/// <summary> /// Creates a new instance of the <see cref="AuthorizationRule"/> class /// with the specified name, reason, permissions, target, exception sets, /// optional and display flags. /// </summary> /// /// <param name="name"> /// The name uniquely identifying this rule in a set /// </param> /// /// <param name="reason"> /// The reason why an application wants this access /// </param> /// /// <param name="permissions"> /// The permissions granted. /// </param> /// /// <param name="targetSets"> /// The set or sets of things to which this rule applies. /// </param> /// /// <param name="exceptionSets"> /// The set or sets of things to which this rule does not /// apply even if contained in a set defined by /// <paramref name="targetSets"/>. /// </param> /// /// <param name="isOptional"> /// Flag indicating whether or not this rule is optional /// </param> /// /// <param name="displayFlags"> /// Flags controlling how to display this rule /// </param> /// /// <exception cref="ArgumentException"> /// The <paramref name="permissions"/> parameter is /// <see cref="ThingPermissions.None"/>. /// </exception> /// public AuthorizationRule( string name, string reason, ThingPermissions permissions, IList <AuthorizationSetDefinition> targetSets, IList <AuthorizationSetDefinition> exceptionSets, bool isOptional, AuthorizationRuleDisplayFlags displayFlags) { Name = name; IsOptional = isOptional; DisplayFlags = displayFlags; if (!string.IsNullOrEmpty(reason)) { CultureSpecificReasons.DefaultValue = reason; } if (permissions == ThingPermissions.None) { throw new ArgumentException(Resources.AuthorizationRuleBadPermissions, nameof(permissions)); } Permissions = permissions; if (targetSets != null) { TargetSets = new ReadOnlyCollection <AuthorizationSetDefinition>( targetSets); } else { TargetSets = new ReadOnlyCollection <AuthorizationSetDefinition>( new AuthorizationSetDefinition[0]); } if (exceptionSets != null) { ExceptionSets = new ReadOnlyCollection <AuthorizationSetDefinition>( exceptionSets); } else { ExceptionSets = new ReadOnlyCollection <AuthorizationSetDefinition>( new AuthorizationSetDefinition[0]); } }
/// <summary> /// Creates a new instance of the <see cref="AuthorizationRule"/> class /// with the specified name, reason, permissions, target, exception sets, /// optional and display flags. /// </summary> /// /// <param name="name"> /// The name uniquely identifying this rule in a set /// </param> /// /// <param name="reason"> /// The reason why an application wants this access /// </param> /// /// <param name="permissions"> /// The permissions granted. /// </param> /// /// <param name="targetSets"> /// The set or sets of health record items to which this rule applies. /// </param> /// /// <param name="exceptionSets"> /// The set or sets of health record items to which this rule does not /// apply even if contained in a set defined by /// <paramref name="targetSets"/>. /// </param> /// /// <param name="isOptional"> /// Flag indicating whether or not this rule is optional /// </param> /// /// <param name="displayFlags"> /// Flags controlling how to display this rule /// </param> /// /// <exception cref="ArgumentException"> /// The <paramref name="permissions"/> parameter is /// <see cref="Microsoft.Health.HealthRecordItemPermissions.None"/>. /// </exception> /// public AuthorizationRule( string name, string reason, HealthRecordItemPermissions permissions, IList<AuthorizationSetDefinition> targetSets, IList<AuthorizationSetDefinition> exceptionSets, bool isOptional, AuthorizationRuleDisplayFlags displayFlags) { _name = name; _isOptional = isOptional; _displayFlags = displayFlags; if (!String.IsNullOrEmpty(reason)) { CultureSpecificReasons.DefaultValue = reason; } Validator.ThrowArgumentExceptionIf( permissions == HealthRecordItemPermissions.None, "permissions", "AuthorizationRuleBadPermissions"); _permissions = permissions; if (targetSets != null) { _targetSets = new ReadOnlyCollection<AuthorizationSetDefinition>( targetSets); } else { _targetSets = new ReadOnlyCollection<AuthorizationSetDefinition>( new AuthorizationSetDefinition[0]); } if (exceptionSets != null) { _exceptionSets = new ReadOnlyCollection<AuthorizationSetDefinition>( exceptionSets); } else { _exceptionSets = new ReadOnlyCollection<AuthorizationSetDefinition>( new AuthorizationSetDefinition[0]); } }
internal static AuthorizationRule CreateRule( XPathNavigator ruleNav, bool onlyAllowTypeIdSets) { bool isOptional = false; string isOptionalStr = ruleNav.GetAttribute("is-optional", string.Empty); if (!string.IsNullOrEmpty(isOptionalStr)) { try { isOptional = XmlConvert.ToBoolean(isOptionalStr); } catch (FormatException) { } } string ruleName = ruleNav.GetAttribute("name", string.Empty); // <displayflags> AuthorizationRuleDisplayFlags displayFlags = AuthorizationRuleDisplayFlags.None; XPathNavigator displayFlagsNav = ruleNav.SelectSingleNode("display-flags"); if (displayFlagsNav != null) { try { uint flags = XmlConvert.ToUInt32(displayFlagsNav.Value); displayFlags = (AuthorizationRuleDisplayFlags)flags; } catch (FormatException) { } catch (OverflowException) { } } ThingPermissions permissions = ThingPermissions.None; XPathNodeIterator permissionsIterator = ruleNav.Select("permission"); foreach (XPathNavigator permissionNav in permissionsIterator) { permissions |= (ThingPermissions)Enum.Parse( typeof(ThingPermissions), permissionNav.Value); } List <AuthorizationSetDefinition> targetSets = GetSets(ruleNav, "target-set"); List <AuthorizationSetDefinition> exceptionSets = GetSets(ruleNav, "exception-set"); // only do this if only type ID sets are allowed // AND // we have either some target set or exception set data // if we enter the if block w/o any target or exception set data to // begin with, then we'll incorrectly return <b>null</b> when the XML // specified that permissions were allowed on all record data. if (onlyAllowTypeIdSets && (targetSets != null || exceptionSets != null)) { if (targetSets != null) { for (int i = targetSets.Count - 1; i >= 0; --i) { if (!(targetSets[i] is TypeIdSetDefinition)) { targetSets.RemoveAt(i); } } } if (exceptionSets != null) { for (int i = exceptionSets.Count - 1; i >= 0; --i) { if (!(exceptionSets[i] is TypeIdSetDefinition)) { exceptionSets.RemoveAt(i); } } } if ((targetSets == null || targetSets.Count == 0) && (exceptionSets == null || exceptionSets.Count == 0)) { return(null); } } AuthorizationRule rule = new AuthorizationRule( ruleName, null, permissions, targetSets, exceptionSets, isOptional, displayFlags); // <reason> // Do this after create the rule so that the CultureSpecificReasons dictionary is available. rule.CultureSpecificReasons.PopulateFromXml(ruleNav, "reason"); return(rule); }