
public SecurityContext(ISecurityProvider securityProvider, CustomerContext customerContext, IUserImpersonation userImpersonation)
Parameters
Type Name Description
ISecurityProvider securityProvider
CustomerContext customerContext
EPiServer.Security.IUserImpersonation userImpersonation

SecurityContext(ISecurityProvider, CustomerContext, SecurityRole)

Declaration
[Obsolete("Use SecurityContext.ctor(ISecurityProvider). Will remain at least until July 2018.")]
public SecurityContext(ISecurityProvider securityProvider, CustomerContext customerContext, SecurityRole everyoneRole)
Parameters
Type Name Description
ISecurityProvider securityProvider
CustomerContext customerContext
SecurityRole everyoneRole

Fields

Anonymous

Declaration
public static readonly string Anonymous
Field Value
Type Description
System.String

Properties

Current

Gets or sets the instance of SecurityContext associated with the current thread or http request.

Declaration
public static SecurityContext Current { get; set; }
Property Value
Type Description
SecurityContext

CurrentUserProfile

Gets a wrapper for the profile in System.Web.HttpContext.Current, or null if the profile in System.Web.HttpContext.Current is null.

Declaration
public ProfileBase CurrentUserProfile { get; }
Property Value
Type Description
System.Web.Profile.ProfileBase
Remarks

This property passes directly into the System.Web namespace. The information provided may be retrieved without use of SecurityContext.

IsPermissionCheckEnable

Gets the value of PermissionCheckEnable from the configured security provider.

Declaration
public bool IsPermissionCheckEnable { get; }
Property Value
Type Description
System.Boolean

IsSecurityScopeEnable

Gets the value of the EnableSecurityScope configuration setting.

Declaration
public bool IsSecurityScopeEnable { get; }
Property Value
Type Description
System.Boolean

SecurityCheckInstance

Gets the underlying ISecurityCheck provider instance.

Declaration
public ISecurityCheck SecurityCheckInstance { get; }
Property Value
Type Description
ISecurityCheck

SecurityManagerInstance

Gets the underlying IRoleManagement provider instance.

Declaration
public IRoleManagement SecurityManagerInstance { get; }
Property Value
Type Description
IRoleManagement

Methods

DeleteUserAndAllRelatedData(MembershipUser)

Deletes the user and all related data.

Declaration
public void DeleteUserAndAllRelatedData(MembershipUser user)
Parameters
Type Name Description
System.Web.Security.MembershipUser user

The user to delete.

DeployPrincipalByUser(MembershipUser)

Deploys the principal by user.

Declaration
public IEnumerable<Principal> DeployPrincipalByUser(MembershipUser user)
Parameters
Type Name Description
System.Web.Security.MembershipUser user

The user.

Returns
Type Description
System.Collections.Generic.IEnumerable<Principal>
Remarks

This method is a direct pass through to DeployPrincipalByUser(MembershipUser). The CustomerContact associated with the user must be saved before calling this method. Otherwise contact information might be lost.

GetPrincipalByUser(MembershipUser)

Gets the principal by user.

Declaration
public Principal GetPrincipalByUser(MembershipUser user)
Parameters
Type Name Description
System.Web.Security.MembershipUser user

The user.

Returns
Type Description
Principal
Remarks

This method is a direct pass-through to CreateUserRoleAssignments(SecurityRoleAssignment). The CustomerContact associated with the user must be saved before calling this method. Otherwise contact information might be lost.

GetProfileByUserProviderKey(Guid)

Gets the System.Web.Profile.ProfileBase for the user specified by userProviderKey.

Declaration
public ProfileBase GetProfileByUserProviderKey(Guid userProviderKey)
Parameters
Type Name Description
System.Guid userProviderKey

The ID of the desired user.

Returns
Type Description
System.Web.Profile.ProfileBase

A System.Web.Profile.ProfileBase for the user specified by userProviderKey, created by name for an unauthenticated used; or null if the specified user's profile is not found.

ValidateMembershipUserPassword(String)

Validates the membership user password against the strong password requirements.

Declaration
public static UserPasswordValidationResult ValidateMembershipUserPassword(string password)
Parameters
Type Name Description
System.String password

The password to validate.

Returns
Type Description
UserPasswordValidationResult

A UserPasswordValidationResult value indicating the results of the validation.