// -------------------------- IMPLEMENTATION private static bool CheckInstances <T>(this IInternalRolCan me, bool forAll, IEnumerable <T> values) { using (var res = Printer.CallResult <bool>()) { if (me.Rol == null) { return(res.Value = false); } bool CheckInstance(T value) => ByAll(me, Singleton.Get <TypeDiscriminatorFactory>().FromType <T>(), typeof(T).GetDiscriminatorsOfDiscriminatedProperties(value).ToArray()); var r = forAll ? values.Where(value => CheckInstance(value)).Count() == values.Count() : values.Where(value => CheckInstance(value)).Any(); if (me.ThrowExceptionIfCannot && !r) { throw new UnauthorizedAccessException($"The rol '{me.Rol.Name}' cannot '{me.Functions.Aggregate("", (a, c) => a + c.Name + "·", a => a.Trim('·'))}' for the given instances '{values}'"); } return(res.Value = r); } }
internal static bool CheckDiscriminators(this IInternalRolCan me, bool forAll, TypeDiscriminator typeDiscriminator, params IDiscriminator[] discriminators) { using (var res = Printer.CallResult <bool>()) { using (Printer.Indent2("Input parameters")) { Printer.WriteLine($"Rol: {me?.Rol?.Name}"); Printer.WriteLine($"Functions: {string.Join(",", me.Functions.Select(f => f.Name)) ?? "<null>"}"); Printer.WriteLine($"For all: {forAll}"); Printer.WriteLine($"Type discriminator: {typeDiscriminator?.ToString() ?? "null"}"); Printer.Foreach($"Discriminators:", discriminators, dis => Printer.WriteLine($"{dis}")); } // If Rol is null, return false if (me.Rol == null) { Printer.WriteLine($"Rol is NULL, return FALSE"); return(res.Value = false); } // If target discriminator is null, return true if (typeDiscriminator == null) { Printer.WriteLine($"TypeDiscriminator is NULL, return TRUE"); return(res.Value = true); } bool Compute() { //Printer.Foreach("Iterating functions:", me.Functions, fun => { foreach (var fun in me.Functions) { Printer.WriteLine($"Function '{fun.Name}':"); var pers = SearchPermissions(me.Rol, false, fun, typeDiscriminator, discriminators); if (!pers.Any()) { return(false); } else { var grantPermissions = pers.Where(p => p.Value).ToList(); var deniedPermissions = pers.Where(p => !p.Value).ToList(); Printer.WriteLine($"Found '{grantPermissions.Count}' grant permissions"); Printer.WriteLine($"Found '{deniedPermissions.Count}' denied permissions"); var r = false; if (discriminators.IsNullOrEmpty()) { r = grantPermissions.Count > 0 && deniedPermissions.Count == 0; } else { r = forAll ? discriminators.All(dis => { return(grantPermissions.Count > 0 && deniedPermissions.Count == 0); // || grantPermissions.Count == 0; }) : discriminators.Any(dis => { //var pers = me.Rol.SearchPermissions(fun, dis); //return !pers.Any(p => !p.Value && p.Scopes.Any(s => dis.TypeId == s.Discriminator.TypeId)) && pers.Any(p => p.Value); return(!pers.Any(p => !p.Value && p.Match(false, fun, typeDiscriminator, discriminators)) && pers.Any(p => p.Value)); }); } if (!r && me.ThrowExceptionIfCannot) { throw new UnauthorizedAccessException($"The rol '{me.Rol.Name}' cannot '{me.Functions.Aggregate("", (a, c) => a + c.Name + "·", a => a.Trim('·'))}' of type '{typeDiscriminator.Name}' with given discriminators '{discriminators.Aggregate("", (a, c) => $"{a}, {c.TypeName + "<" + c.Name + ">"}", a => a.Trim(',', ' ')) }'"); } return(r); } } return(false); } res.Value = Compute(); if (!res.Value && me.ThrowExceptionIfCannot) { throw new UnauthorizedAccessException($"The rol '{me.Rol.Name}' cannot '{me.Functions.Aggregate("", (a, c) => a + c.Name + "·", a => a.Trim('·'))}' of type '{typeDiscriminator.Name}' with given discriminators '{discriminators.Aggregate("", (a, c) => $"{a}, {c.TypeName + "<" + c.Name + ">"}", a => a.Trim(',', ' ')) }'"); } return(res.Value); } }