public void RegisterBuilder(SecurityObjectBuilder securityObjectMetaData) { if (resource.Any(p => p.RealObject == securityObjectMetaData.RealObject)) { resource.Remove(resource.First(p => p.RealObject == securityObjectMetaData.RealObject)); } resource.Add(securityObjectMetaData); }
private SecurityObjectBuilder GetOrCreateBuilder(ModifiedObjectMetadata modifyObjectMetada) { SecurityObjectBuilder securityObjectMetaData = securityObjectRepository.GetObjectMetaData(modifyObjectMetada.Object); if (securityObjectMetaData == null) { securityObjectMetaData = new SecurityObjectBuilder(); securityObjectMetaData.SecurityObject = modifyObjectMetada.Object; securityObjectMetaData.RealObject = securityDbContext.RealDbContext.GetObject(modifyObjectMetada.Object); securityObjectRepository.RegisterBuilder(securityObjectMetaData); } return(securityObjectMetaData); }
private IList <BlockedObjectInfo> CheckModificationObjects(SecurityObjectBuilder securityObjectMetaData, Type targetType, string memberName) { List <BlockedObjectInfo> blockedList = new List <BlockedObjectInfo>(); bool isGranted = securityDbContext.Security.IsGranted(targetType, SecurityOperation.Write, securityObjectMetaData.RealObject, memberName); if (!isGranted) { // throw new SecurityAccessException("Write Deny " + targetType.ToString() + "Member name " + memberName); blockedList.Add(new BlockedObjectInfo { operationType = BlockedObjectInfo.OperationType.Write, objectType = targetType, memberName = memberName }); } return(blockedList); }
private void ApplyModification(IEnumerable <EntityEntry> entitiesEntry, IEnumerable <ModifiedObjectMetadata> modifyObjectsMetada) { foreach (var entityEntry in entitiesEntry) { ModifiedObjectMetadata modifyObjectMetada = modifyObjectsMetada.First(p => p.Object == entityEntry.Entity); SecurityObjectBuilder securityObjectMetaData = securityObjectRepository.GetObjectMetaData(entityEntry.Entity); if (securityObjectMetaData == null) { securityObjectMetaData = new SecurityObjectBuilder(); securityObjectMetaData.RealObject = securityDbContext.RealDbContext.GetObject(entityEntry.Entity); securityObjectMetaData.SecurityObject = entityEntry.Entity; securityObjectRepository.RegisterBuilder(securityObjectMetaData); } ApplyModyfication(securityObjectMetaData.RealObject, modifyObjectMetada); } }
private IEnumerable <SecurityObjectBuilder> PrepareRemovedObjects(IEnumerable <EntityEntry> entitiesEntry) { List <SecurityObjectBuilder> securityObjectBuilders = new List <SecurityObjectBuilder>(); foreach (EntityEntry entityEntry in entitiesEntry) { SecurityObjectBuilder securityObjectMetaData = securityObjectRepository.GetObjectMetaData(entityEntry.Entity); if (securityObjectMetaData == null) { securityObjectMetaData = new SecurityObjectBuilder(); securityObjectMetaData.RealObject = securityDbContext.RealDbContext.GetObject(entityEntry.Entity); securityObjectMetaData.SecurityObject = entityEntry.Entity; securityObjectRepository.RegisterBuilder(securityObjectMetaData); } securityObjectBuilders.Add(securityObjectMetaData); } return(securityObjectBuilders); }
private IEnumerable <object> GetOrCreateResultObjects(IEnumerable <object> securityObjects, IEnumerable <object> objects, IEnumerable <SecurityObjectBuilder> modyficationsObjects) { List <object> resultObject = new List <object>(); foreach (object targetObject in objects) { SecurityObjectBuilder objectMetaData = modyficationsObjects.FirstOrDefault(p => p.RealObject == targetObject); if (objectMetaData != null && objectMetaData.SecurityObject != null) { resultObject.Add(objectMetaData.SecurityObject); } else { resultObject.Add(targetObject); } } return(resultObject); }
private static Dictionary <string, List <SecurityObjectBuilder> > GetModifyObjectsInListProperty(SecurityObjectBuilder modyficationsObject, List <SecurityObjectBuilder> modyficationsObjects, IModel model, IPermissionProcessor processor) { Dictionary <string, List <SecurityObjectBuilder> > denyObjectsInListProperty = new Dictionary <string, List <SecurityObjectBuilder> >(); Type targetType = modyficationsObject.RealObject.GetType(); IEntityType entityType = model.FindEntityType(targetType); IEnumerable <INavigation> properties = entityType.GetNavigations(); IEnumerable <PropertyInfo> propertiesInfo = targetType.GetRuntimeProperties(); foreach (INavigation propertyNavigation in properties) { PropertyInfo navigationListPropertyInfo = propertiesInfo.First(p => p.Name == propertyNavigation.Name); if (propertyNavigation.IsCollection()) { IEnumerable listObject = (IEnumerable)navigationListPropertyInfo.GetValue(modyficationsObject.RealObject); if (listObject != null) { foreach (object objectInList in listObject) { List <object> denyObject; modyficationsObject.BlockedObjectsInListProperty.TryGetValue(propertyNavigation.Name, out denyObject); if (denyObject != null && denyObject.Contains(objectInList)) { continue; } SecurityObjectBuilder securityObjectMetaData = modyficationsObjects.FirstOrDefault(p => p.RealObject == objectInList); if (securityObjectMetaData != null && securityObjectMetaData.NeedToModify()) { List <SecurityObjectBuilder> modyfiObjectInList; if (!denyObjectsInListProperty.TryGetValue(propertyNavigation.Name, out modyfiObjectInList)) { modyfiObjectInList = new List <SecurityObjectBuilder>(); denyObjectsInListProperty.Add(propertyNavigation.Name, modyfiObjectInList); } SecurityObjectBuilder objectInListMetaInfo = modyficationsObjects.First(p => p.RealObject == objectInList); modyfiObjectInList.Add(objectInListMetaInfo); } } } } } return(denyObjectsInListProperty); }
public static IEnumerable <SecurityObjectBuilder> GetModificationsDifferences(IPermissionProcessor processor, IModel model, IEnumerable <object> processingEntity, IEnumerable <object> blockedObjects) { List <SecurityObjectBuilder> modifiedObjects = new List <SecurityObjectBuilder>(); foreach (object targetObject in processingEntity) { SecurityObjectBuilder securityObjectBuilder = new SecurityObjectBuilder(); modifiedObjects.Add(securityObjectBuilder); securityObjectBuilder.RealObject = targetObject; securityObjectBuilder.BlockedProperties = GetBlockedProperties(targetObject, model, processor); securityObjectBuilder.BlockedNavigationProperties = GetBlockedNavigationProperties(targetObject, blockedObjects, model, processor); securityObjectBuilder.BlockedObjectsInListProperty = GetBlockedObjectsInListProperty(targetObject, blockedObjects, model, processor); } foreach (SecurityObjectBuilder modyficationsObject in modifiedObjects) { modyficationsObject.ModifyObjectsInListProperty = GetModifyObjectsInListProperty(modyficationsObject, modifiedObjects, model, processor); } return(modifiedObjects); }
private IList <BlockedObjectInfo> CheckModificationObjects(IEnumerable <ModifiedObjectMetadata> modifyObjectsMetada) { List <BlockedObjectInfo> blockedList = new List <BlockedObjectInfo>(); foreach (ModifiedObjectMetadata modifyObjectMetada in modifyObjectsMetada) { SecurityObjectBuilder securityObjectMetaData = securityObjectRepository.GetObjectMetaData(modifyObjectMetada.Object); Type targetType = securityObjectMetaData.RealObject.GetType(); foreach (string memberName in modifyObjectMetada.Properties.Keys) { blockedList.AddRange(CheckModificationObjects(securityObjectMetaData, targetType, memberName)); } foreach (string memberName in modifyObjectMetada.NavigationProperties) { blockedList.AddRange(CheckModificationObjects(securityObjectMetaData, targetType, memberName)); } } return(blockedList); }
private IEnumerable <BlockedObjectInfo> CheckModifiedNavigations(IEnumerable <ModifiedObjectMetadata> modifyObjectMetadaForAddedObjects) { List <BlockedObjectInfo> blockedList = new List <BlockedObjectInfo>(); foreach (ModifiedObjectMetadata modifyObjectMetada in modifyObjectMetadaForAddedObjects) { SecurityObjectBuilder securityObjectMetaData = GetOrCreateBuilder(modifyObjectMetada); Type targetType = securityObjectMetaData.RealObject.GetType(); foreach (var navigationProperty in modifyObjectMetada.NavigationProperties) { bool isGranted = securityDbContext.Security.IsGranted(targetType, SecurityOperation.Write, securityObjectMetaData.RealObject, navigationProperty); if (!isGranted) { blockedList.Add(new BlockedObjectInfo { operationType = BlockedObjectInfo.OperationType.Write, objectType = targetType, memberName = navigationProperty }); } } } return(blockedList); }
private IEnumerable <object> CreateSecurityObjects(IEnumerable <object> processingEntity, IEnumerable <object> denyObjects, IEnumerable <SecurityObjectBuilder> modyficationsObjects) { List <object> securityObjects = new List <object>(); foreach (object targetObject in processingEntity) { SecurityObjectBuilder modifyObjectMetaInfo = modyficationsObjects.First(p => p.RealObject == targetObject); if (modifyObjectMetaInfo != null) { object securityObject; if (modifyObjectMetaInfo.SecurityObject == null) { securityObject = modifyObjectMetaInfo.CreateSecurityObject(securityDbContext.Model, securityObjectRepository); } else { securityObject = modifyObjectMetaInfo.SecurityObject; } securityObjects.Add(securityObject); } } return(securityObjects); }
public bool RemoveBuilder(SecurityObjectBuilder builder) { return(resource.Remove(builder)); }
public object CreateRealObject(IModel model, ISecurityObjectRepository securityObjectRepository) { Type targetType = SecurityObject.GetType(); RealObject = Activator.CreateInstance(SecurityObject.GetType()); IEntityType entityType = model.FindEntityType(targetType); IEnumerable <PropertyInfo> properiesInfo = targetType.GetRuntimeProperties(); IEnumerable <INavigation> navigations = entityType.GetNavigations(); IReadOnlyList <IProperty> primaryKeyProperties = entityType.FindPrimaryKey().Properties; foreach (PropertyInfo propertyInfo in properiesInfo) { object defaultValue = propertyInfo.GetValue(RealObject); defaultValueDictionary[propertyInfo.Name] = defaultValue; if (navigations.Any(p => p.Name == propertyInfo.Name)) { INavigation navigation = navigations.First(p => p.Name == propertyInfo.Name); if (navigation.IsCollection()) { IClrCollectionAccessor collectionAccessor = navigation.GetCollectionAccessor(); IEnumerable realObjectListPropertyValue = (IEnumerable)propertyInfo.GetValue(RealObject); IEnumerable securityObjectListPropertyValue = (IEnumerable)propertyInfo.GetValue(SecurityObject); if (securityObjectListPropertyValue != null && realObjectListPropertyValue != null) { foreach (object objectInListProperty in securityObjectListPropertyValue) { SecurityObjectBuilder metadata = securityObjectRepository.GetObjectMetaData(objectInListProperty); if (metadata == null) { metadata = new SecurityObjectBuilder(); securityObjectRepository.RegisterBuilder(metadata); metadata.SecurityObject = objectInListProperty; metadata.CreateRealObject(model, securityObjectRepository); } collectionAccessor.Add(RealObject, metadata.RealObject); } } } else { object realValue = propertyInfo.GetValue(SecurityObject); if (!Equals(realValue, null)) { SecurityObjectBuilder metadata = securityObjectRepository.GetObjectMetaData(realValue); if (metadata == null) { metadata = new SecurityObjectBuilder(); securityObjectRepository.RegisterBuilder(metadata); metadata.SecurityObject = realValue; metadata.CreateRealObject(model, securityObjectRepository); } if (propertyInfo.SetMethod != null) { propertyInfo.SetValue(RealObject, metadata.RealObject); } } } } else { bool isGeneratedPrimaryKey = false; foreach (IProperty primaryKeyProperty in primaryKeyProperties) { if ((propertyInfo.Name == primaryKeyProperty.Name) && primaryKeyProperty.RequiresValueGenerator) { isGeneratedPrimaryKey = true; } } if (propertyInfo.SetMethod != null && !isGeneratedPrimaryKey) { object securityValue = propertyInfo.GetValue(SecurityObject); propertyInfo.SetValue(RealObject, securityValue); } } } return(RealObject); }
public object CreateSecurityObject(IModel model, ISecurityObjectRepository securityObjectRepository) { Type targetType = RealObject.GetType(); SecurityObject = Activator.CreateInstance(RealObject.GetType()); IEntityType entityType = model.FindEntityType(targetType); IEnumerable <PropertyInfo> propertiesInfo = targetType.GetRuntimeProperties(); IEnumerable <INavigation> navigations = entityType.GetNavigations(); foreach (PropertyInfo propertyInfo in propertiesInfo) { object defaultValue = propertyInfo.GetValue(SecurityObject); defaultValueDictionary[propertyInfo.Name] = defaultValue; if (this.IsPropertyBlocked(propertyInfo.Name)) { if (navigations.Any(p => p.Name == propertyInfo.Name)) { INavigation navigation = navigations.First(p => p.Name == propertyInfo.Name); if (navigation.IsCollection()) { if (propertyInfo.SetMethod != null) { propertyInfo.SetValue(SecurityObject, null); } } } continue; } if (navigations.Any(p => p.Name == propertyInfo.Name)) { INavigation navigation = navigations.First(p => p.Name == propertyInfo.Name); if (navigation.IsCollection()) { IClrCollectionAccessor collectionAccessor = navigation.GetCollectionAccessor(); IEnumerable objectRealListProperty = (IEnumerable)propertyInfo.GetValue(RealObject); IEnumerable objectSecurityListProperty = (IEnumerable)propertyInfo.GetValue(SecurityObject); List <object> denyObject; BlockedObjectsInListProperty.TryGetValue(propertyInfo.Name, out denyObject); if (objectRealListProperty != null) { foreach (object objInList in objectRealListProperty) { if (denyObject != null && denyObject.Contains(objInList)) { continue; } object objectToAdd; SecurityObjectBuilder metadata = securityObjectRepository.GetObjectMetaData(objInList); if (metadata != null) { if (metadata.SecurityObject != null) { objectToAdd = metadata.SecurityObject; } else { objectToAdd = metadata.CreateSecurityObject(model, securityObjectRepository); } } else { throw new Exception(); } collectionAccessor.Add(SecurityObject, objectToAdd); } } } else { object realValue = propertyInfo.GetValue(RealObject); SecurityObjectBuilder metadata = securityObjectRepository.GetObjectMetaData(realValue); if (metadata != null && realValue != null) { if (metadata.SecurityObject == null) { metadata.SecurityObject = metadata.CreateSecurityObject(model, securityObjectRepository); } if (propertyInfo.SetMethod != null) { propertyInfo.SetValue(SecurityObject, metadata.SecurityObject); } } else { if (propertyInfo.SetMethod != null) { propertyInfo.SetValue(SecurityObject, realValue); } } } } else { if (propertyInfo.SetMethod != null) { object realValue = propertyInfo.GetValue(RealObject); propertyInfo.SetValue(SecurityObject, realValue); } } } foreach (PropertyInfo propertyInfo in propertiesInfo) { object originalValue = propertyInfo.GetValue(SecurityObject); originalValueSecurityObjectDictionary.Add(propertyInfo.Name, originalValue); } if (SecurityObject is ISecurityEntity) { ISecurityEntity securityEntity = (ISecurityEntity)SecurityObject; List <string> blockedMembers = new List <string>(); blockedMembers.AddRange(BlockedProperties); blockedMembers.AddRange(BlockedNavigationProperties); securityEntity.BlockedMembers = blockedMembers; } return(SecurityObject); }