public void Revoke(CRN resource, CPN principal, CSN schema = null) { var found = this.storage.FindBy(it => it.Principal == principal && it.Resources.Any(r => { if (resource.IncludesWildcard) { return(resource.IsWildcardMatch(r.Identifier)); } return(r.Identifier == resource); })); if (schema != default(CSN)) { found = found.Where(f => f.Resources.Any(r => r.Schema == schema)); } var keys = found.Select(f => f.GetHash()); foreach (var k in keys) { this.storage.Remove(k); } }
public IEnumerable <PermissionGrant> GetByPrincipalAndSchema(CPN principal, CSN schema) { var principalStr = principal?.ToString(); var schemaStr = schema?.ToString(); var foundPrincipal = this.context.Principals.FirstOrDefault(p => p.CanonicalName == principalStr); var foundSchema = this.context.Schemas.FirstOrDefault(s => s.CanonicalName == schemaStr); if (foundPrincipal == null) { return(new List <PermissionGrant>()); } var query = GetQuery(); Func <Persistance.Models.PermissionGrant, bool> filter; if (foundSchema != null) { filter = (g) => g.PrincipalId == foundPrincipal.PrincipalId && g.SchemaId == foundSchema.SchemaId; } else { filter = g => g.PrincipalId == foundPrincipal.PrincipalId; } return(query.Where(filter).ToList().Select(ToModel)); }
public IActionResult Get() { // somehow determine what the resource, action and schema are var resource = CRN.FromValue("crn:farm/1"); var action = ResourceAction.FromValue("iam:owner"); var schema = CSN.FromValue("csn:ag-data:farm"); // validate permissions var permissionsValid = this.ValidatePermissions(resource, action, schema); if (!permissionsValid) { return(Forbid()); } var rng = new Random(); return(Ok(Enumerable.Range(1, 5).Select(index => new WeatherForecast { Date = DateTime.Now.AddDays(index), TemperatureC = rng.Next(-20, 55), Summary = Summaries[rng.Next(Summaries.Length)] }) .ToArray())); }
public IEnumerator jumpToNodeAndPLay() { int index = currentIndexNode; if (index >= currentCutScene.nodeList.Count || !continuePlaying) { foreach (CutSceneNodes CSN in currentCutScene.nodeList) { CSN.hasExecutionEnded = false; CSN.end(); } currentCutScene = null; toggleUIVisibility(false); onCutSceneEnd.Invoke(); yield return(null); } else { currentNode = currentCutScene.nodeList[index]; currentNode.cutScene = currentCutScene; currentNode.start(); while (!currentNode.hasExecutionEnded && continuePlaying) { currentNode.update(); yield return(null); } currentNode.end(); if (continuePlaying) { ++currentIndexNode; onGoing = StartCoroutine("jumpToNodeAndPLay"); } } }
public IEnumerable <DataSchema> All() { return(this.context.Schemas.ToList().Select(s => new DataSchema() { Description = s.Description, DisplayName = s.DisplayName, Identifier = CSN.FromValue(s.CanonicalName) })); }
private PermissionGrant ToModel(Persistance.Models.PermissionGrant entity) { return(new PermissionGrant() { Id = entity.PermissionGrantId, Principal = CPN.FromValue(entity.Principal.CanonicalName), Schema = CSN.FromValue(entity.Schema.CanonicalName), Actions = entity.Actions.Select(a => ResourceAction.FromValue(a.Action.CanonicalName)).ToList(), Resource = entity.Resources.Select(r => CRN.FromValue(r.Resource.CanonicalName)).ToList() }); }
public static bool ValidatePermissions <T>( this T controller, CRN resource, ResourceAction action, CSN schema) where T : ControllerBase { var principal = controller.User; // parse out resources var resourceClaims = principal.Claims.Where(c => c.Type.StartsWith("resource")); var resourcesAllowed = resourceClaims.Select(c => { var base64 = c.Value; var json = base64.FromBase64Encoded(); return(JsonConvert.DeserializeObject <PermissionTicketResource>(json)); }); // find resources matching schema var forSchema = resourcesAllowed.Where(r => r.Schema == schema).ToList(); if (!forSchema.Any()) { return(false); } // find resources matching either wildcard or direct match var matching = forSchema.Where(r => { if (resource.IncludesWildcard) { return(resource.IsWildcardMatch(r.Identifier)); } return(resource == r.Identifier); }).ToList(); if (!matching.Any()) { return(false); } // find resources matching required action var withAction = matching.Where(r => r.Actions.Contains(action)); return(withAction.Any()); }
public void Remove(CSN schema) { if (schema == null) { return; } var found = this.context.Schemas.FirstOrDefault(s => s.CanonicalName == schema.ToString()); if (found == null) { return; } this.context.Remove(found); this.context.SaveChanges(); }
public void RemovePolicy(CRN identifier, CSN schema) { var provider = this.context.DataProviders.FirstOrDefault(p => p.CanonicalName == identifier.ToString()); var foundSchema = this.context.Schemas.FirstOrDefault(s => s.CanonicalName == schema.ToString()); if (provider == null || foundSchema == null) { return; } var found = this.context.DataProviderPolicies.FirstOrDefault(p => p.DataProviderId == provider.DataProviderId && p.SchemaId == foundSchema.SchemaId); if (found == null) { return; } this.context.Remove(found); this.context.SaveChanges(); }
public IEnumerable <DataProviderPolicy> GetPoliciesForSchema(CSN schema) { return(this.context.DataProviderPolicies .Include(p => p.Provider) .Include(p => p.Schema) .Include(p => p.PolicyItems) .ThenInclude(i => i.Principal) .Where(p => p.Schema.CanonicalName == schema.ToString()) .ToList() .Select(p => new DataProviderPolicy() { Provider = CRN.FromValue(p.Provider.CanonicalName), Schema = CSN.FromValue(p.Schema.CanonicalName), Rule = p.PolicyItems.Select(i => new DataProviderPolicyRule() { Principal = CPN.FromValue(i.Principal.CanonicalName), Allow = i.Allow, Deny = i.Deny }).ToList() })); }
public IActionResult Get([FromRoute] string principal, [FromQuery] string schema = null) { IEnumerable <PermissionGrant> results; var principalRn = CPN.FromValue(HttpUtility.UrlDecode(principal)); if (schema == null) { results = this.grantFinder.Find(principalRn); } else { var schemaRn = CSN.FromValue(HttpUtility.UrlDecode(schema)); results = this.grantFinder.Find(principalRn, schemaRn); } if (!results.Any()) { return(NotFound()); } return(Ok(results)); }
public IActionResult Delete(string identifier) { identifier = HttpUtility.UrlDecode(identifier); this.storage.Remove(CSN.FromValue(identifier)); return(Ok()); }
public IEnumerable <DataProviderPolicy> GetPoliciesForSchema(CSN schema) => this.policies.Where(p => p.Schema == schema);
public void RemovePolicy(CRN identifier, CSN schema) => this.policies.RemoveAll(p => p.Provider == identifier && p.Schema == schema);
public DataProviderPolicy WithSchema(CSN schema) { Schema = schema; return(this); }
public IEnumerable <PermissionGrant> GetByPrincipalAndSchema(CPN principal, CSN schema) => this.grants.Where(g => g.Principal == principal && g.Schema == schema);
public PermissionGrant WithSchema(CSN schema) { Schema = schema; return(this); }
public IEnumerable <PermissionGrant> Find(CPN principal, CSN schema) => this.storage.GetByPrincipalAndSchema(principal, schema);
public PermissionTicketResource ForSchema(CSN schema) { Schema = schema; return(this); }