I'm using Authorization Manager in my .net C# application. During application startup, I cache all the operations for which the user has access then use this cached data for further processing. The issue is - I can check access only for one operation at a time so if I have 100s operations in azman and user is provisined only for 5 rules, still I need to make 100 calls to AzMan to get all the provisioned rules. Is there any way I can get all the provisioned rule for a user in one call only?
IAzClientContext.AccessCheck allows you to pass in an array of operation IDs.
I do something like this:
public Tuple<bool, List<int>> AccessCheck(string auditObjectName, List<string> scopeNames, List<int> operations, SortedList<string, string> parameters)
{
object[] operationsArray = operations.ConvertAll(i => (object)i).ToArray();
...
object o = _context.AccessCheck(auditObjectName, (object)scopeNameArray, (object)operationsArray, (object)parameterNames, (object)parameterValues, null, null, null);
object[] oArray = (object[])o;
int[] authorizedOperationsArray = Array.ConvertAll(oArray, obj => (int)obj);
...
I haven't tested to see how many it will handle, and I usually do just one at a time. But in theory it would work.
I also have not tried to do this with multiple scopes (I have to use the older AzMan 1.0 schema which did not support multiple scopes in the AccessCheck).