public PermissionInfoCollection GetGrandedPermission()
{
PermissionInfoCollection collection = new PermissionInfoCollection();
collection.Add(new DefaultPermissionInfo("name1", "action1"));
collection.Add(new DefaultPermissionInfo("name2", "action2"));
return collection;
}
/// <summary>
/// 直接使用指定的权限构造身份令牌
/// </summary>
public AbstractPricipalToken(string name, IList<PermissionInfo> permissions)
{
this.name = name;
if (permissions == null || permissions.Count == 0)
{
this.permissions = PermissionInfoCollection.EMPTY_PERMISSIONINFO_COLLECTION;
}
else
{
if (permissions == null)
{
this.permissions = new PermissionInfoCollection();
}
foreach (PermissionInfo p in permissions)
{
this.permissions.Add(p);
}
}
}
public virtual PermissionInfoCollection GetPermissions(string name)
{
string sql = GetPermissionSelectCause();
initConnection();
DataSet ds = ExecuteQuery(sql, s =>
{
DbCommand command = connection.CreateCommand();
DbParameter parameter = command.CreateParameter();
parameter.ParameterName = "name";
parameter.DbType = DbType.String;
parameter.Value = name;
command.CommandText = s;
command.Parameters.Add(parameter);
return command;
});
if (ds.Tables[0].Rows.Count == 0)
return PermissionInfoCollection.EMPTY_PERMISSIONINFO_COLLECTION;
try
{
PermissionInfoCollection pcoll = new PermissionInfoCollection();
foreach (DataRow dr in ds.Tables[0].Rows)
{
ConstructorInfo constructor = Type.GetType((string)dr[PERMISSION_TYPE_COLUMN]).GetConstructor(new Type[] { typeof(string), typeof(string) });
PermissionInfo permission = (PermissionInfo)constructor.Invoke(new object[] { dr[PERMISSION_NAME_COLUMN], dr[PERMISSION_ACTION_COLUMN] });
pcoll.Add(permission);
}
return pcoll;
}
catch (Exception e)
{
ServiceManager.LoggingService.Fatal("权限信息无法构造无法使用name和action参数构造,无法获取指定身份" + name + "的授权集合", e);
throw e;
}
}
public PermissionInfoCollection GetGrandedPermission()
{
if (permissions != null)
return (PermissionInfoCollection)permissions.Clone();
else
{
PermissionInfoCollection p = provider.GetPermissions(this.name);
if ( p != null)//非空则缓存
permissions = p;
else
permissions = PermissionInfoCollection.EMPTY_PERMISSIONINFO_COLLECTION;
return permissions;
}
}
public override IContainsVisitor GetVisitor(PermissionInfoCollection pc)
{
return new LogicVisitor(this, pc, LogicPoint);
}
public LogicVisitor(LogicPermissionInfo lp, PermissionInfoCollection pc, LogicPoint logic)
{
this.lp = lp;
this.pc = pc;
bits = new BitVector32(0);
rightmask = BitVector32.CreateMask();
leftmask = BitVector32.CreateMask(rightmask);
this.logic = logic;
}
public abstract IContainsVisitor GetVisitor(PermissionInfoCollection pc);
private void CheckPermission(PermissionInfoCollection pc, PermissionInfo pinfo, object checkObject, out bool result, bool throwException = true)
{
result = true;
if (!pc.Contains(pinfo))
{
result = false;
if (throwException)
{
AccessException ae = new AccessException("there is no access for " + FactoryServices.PrincipalStorageFactory.GetStorage().GetCurrentToken().Name);
ae.CheckObject = checkObject;
throw ae;
}
}
}
/// <summary>
/// 添加权限到此profile中,如果name为空,则使用权限的名称作为名称
/// </summary>
/// <param name="p"></param>
/// <param name="name"></param>
public void AddResourcePermission(PermissionInfo p, string name = "")
{
if (resourcePermissions == null)
resourcePermissions = new PermissionInfoCollection();
if (string.IsNullOrWhiteSpace(name))
name = p.Name;
if (perDic.ContainsKey(name))
perDic.Remove(name);
perDic.Add(name, p);
resourcePermissions.Add(p);
}
protected virtual PermissionInfoCollection BuildOrgPermissionCollection()
{
PermissionInfoCollection pc = new PermissionInfoCollection();
foreach (Organiz org in managedOrgs.Values)
{
pc.Add(new OrgPermission(org.Path.EndsWith("/") ? org.Path + "**/*" : org.Path + "/**/*", OrgPermission.ALL_ACTION));
}
return pc;
}
