/// <summary> /// Initializes a new instance of the <see cref="OwnershipInitializationCreateEntityDecorator{T}"/> class. /// </summary> /// <param name="next">The decorated instance for which authorization is being performed.</param> /// <param name="authorizationContextProvider">Provides access to the authorization context, such as the resource and action.</param> /// <param name="authorizationFilteringProvider">The component capable of authorizing the request, given necessary context.</param> /// <param name="authorizationFilterDefinitionProvider"></param> /// <param name="explicitObjectValidators"></param> /// <param name="authorizationBasisMetadataSelector"></param> /// <param name="securityRepository"></param> /// <param name="sessionFactory"></param> /// <param name="apiKeyContextProvider"></param> /// <param name="viewBasedSingleItemAuthorizationQuerySupport"></param> public OwnershipInitializationCreateEntityDecorator( ICreateEntity <T> next, IAuthorizationContextProvider authorizationContextProvider, IAuthorizationFilteringProvider authorizationFilteringProvider, IAuthorizationFilterDefinitionProvider authorizationFilterDefinitionProvider, IExplicitObjectValidator[] explicitObjectValidators, IAuthorizationBasisMetadataSelector authorizationBasisMetadataSelector, ISecurityRepository securityRepository, ISessionFactory sessionFactory, IApiKeyContextProvider apiKeyContextProvider, IViewBasedSingleItemAuthorizationQuerySupport viewBasedSingleItemAuthorizationQuerySupport) : base( authorizationContextProvider, authorizationFilteringProvider, authorizationFilterDefinitionProvider, explicitObjectValidators, authorizationBasisMetadataSelector, securityRepository, sessionFactory, apiKeyContextProvider, viewBasedSingleItemAuthorizationQuerySupport) { _next = Preconditions.ThrowIfNull(next, nameof(next)); _apiKeyContextProvider = Preconditions.ThrowIfNull(apiKeyContextProvider, nameof(apiKeyContextProvider)); }
/// <summary> /// Initializes a new instance of the <see cref="GetEntityByKeyAuthorizationDecorator{T}"/> class. /// </summary> /// <param name="next">The decorated instance for which authorization is being performed.</param> /// <param name="authorizationContextProvider">Provides access to the authorization context, such as the resource and action.</param> /// <param name="authorizationFilteringProvider"></param> /// <param name="authorizationFilterDefinitionProvider"></param> /// <param name="explicitObjectValidators"></param> /// <param name="authorizationBasisMetadataSelector"></param> /// <param name="securityRepository"></param> /// <param name="sessionFactory"></param> /// <param name="apiKeyContextProvider"></param> /// <param name="viewBasedSingleItemAuthorizationQuerySupport"></param> public GetEntityByKeyAuthorizationDecorator( IGetEntityByKey <T> next, IAuthorizationContextProvider authorizationContextProvider, IAuthorizationFilteringProvider authorizationFilteringProvider, IAuthorizationFilterDefinitionProvider authorizationFilterDefinitionProvider, IExplicitObjectValidator[] explicitObjectValidators, IAuthorizationBasisMetadataSelector authorizationBasisMetadataSelector, ISecurityRepository securityRepository, ISessionFactory sessionFactory, IApiKeyContextProvider apiKeyContextProvider, IViewBasedSingleItemAuthorizationQuerySupport viewBasedSingleItemAuthorizationQuerySupport) : base( authorizationContextProvider, authorizationFilteringProvider, authorizationFilterDefinitionProvider, explicitObjectValidators, authorizationBasisMetadataSelector, securityRepository, sessionFactory, apiKeyContextProvider, viewBasedSingleItemAuthorizationQuerySupport) { _next = next; _viewBasedSingleItemAuthorizationQuerySupport = viewBasedSingleItemAuthorizationQuerySupport; }
protected RepositoryOperationAuthorizationDecoratorBase( IAuthorizationContextProvider authorizationContextProvider, IAuthorizationFilteringProvider authorizationFilteringProvider, IAuthorizationFilterDefinitionProvider authorizationFilterDefinitionProvider, IExplicitObjectValidator[] explicitObjectValidators, IAuthorizationBasisMetadataSelector authorizationBasisMetadataSelector, ISecurityRepository securityRepository, ISessionFactory sessionFactory, IApiKeyContextProvider apiKeyContextProvider, IViewBasedSingleItemAuthorizationQuerySupport viewBasedSingleItemAuthorizationQuerySupport) { _authorizationContextProvider = authorizationContextProvider; _authorizationFilteringProvider = authorizationFilteringProvider; _authorizationFilterDefinitionProvider = authorizationFilterDefinitionProvider; _explicitObjectValidators = explicitObjectValidators; _authorizationBasisMetadataSelector = authorizationBasisMetadataSelector; _sessionFactory = sessionFactory; _apiKeyContextProvider = apiKeyContextProvider; _viewBasedSingleItemAuthorizationQuerySupport = viewBasedSingleItemAuthorizationQuerySupport; // Lazy initialization _bitValuesByAction = new Lazy <Dictionary <string, Actions> >( () => new Dictionary <string, Actions> { { securityRepository.GetActionByName("Create").ActionUri, Actions.Create }, { securityRepository.GetActionByName("Read").ActionUri, Actions.Read }, { securityRepository.GetActionByName("Update").ActionUri, Actions.Update }, { securityRepository.GetActionByName("Delete").ActionUri, Actions.Delete } }); }
public ViewBasedAuthorizationFilterDefinition( string filterName, string viewName, string viewTargetEndpointName, string subjectEndpointName, Func <EdFiAuthorizationContext, AuthorizationFilterContext, InstanceAuthorizationResult> authorizeInstance, IViewBasedSingleItemAuthorizationQuerySupport viewBasedSingleItemAuthorizationQuerySupport) : base( filterName, $@"{{currentAlias}}.{subjectEndpointName} IN ( SELECT {{newAlias1}}.{viewTargetEndpointName} FROM " + GetFullNameForView($"auth_{viewName}") + $@" {{newAlias1}} WHERE {{newAlias1}}.{RelationshipAuthorizationConventions.ViewSourceColumnName} IN (:{RelationshipAuthorizationConventions.ClaimsParameterName}))", (criteria, @where, parameters, joinType) => criteria.ApplyJoinFilter( @where, parameters, viewName, subjectEndpointName, viewTargetEndpointName, joinType, Guid.NewGuid().ToString("N")), authorizeInstance, (t, p) => p.HasPropertyNamed(subjectEndpointName ?? viewTargetEndpointName)) { ViewName = viewName; ViewTargetEndpointName = viewTargetEndpointName; SubjectEndpointName = subjectEndpointName ?? viewTargetEndpointName; ViewBasedSingleItemAuthorizationQuerySupport = viewBasedSingleItemAuthorizationQuerySupport; }
public RelationshipsWithStudentsOnlyThroughResponsibilityAuthorizationStrategyFilterDefinitionsFactory( IEducationOrganizationIdNamesProvider educationOrganizationIdNamesProvider, IApiKeyContextProvider apiKeyContextProvider, IViewBasedSingleItemAuthorizationQuerySupport viewBasedSingleItemAuthorizationQuerySupport) : base(educationOrganizationIdNamesProvider, apiKeyContextProvider, viewBasedSingleItemAuthorizationQuerySupport) { _viewBasedSingleItemAuthorizationQuerySupport = viewBasedSingleItemAuthorizationQuerySupport; }
public RelationshipsAuthorizationStrategyFilterDefinitionsFactory( IEducationOrganizationIdNamesProvider educationOrganizationIdNamesProvider, IApiKeyContextProvider apiKeyContextProvider, IViewBasedSingleItemAuthorizationQuerySupport viewBasedSingleItemAuthorizationQuerySupport) { _educationOrganizationIdNamesProvider = educationOrganizationIdNamesProvider; _apiKeyContextProvider = apiKeyContextProvider; _viewBasedSingleItemAuthorizationQuerySupport = viewBasedSingleItemAuthorizationQuerySupport; }