public override bool Equals(object obj)
{
if (Object.ReferenceEquals(this, obj))
{
return(true);
}
if (!(obj is PrivilegeKey))
{
return(false);
}
PrivilegeKey other = (PrivilegeKey)obj;
return(Object.Equals(Id, other.Id) &&
Object.Equals(EntityType, other.EntityType) &&
IdIndex == other.IdIndex &&
Object.Equals(userSID, other.userSID) &&
Object.Equals(SecurityScope, other.SecurityScope));
}
protected IPrivilegeResult CreateResult <V>(IList <V> objRefs, ISecurityScope[] securityScopes, List <IObjRef> missingObjRefs,
IAuthorization authorization, IMap <PrivilegeKey, IPrivilege> privilegeResultOfNewEntities) where V : IObjRef
{
PrivilegeKey privilegeKey = null;
IPrivilege[] result = new IPrivilege[objRefs.Count];
String userSID = authorization.SID;
for (int index = objRefs.Count; index-- > 0;)
{
IObjRef objRef = objRefs[index];
if (objRef == null)
{
continue;
}
if (privilegeKey == null)
{
privilegeKey = new PrivilegeKey();
}
bool useCache = true;
privilegeKey.EntityType = objRef.RealType;
privilegeKey.IdIndex = objRef.IdNameIndex;
privilegeKey.Id = objRef.Id;
privilegeKey.userSID = userSID;
if (privilegeKey.Id == null)
{
useCache = false;
// use the ObjRef instance as the id
privilegeKey.Id = objRef;
}
IPrivilege mergedPrivilegeItem = null;
for (int a = securityScopes.Length; a-- > 0;)
{
privilegeKey.SecurityScope = securityScopes[a].Name;
IPrivilege existingPrivilegeItem = useCache ? privilegeCache.Get(privilegeKey)
: privilegeResultOfNewEntities != null?privilegeResultOfNewEntities.Get(privilegeKey) : null;
if (existingPrivilegeItem == null)
{
mergedPrivilegeItem = null;
break;
}
if (mergedPrivilegeItem == null)
{
// Take first existing privilege as a start
mergedPrivilegeItem = existingPrivilegeItem;
}
else
{
// Merge all other existing privileges by boolean OR
throw new NotSupportedException("Not yet implemented");
}
}
if (mergedPrivilegeItem == null)
{
if (missingObjRefs != null)
{
missingObjRefs.Add(objRef);
continue;
}
mergedPrivilegeItem = DenyAllPrivilege.INSTANCE;
}
result[index] = mergedPrivilegeItem;
}
return(new PrivilegeResult(authorization.SID, result));
}
public IPrivilegeResult GetPrivilegesByObjRef <V>(IList <V> objRefs, params ISecurityScope[] securityScopes) where V : IObjRef
{
ISecurityContext context = SecurityContextHolder.Context;
IAuthorization authorization = context != null ? context.Authorization : null;
if (authorization == null)
{
throw new SecurityException("User must be authenticated to be able to check for privileges");
}
if (securityScopes.Length == 0)
{
throw new ArgumentException("No " + typeof(ISecurityScope).Name + " provided to check privileges against");
}
List <IObjRef> missingObjRefs = new List <IObjRef>();
lock (writeLock)
{
IPrivilegeResult result = CreateResult(objRefs, securityScopes, missingObjRefs, authorization, null);
if (missingObjRefs.Count == 0)
{
return(result);
}
}
if (PrivilegeService == null)
{
throw new SecurityException("No bean of type " + typeof(IPrivilegeService).FullName
+ " could be injected. Privilege functionality is deactivated. The current operation is not supported");
}
String userSID = authorization.SID;
IList <IPrivilegeOfService> privilegeResults = PrivilegeService.GetPrivileges(missingObjRefs.ToArray(), securityScopes);
lock (writeLock)
{
HashMap <PrivilegeKey, IPrivilege> privilegeResultOfNewEntities = null;
for (int a = 0, size = privilegeResults.Count; a < size; a++)
{
IPrivilegeOfService privilegeResult = privilegeResults[a];
IObjRef reference = privilegeResult.Reference;
PrivilegeKey privilegeKey = new PrivilegeKey(reference.RealType, reference.IdNameIndex, reference.Id, userSID);
bool useCache = true;
if (privilegeKey.Id == null)
{
useCache = false;
privilegeKey.Id = reference;
}
privilegeKey.SecurityScope = InterningFeature.Intern(privilegeResult.SecurityScope.Name);
IPrivilege privilege = CreatePrivilegeFromServiceResult(reference, privilegeResult);
if (useCache)
{
privilegeCache.Put(privilegeKey, privilege);
}
else
{
if (privilegeResultOfNewEntities == null)
{
privilegeResultOfNewEntities = new HashMap <PrivilegeKey, IPrivilege>();
}
privilegeResultOfNewEntities.Put(privilegeKey, privilege);
}
}
return(CreateResult(objRefs, securityScopes, null, authorization, privilegeResultOfNewEntities));
}
}
