private bool IsPermitted(CS505Project1.Domains.GrantAction grantAction)
{
//Get UserID:
int userId_grantor = GetUserId(grantAction.grantor_name);
int userId_grantee = GetUserId(grantAction.grantee_name);
//If attempting insert:
if (grantAction.operation == Domains.Operation_Type.INSERT)
{
string query = string.Format(query_ISALLOWEDTOGRANT_INSERT, userId_grantor, grantAction.table_name);
List <string> result = GetRecords(query);
if (result.Count == 0 || string.IsNullOrEmpty(result[0]) || (result[0] == "0"))
{
return(false); //not permitted
}
else
{
return(true);
}
}
else if (grantAction.operation == Domains.Operation_Type.SELECT)
{
string query = string.Format(query_ISALLOWEDTOGRANT_SELECT, userId_grantor, grantAction.table_name);
List <string> result = GetRecords(query);
if (result.Count == 0 || string.IsNullOrEmpty(result[0]) || (result[0] == "0"))
{
return(false); //not permitted
}
else
{
return(true);
}
}
return(false);
}
/// <summary>
/// ISGRANTFORBIDDEN
/// 1. Check that the USER IS FORBIDDEN TO PERFORM GRANT on this table (via forbidden_list)
/// 2. Check that the USER BEING GRANTED is FORBIDDEN TO HAVE THIS PRIVILEGE (via forbidden_list)
/// </summary>
/// <param name="grantAction">Suggested action to perform (includes the user ATTEMPTING TO GRANT, the user BEING GRANTED,
/// the table to give permission on, and the rights for the user (being granted) to pass this on to others</param>
/// <returns>TRUE if either condition is met. FALSE if neither condition is met.</returns>
public bool IsGrantForbidden(CS505Project1.Domains.GrantAction grantAction)
{
int userId_grantor = 0, userId_grantee = 0;
string query = string.Empty;
List <string> result = null;
//Get user IDs for the grantor and grantee
userId_grantor = GetUserId(grantAction.grantor_name);
userId_grantee = GetUserId(grantAction.grantee_name);
if (userId_grantor == 0 || userId_grantee == 0)
{
return(false); //User was not found
}
//Check to see if the grantor is forbidden to grant on this table
if (grantAction.operation == Domains.Operation_Type.SELECT)
{
query = string.Format(query_ISFORBIDDENTOGRANTSELECT, userId_grantor, grantAction.table_name);
}
else
{
query = string.Format(query_ISFORBIDDENTOGRANTINSERT, userId_grantor, grantAction.table_name);
}
result = GetRecords(query);
if (result.Count != 0 && !string.IsNullOrEmpty(result[0]) && (result[0] != "0"))
{
return(true); //on forbidden_list, return true (IS FORBIDDEN)
}
//Check to see if the grantee is forbidden to have this action
query = string.Empty;
result = null;
if (grantAction.operation == Domains.Operation_Type.SELECT)
{
query = string.Format(query_ISFORBIDDENTOBEGRANTEDSELECT, userId_grantee, grantAction.table_name);
}
else
{
query = string.Format(query_ISFORBIDDENTOBEGRANTEDINSERT, userId_grantee, grantAction.table_name);
}
result = GetRecords(query);
if (result.Count != 0 && !string.IsNullOrEmpty(result[0]) && (result[0] != "0"))
{
return(true); //on forbidden_list, return true (IS FORBIDDEN)
}
//Neither were forbidden
return(false);
}
/// <summary>
/// ISGRANTPERMITTED
/// 1. Checks that the user ATTEMPTING TO GRANT has permission to do so (via my_permissions table)
/// 2. Checks that the user BEING GRANTED is allowed to have such an action (via permitted_list)
/// </summary>
/// <param name="grantAction">Suggested action to perform (includes the user ATTEMPTING TO GRANT, the user BEING GRANTED,
/// the table to give permission on, and the rights for the user (being granted) to pass this on to others</param>
/// <returns>TRUE if both conditions are met. FALSE if either condition is not met</returns>
public bool IsGrantPermitted(CS505Project1.Domains.GrantAction grantAction)
{
int userId_grantor = 0, userId_grantee = 0;
string query = string.Empty;
List <string> result = null;
//Get user IDs for the grantor and grantee
userId_grantor = GetUserId(grantAction.grantor_name);
userId_grantee = GetUserId(grantAction.grantee_name);
if (userId_grantor == 0 || userId_grantee == 0)
{
return(false); //User was not found
}
//Check that the user has the grant option in MY_PERMISSIONS for this table and action
if (grantAction.operation == Domains.Operation_Type.SELECT)
{
query = string.Format(query_ISALLOWEDTOGRANT_SELECT, userId_grantor, grantAction.table_name);
}
else
{
query = string.Format(query_ISALLOWEDTOGRANT_INSERT, userId_grantor, grantAction.table_name);
}
result = GetRecords(query);
if (result.Count == 0 || string.IsNullOrEmpty(result[0]) || (result[0] == "0"))
{
return(false); //not in my_permissions, return false
}
///////////////////////////////////
//The user has the grant permission
//check that the grantee is permitted to have this action
query = null;
if (grantAction.operation == Domains.Operation_Type.SELECT)
{
if (grantAction.grant)
{
query = string.Format(query_CANUSERBEGRANTED_SELECT_WITHGRANT, userId_grantee, grantAction.table_name);
}
else
{
query = string.Format(query_CANUSERBEGRANTED_SELECT, userId_grantee, grantAction.table_name);
}
}
else
{
if (grantAction.grant)
{
query = string.Format(query_CANUSERBEGRANTED_INSERT_WITHGRANT, userId_grantee, grantAction.table_name);
}
else
{
query = string.Format(query_CANUSERBEGRANTED_INSERT, userId_grantee, grantAction.table_name);
}
}
result = null;
result = GetRecords(query);
if (result.Count == 0 || string.IsNullOrEmpty(result[0]) || (result[0] == "0"))
{
return(false); //Not on the permitted list, return false
}
//Found on the permitted list
return(true);
}
