public void Authorize(ServiceContext ctx, IAuthorizationProviderFactory defaultFactory, IAuthorizationIdentity[] identities)
{
if (identities == null)
{
return;
}
//判断是否有不需要验证的标记
if (identities.Any(x => x.Category == NoneAuthorizeAttribute.AuthorizeCategory && x.Users == "*"))
{
return;
}
foreach (var identity in identities)
{
var category = identity.Category;
if (string.IsNullOrEmpty(category) || !this.providers.TryGetValue(category, out var provider))
{
continue;
}
if (!provider.Authorize(ctx, identity))
{
if (!ctx.ResultInitialized)
{
ctx.ResultInitialized = true;
ctx.ResultValue = AOPResult.Failed(-1, $"Authorized Failed with {category}");
}
break;
}
}
}
public void Authorize(ServiceContext ctx, IAuthorizationProviderFactory defaultFactory, IAuthorizationIdentity[] identities)
{
if (identities == null)
{
return;
}
foreach (var identity in identities)
{
IAuthorizationProvider provider;
if (!this.providers.TryGetValue(identity.Category, out provider))
{
continue;
}
if (!provider.Authorize(ctx, identity))
{
if (!ctx.ResultInitialized)
{
ctx.ResultInitialized = true;
ctx.ResultValue = AOPResult.Failed(string.Format("Authorized Failed with {0}", identity.Category));
}
break;
}
}
}
public ClusterVNodeSettings(Guid instanceId, int debugIndex,
IPEndPoint internalTcpEndPoint,
IPEndPoint internalSecureTcpEndPoint,
IPEndPoint externalTcpEndPoint,
IPEndPoint externalSecureTcpEndPoint,
IPEndPoint internalHttpEndPoint,
IPEndPoint externalHttpEndPoint,
GossipAdvertiseInfo gossipAdvertiseInfo,
bool enableTrustedAuth,
X509Certificate2 certificate,
int workerThreads,
bool discoverViaDns,
string clusterDns,
IPEndPoint[] gossipSeeds,
TimeSpan minFlushDelay,
int clusterNodeCount,
int prepareAckCount,
int commitAckCount,
TimeSpan prepareTimeout,
TimeSpan commitTimeout,
bool disableInternalTls,
bool disableExternalTls,
TimeSpan statsPeriod,
StatsStorage statsStorage,
int nodePriority,
IAuthenticationProviderFactory authenticationProviderFactory,
IAuthorizationProviderFactory authorizationProviderFactory,
bool disableScavengeMerging,
int scavengeHistoryMaxAge,
bool adminOnPublic,
bool statsOnPublic,
bool gossipOnPublic,
TimeSpan gossipInterval,
TimeSpan gossipAllowedTimeDifference,
TimeSpan gossipTimeout,
TimeSpan intTcpHeartbeatTimeout,
TimeSpan intTcpHeartbeatInterval,
TimeSpan extTcpHeartbeatTimeout,
TimeSpan extTcpHeartbeatInterval,
TimeSpan deadMemberRemovalPeriod,
bool verifyDbHash,
int maxMemtableEntryCount,
int hashCollisionReadLimit,
bool startStandardProjections,
bool disableHTTPCaching,
bool logHttpRequests,
int connectionPendingSendBytesThreshold,
int connectionQueueSizeThreshold,
int ptableMaxReaderCount,
string index = null, bool enableHistograms = false,
bool skipIndexVerify = false,
int indexCacheDepth = 16,
byte indexBitnessVersion = 4,
bool optimizeIndexMerge = false,
IPersistentSubscriptionConsumerStrategyFactory[] additionalConsumerStrategies = null,
bool unsafeIgnoreHardDeletes = false,
int readerThreadsCount = 4,
bool alwaysKeepScavenged = false,
bool gossipOnSingleNode = false,
bool skipIndexScanOnReads = false,
bool reduceFileCachePressure = false,
int initializationThreads = 1,
bool faultOutOfOrderProjections = false,
int maxAutoMergeIndexLevel = 1000,
bool disableFirstLevelHttpAuthorization = false,
bool logFailedAuthenticationAttempts = false,
bool readOnlyReplica = false,
int maxAppendSize = 1024 * 1024,
Func <HttpMessageHandler> createHttpMessageHandler = null,
bool unsafeAllowSurplusNodes = false,
bool enableExternalTCP = false,
bool enableAtomPubOverHTTP = true,
bool gossipOverHttps = true)
{
Ensure.NotEmptyGuid(instanceId, "instanceId");
Ensure.Equal(false, internalTcpEndPoint == null && internalSecureTcpEndPoint == null, "Both internal TCP endpoints are null");
Ensure.NotNull(internalHttpEndPoint, "internalHttpEndPoint");
Ensure.NotNull(externalHttpEndPoint, "externalHttpEndPoint");
if (internalSecureTcpEndPoint != null || externalSecureTcpEndPoint != null)
{
Ensure.NotNull(certificate, "certificate");
}
Ensure.Positive(workerThreads, "workerThreads");
Ensure.NotNull(clusterDns, "clusterDns");
Ensure.NotNull(gossipSeeds, "gossipSeeds");
Ensure.Positive(clusterNodeCount, "clusterNodeCount");
Ensure.Positive(prepareAckCount, "prepareAckCount");
Ensure.Positive(commitAckCount, "commitAckCount");
Ensure.Positive(initializationThreads, "initializationThreads");
Ensure.NotNull(gossipAdvertiseInfo, "gossipAdvertiseInfo");
if (maxAppendSize > 1024 * 1024 * 16)
{
throw new ArgumentOutOfRangeException(nameof(maxAppendSize), $"{nameof(maxAppendSize)} exceeded 16MB.");
}
if (discoverViaDns && string.IsNullOrWhiteSpace(clusterDns))
{
throw new ArgumentException(
"Either DNS Discovery must be disabled (and seeds specified), or a cluster DNS name must be provided.");
}
NodeInfo = new VNodeInfo(instanceId, debugIndex,
internalTcpEndPoint, internalSecureTcpEndPoint,
externalTcpEndPoint, externalSecureTcpEndPoint,
internalHttpEndPoint, externalHttpEndPoint,
readOnlyReplica);
GossipAdvertiseInfo = gossipAdvertiseInfo;
EnableTrustedAuth = enableTrustedAuth;
Certificate = certificate;
WorkerThreads = workerThreads;
StartStandardProjections = startStandardProjections;
EnableAtomPubOverHTTP = enableAtomPubOverHTTP;
DisableHTTPCaching = disableHTTPCaching;
LogHttpRequests = logHttpRequests;
LogFailedAuthenticationAttempts = logFailedAuthenticationAttempts;
AdditionalConsumerStrategies =
additionalConsumerStrategies ?? new IPersistentSubscriptionConsumerStrategyFactory[0];
DiscoverViaDns = discoverViaDns;
ClusterDns = clusterDns;
GossipSeeds = gossipSeeds;
GossipOnSingleNode = gossipOnSingleNode;
ClusterNodeCount = clusterNodeCount;
MinFlushDelay = minFlushDelay;
PrepareAckCount = prepareAckCount;
CommitAckCount = commitAckCount;
PrepareTimeout = prepareTimeout;
CommitTimeout = commitTimeout;
DisableInternalTls = disableInternalTls;
DisableExternalTls = disableExternalTls;
EnableExternalTCP = enableExternalTCP;
StatsPeriod = statsPeriod;
StatsStorage = statsStorage;
AuthenticationProviderFactory = authenticationProviderFactory;
AuthorizationProviderFactory = authorizationProviderFactory;
DisableFirstLevelHttpAuthorization = disableFirstLevelHttpAuthorization;
NodePriority = nodePriority;
DisableScavengeMerging = disableScavengeMerging;
ScavengeHistoryMaxAge = scavengeHistoryMaxAge;
AdminOnPublic = adminOnPublic;
StatsOnPublic = statsOnPublic;
GossipOnPublic = gossipOnPublic;
GossipInterval = gossipInterval;
GossipAllowedTimeDifference = gossipAllowedTimeDifference;
GossipTimeout = gossipTimeout;
GossipOverHttps = gossipOverHttps;
IntTcpHeartbeatTimeout = intTcpHeartbeatTimeout;
IntTcpHeartbeatInterval = intTcpHeartbeatInterval;
ExtTcpHeartbeatTimeout = extTcpHeartbeatTimeout;
ExtTcpHeartbeatInterval = extTcpHeartbeatInterval;
ConnectionPendingSendBytesThreshold = connectionPendingSendBytesThreshold;
ConnectionQueueSizeThreshold = connectionQueueSizeThreshold;
DeadMemberRemovalPeriod = deadMemberRemovalPeriod;
VerifyDbHash = verifyDbHash;
MaxMemtableEntryCount = maxMemtableEntryCount;
HashCollisionReadLimit = hashCollisionReadLimit;
EnableHistograms = enableHistograms;
SkipIndexVerify = skipIndexVerify;
IndexCacheDepth = indexCacheDepth;
IndexBitnessVersion = indexBitnessVersion;
OptimizeIndexMerge = optimizeIndexMerge;
Index = index;
UnsafeIgnoreHardDeletes = unsafeIgnoreHardDeletes;
ReaderThreadsCount = readerThreadsCount;
AlwaysKeepScavenged = alwaysKeepScavenged;
SkipIndexScanOnReads = skipIndexScanOnReads;
ReduceFileCachePressure = reduceFileCachePressure;
InitializationThreads = initializationThreads;
MaxAutoMergeIndexLevel = maxAutoMergeIndexLevel;
FaultOutOfOrderProjections = faultOutOfOrderProjections;
ReadOnlyReplica = readOnlyReplica;
MaxAppendSize = maxAppendSize;
CreateHttpMessageHandler = createHttpMessageHandler;
PTableMaxReaderCount = ptableMaxReaderCount;
UnsafeAllowSurplusNodes = unsafeAllowSurplusNodes;
}
