Export (0) Print
Expand All

ISecurityNamespaceExtension Interface

Implement this interface if you want to extend your security namespace.

Note that a given security namespace can only have one extension.

Namespace:  Microsoft.TeamFoundation.Framework.Server
Assembly:  Microsoft.TeamFoundation.Framework.Server (in Microsoft.TeamFoundation.Framework.Server.dll)

[InheritedExportAttribute]
public interface ISecurityNamespaceExtension

The ISecurityNamespaceExtension type exposes the following members.

  NameDescription
Public propertyAlwaysAllowAdministratorsThis flag is used to determine whether admin has implicit right to update the security namespace.
Public propertySecurityNamespaceAfter the security namespace extension is constructed and before any methods are called on it the security namespace for the extension will be set.
Top

  NameDescription
Public methodCheckReadPermissionEvaluates whether the given user should be able to read the permissions for the given token. Note that implementing this function will cause the ReadPermission defined in the namespace not to be checked. If you want to implement this interface and still have those checked then make sure to derive from the DefaultSecurityNamespaceExtension and not override this method. This method should throw some type of access exception if the user does not have read permission on this token.
Public methodCheckWritePermissionEvaluates whether the given user should be able to change permissions. Note that implementing this function will cause the WritePermission defined in the namespace not to be checked. If you want to implement this interface and still have those checked then make sure to derive from the DefaultSecurityNamespaceExtension and not override this method. It is expected that this function will throw if the caller should not be able to write permissions
Public methodHandleIncomingTokenAllows the implementor to validate or change the incoming token. These functions will only be called when tokens are coming in from the Web service.
Public methodHandleOutgoingTokenAllows the implementor to validate or change the outgoing token. These functions will only be called when tokens will be going over the Web service.
Public methodHasPermissionThis will be called every time that a permission decision is being made and allows the implementor to override the preliminary decision. Note, if a PermissionEvaluationCallback is provided to the function, it will override this decision.
Public methodHasReadPermissionEvaluates whether the given user should be able to read the permissions for the given token. Note that implementing this function will cause the ReadPermission defined in the namespace not to be checked. If you want to implement this interface and still have those checked, then make sure to derive from the DefaultSecurityNamespaceExtension and not override this method.
Public methodHasWritePermissionEvaluates whether the given user should be able to change permissions. Note that implementing this function will cause the WritePermission defined in the namespace not to be checked. If you want to implement this interface and still have those checked then make sure to derive from the DefaultSecurityNamespaceExtension and not override this method. It is expected that this function will not throw if the caller should not be able to write permissions.
Public methodQueryEffectivePermissionsCalled each time the security namespace is about to return effective permissions to either the server API or the web service. This allows the implementor to modify the final result.
Public methodQueryPermissionsCalled each time the security namespace is about to return AccessControlLists to either the server API or to the web service. This allows the implementor to modify any of the ACLs that are being returned.
Public methodThrowAccessDeniedExceptionImplementing this function allows the implementer to throw there own type of exception when AccessDenied exceptions need to be thrown. If this method does not throw an exception the standard AccessCheckException will be thrown.
Top
Show:
© 2014 Microsoft