internal static IPermission[] SearchPermissions(this IRol me, bool forFilter, IFunction function, TypeDiscriminator typeDiscriminator, params IDiscriminator[] discriminators)
{
using (var res = Printer.CallResult <IPermission[]>())
{
discriminators = discriminators.RemoveNulls();
using (Printer.Indent2("Inpupt Prameters"))
{
Printer.WriteLine($"Rol: {me?.Name}");
Printer.WriteLine($"For filter: " + forFilter);
Printer.WriteLine($"Function: {function?.ToString() ?? "<null>"}");
Printer.WriteLine($"Type discriminator: {typeDiscriminator?.ToString() ?? "<null>"}");
Printer.Foreach($"Discriminators:", discriminators, dis => Printer.WriteLine($"{dis}"));
}
// Function validation
if (!(function?.IsValid() ?? true))
{
throw new ArgumentException($"The '{nameof(function)}' pararameter with value '{function}' has an invalid state", nameof(function));
}
// TypeDiscriminator validation
if (!typeDiscriminator?.IsValid() ?? false)
{
throw new InvalidStateException($"The '{typeDiscriminator}' discriminator has an invalid state");
}
// Discriminators validation
var invalidDiscriminator = discriminators?.FirstOrDefault(d => !d.IsValid());
if (invalidDiscriminator != null)
{
throw new InvalidStateException($"The '{invalidDiscriminator}' discriminator has an invalid state");
}
// Get & print rol permissions
var permissions = me.AllPermissions();
using (Printer.Indent2("Permissions:"))
permissions.Print(PrintMode.Table);
using (Printer.Indent2("Iterate permissions:"))
res.Value = permissions.Where(p => p.Match(forFilter, function, typeDiscriminator, discriminators)).ToArray();
res.OnPrintResult = r => r.Print(PrintMode.Table);
return(res.Value);
}
}
internal static bool CheckDiscriminators(this IInternalRolCan me, bool forAll, TypeDiscriminator typeDiscriminator, params IDiscriminator[] discriminators)
{
using (var res = Printer.CallResult <bool>())
{
using (Printer.Indent2("Input parameters"))
{
Printer.WriteLine($"Rol: {me?.Rol?.Name}");
Printer.WriteLine($"Functions: {string.Join(",", me.Functions.Select(f => f.Name)) ?? "<null>"}");
Printer.WriteLine($"For all: {forAll}");
Printer.WriteLine($"Type discriminator: {typeDiscriminator?.ToString() ?? "null"}");
Printer.Foreach($"Discriminators:", discriminators, dis => Printer.WriteLine($"{dis}"));
}
// If Rol is null, return false
if (me.Rol == null)
{
Printer.WriteLine($"Rol is NULL, return FALSE");
return(res.Value = false);
}
// If target discriminator is null, return true
if (typeDiscriminator == null)
{
Printer.WriteLine($"TypeDiscriminator is NULL, return TRUE");
return(res.Value = true);
}
bool Compute()
{
//Printer.Foreach("Iterating functions:", me.Functions, fun => {
foreach (var fun in me.Functions)
{
Printer.WriteLine($"Function '{fun.Name}':");
var pers = SearchPermissions(me.Rol, false, fun, typeDiscriminator, discriminators);
if (!pers.Any())
{
return(false);
}
else
{
var grantPermissions = pers.Where(p => p.Value).ToList();
var deniedPermissions = pers.Where(p => !p.Value).ToList();
Printer.WriteLine($"Found '{grantPermissions.Count}' grant permissions");
Printer.WriteLine($"Found '{deniedPermissions.Count}' denied permissions");
var r = false;
if (discriminators.IsNullOrEmpty())
{
r = grantPermissions.Count > 0 && deniedPermissions.Count == 0;
}
else
{
r = forAll
? discriminators.All(dis =>
{
return(grantPermissions.Count > 0 && deniedPermissions.Count == 0); // || grantPermissions.Count == 0;
})
: discriminators.Any(dis =>
{
//var pers = me.Rol.SearchPermissions(fun, dis);
//return !pers.Any(p => !p.Value && p.Scopes.Any(s => dis.TypeId == s.Discriminator.TypeId)) && pers.Any(p => p.Value);
return(!pers.Any(p => !p.Value && p.Match(false, fun, typeDiscriminator, discriminators)) && pers.Any(p => p.Value));
});
}
if (!r && me.ThrowExceptionIfCannot)
{
throw new UnauthorizedAccessException($"The rol '{me.Rol.Name}' cannot '{me.Functions.Aggregate("", (a, c) => a + c.Name + "·", a => a.Trim('·'))}' of type '{typeDiscriminator.Name}' with given discriminators '{discriminators.Aggregate("", (a, c) => $"{a}, {c.TypeName + "<" + c.Name + ">"}", a => a.Trim(',', ' ')) }'");
}
return(r);
}
}
return(false);
}
res.Value = Compute();
if (!res.Value && me.ThrowExceptionIfCannot)
{
throw new UnauthorizedAccessException($"The rol '{me.Rol.Name}' cannot '{me.Functions.Aggregate("", (a, c) => a + c.Name + "·", a => a.Trim('·'))}' of type '{typeDiscriminator.Name}' with given discriminators '{discriminators.Aggregate("", (a, c) => $"{a}, {c.TypeName + "<" + c.Name + ">"}", a => a.Trim(',', ' ')) }'");
}
return(res.Value);
}
}
