public async Task <ISecurityEntity> Get(Guid UserId, string tokenHash)
{
var result = Repository.GetWhere <TokenEntity>().Where(t => t.tokenHash == tokenHash && t.UserId == UserId).ToList().DefaultIfEmpty(null).First();
ISecurityEntity entity = AutoMapper.Mapper.Map <ISecurityEntity>(result);
return(entity);
}
public static string GetValue(this ISecurityEntity securityEntity, string propertyValue, string propertyName)
{
if (propertyValue == null && securityEntity.BlockedMembers.Contains(propertyName))
{
return("Protected content");
}
else
{
return(propertyValue);
}
}
public async Task <bool> AddToken(ISecurityEntity token)
{
var entity = AutoMapper.Mapper.Map <TokenEntity>(token);
var result = await Repository.AddAsync(entity);
if (result == 1)
{
token = AutoMapper.Mapper.Map <ISecurityEntity>(entity);
return(true);
}
else
{
return(false);
}
}
public async Task <bool> RemoveTokenAsync(ISecurityEntity token)
{
return(await RemoveTokenAsync(token.UserId, token.tokenHash));
}
public object CreateSecurityObject(IModel model, ISecurityObjectRepository securityObjectRepository)
{
Type targetType = RealObject.GetType();
SecurityObject = Activator.CreateInstance(RealObject.GetType());
IEntityType entityType = model.FindEntityType(targetType);
IEnumerable <PropertyInfo> propertiesInfo = targetType.GetRuntimeProperties();
IEnumerable <INavigation> navigations = entityType.GetNavigations();
foreach (PropertyInfo propertyInfo in propertiesInfo)
{
object defaultValue = propertyInfo.GetValue(SecurityObject);
defaultValueDictionary[propertyInfo.Name] = defaultValue;
if (this.IsPropertyBlocked(propertyInfo.Name))
{
if (navigations.Any(p => p.Name == propertyInfo.Name))
{
INavigation navigation = navigations.First(p => p.Name == propertyInfo.Name);
if (navigation.IsCollection())
{
if (propertyInfo.SetMethod != null)
{
propertyInfo.SetValue(SecurityObject, null);
}
}
}
continue;
}
if (navigations.Any(p => p.Name == propertyInfo.Name))
{
INavigation navigation = navigations.First(p => p.Name == propertyInfo.Name);
if (navigation.IsCollection())
{
IClrCollectionAccessor collectionAccessor = navigation.GetCollectionAccessor();
IEnumerable objectRealListProperty = (IEnumerable)propertyInfo.GetValue(RealObject);
IEnumerable objectSecurityListProperty = (IEnumerable)propertyInfo.GetValue(SecurityObject);
List <object> denyObject;
BlockedObjectsInListProperty.TryGetValue(propertyInfo.Name, out denyObject);
if (objectRealListProperty != null)
{
foreach (object objInList in objectRealListProperty)
{
if (denyObject != null && denyObject.Contains(objInList))
{
continue;
}
object objectToAdd;
SecurityObjectBuilder metadata = securityObjectRepository.GetObjectMetaData(objInList);
if (metadata != null)
{
if (metadata.SecurityObject != null)
{
objectToAdd = metadata.SecurityObject;
}
else
{
objectToAdd = metadata.CreateSecurityObject(model, securityObjectRepository);
}
}
else
{
throw new Exception();
}
collectionAccessor.Add(SecurityObject, objectToAdd);
}
}
}
else
{
object realValue = propertyInfo.GetValue(RealObject);
SecurityObjectBuilder metadata = securityObjectRepository.GetObjectMetaData(realValue);
if (metadata != null && realValue != null)
{
if (metadata.SecurityObject == null)
{
metadata.SecurityObject = metadata.CreateSecurityObject(model, securityObjectRepository);
}
if (propertyInfo.SetMethod != null)
{
propertyInfo.SetValue(SecurityObject, metadata.SecurityObject);
}
}
else
{
if (propertyInfo.SetMethod != null)
{
propertyInfo.SetValue(SecurityObject, realValue);
}
}
}
}
else
{
if (propertyInfo.SetMethod != null)
{
object realValue = propertyInfo.GetValue(RealObject);
propertyInfo.SetValue(SecurityObject, realValue);
}
}
}
foreach (PropertyInfo propertyInfo in propertiesInfo)
{
object originalValue = propertyInfo.GetValue(SecurityObject);
originalValueSecurityObjectDictionary.Add(propertyInfo.Name, originalValue);
}
if (SecurityObject is ISecurityEntity)
{
ISecurityEntity securityEntity = (ISecurityEntity)SecurityObject;
List <string> blockedMembers = new List <string>();
blockedMembers.AddRange(BlockedProperties);
blockedMembers.AddRange(BlockedNavigationProperties);
securityEntity.BlockedMembers = blockedMembers;
}
return(SecurityObject);
}
