/// <summary>
 /// Determines if a user has a specific permission irrespective of the data
 /// </summary>
 /// <param name="db"></param>
 /// <param name="permission"></param>
 /// <param name="identity"></param>
 /// <returns></returns>
 public Task <bool> HasPermissions(TDataContext db, ApiIdentity identity, params TPermission[] permissions)
 {
     return(this.HasPermissions(db, identity, new Guid[] { }, permissions));
 }
Ejemplo n.º 2
0
 public DnsPrincipal(User user)
 {
     _user       = user;
     ApiIdentity = new Lpp.Utilities.Security.ApiIdentity(user.ID, user.UserName, user.FullName, user.OrganizationID.Value);
 }
 public virtual Task <IEnumerable <TPermission> > HasGrantedPermissions(TDataContext db, ApiIdentity identity, Guid[] objID, params TPermission[] permissions)
 {
     throw new NotImplementedException("HasPermissions has not be implemented on this class");
 }
        /// <summary>
        /// Returns if a security configuration and objects passed has ALL of the permissions passed
        /// </summary>
        /// <param name="db"></param>
        /// <param name="identity"></param>
        /// <param name="objID"></param>
        /// <param name="permissions"></param>
        /// <returns></returns>
        public virtual async Task <bool> HasPermissions(TDataContext db, ApiIdentity identity, Guid[] objID, params TPermission[] permissions)
        {
            var perms = await this.HasGrantedPermissions(db, identity, objID, permissions);

            return(perms.Count() == permissions.Count());
        }
 public abstract Task <bool> CanUpdate(TDataContext db, ApiIdentity identity, params Guid[] keys);
 public Task <IEnumerable <TPermission> > HasGrantedPermissions(TDataContext db, ApiIdentity identity, Guid objID, params TPermission[] permissions)
 {
     return(HasGrantedPermissions(db, identity, new Guid[] { objID }, permissions));
 }
 public abstract IQueryable <TEntity> SecureList(TDataContext db, IQueryable <TEntity> query, ApiIdentity identity,
                                                 params TPermission[] permissions);
 public abstract Task <bool> CanInsert(TDataContext db, ApiIdentity identity, params TEntity[] objs);
Ejemplo n.º 9
0
 public Auth(User u)
 {
     _user        = u;
     _apiIdentity = new Utilities.Security.ApiIdentity(u.ID, u.UserName, u.FullName, u.OrganizationID.Value);
 }
        /// <summary>
        /// Returns if the current user can insert a specific type of record or not
        /// </summary>
        /// <typeparam name="TDataContext"></typeparam>
        /// <typeparam name="TEntity"></typeparam>
        /// <typeparam name="TPermission"></typeparam>
        /// <param name="dataContext"></param>
        /// <param name="identity"></param>
        /// <returns></returns>
        public static async Task <bool> CanInsert <TDataContext, TEntity, TPermission>(this TDataContext dataContext, ApiIdentity identity, params TEntity[] objs)
            where TDataContext : DbContext, ISecurityContextProvider <TPermission>
            where TEntity : class
        {
            var sec = (EntitySecurityConfiguration <TDataContext, TEntity, TPermission>)dataContext.Security.FirstOrDefault(s => s is EntitySecurityConfiguration <TDataContext, TEntity, TPermission>);

            if (sec == null)
            {
                throw new ArgumentNullException("sec", "The entity of type " + typeof(TEntity).Name + " does not have a security configuration");
            }

            var result = await sec.CanInsert(dataContext, identity, objs);

            return(result);
        }
        /// <summary>
        /// /// Returns a secured list of entities based on the security information, user passed and permission requested
        /// </summary>
        /// <typeparam name="TDataContext"></typeparam>
        /// <typeparam name="TEntity"></typeparam>
        /// <typeparam name="TPermission"></typeparam>
        /// <param name="dataContext"></param>
        /// <param name="identity"></param>
        /// <param name="permissions"></param>
        /// <returns></returns>
        public static IQueryable <TEntity> Secure <TDataContext, TEntity, TPermission>(this TDataContext dataContext, ApiIdentity identity, params TPermission[] permissions)
            where TDataContext : DbContext, ISecurityContextProvider <TPermission>
            where TEntity : class
        {
            DbSet <TEntity> dbSet = dataContext.Set <TEntity>();

            var sec = (EntitySecurityConfiguration <TDataContext, TEntity, TPermission>)dataContext.Security.FirstOrDefault(s => s is EntitySecurityConfiguration <TDataContext, TEntity, TPermission>);

            if (sec == null)
            {
                throw new ArgumentNullException("sec", "The entity of type " + typeof(TEntity).Name + " does not have a security configuration");
            }

            return(sec.SecureList(dataContext, dbSet, identity, permissions));
        }
 /// <summary>
 /// Returns permission for the specific entity type based on the specified user
 /// </summary>
 /// <typeparam name="TDataContext"></typeparam>
 /// <typeparam name="TEntity"></typeparam>
 /// <typeparam name="TPermission"></typeparam>
 /// <param name="dataContext"></param>
 /// <param name="permissions"></param>
 /// <param name="identity"></param>
 /// <returns></returns>
 public static async Task <bool> HasPermissions <TDataContext, TEntity, TPermission>(this TDataContext dataContext, ApiIdentity identity, params TPermission[] permissions)
     where TDataContext : DbContext, ISecurityContextProvider <TPermission>
     where TEntity : class
 {
     return(await HasPermissions <TDataContext, TEntity, TPermission>(dataContext, identity, new Guid[] { }, permissions));
 }
        /// <summary>
        /// Returns if a specific user has permission on a specific permission type for the speicfied objs.
        /// </summary>
        /// <typeparam name="TDataContext"></typeparam>
        /// <typeparam name="TEntity"></typeparam>
        /// <typeparam name="TPermission"></typeparam>
        /// <param name="dataContext"></param>
        /// <param name="permissions"></param>
        /// <param name="identity"></param>
        /// <param name="objs"></param>
        /// <returns></returns>

        public static async Task <bool> HasPermissions <TDataContext, TEntity, TPermission>(this TDataContext dataContext, ApiIdentity identity, Guid[] objIDs, params TPermission[] permissions)
            where TDataContext : DbContext, ISecurityContextProvider <TPermission>
            where TEntity : class
        {
            var sec = (EntitySecurityConfiguration <TDataContext, TEntity, TPermission>)dataContext.Security.FirstOrDefault(s => s is EntitySecurityConfiguration <TDataContext, TEntity, TPermission>);

            if (sec == null)
            {
                throw new ArgumentNullException("sec", "The entity of type " + typeof(TEntity).Name + " does not have a security configuration");
            }

            return(await sec.HasPermissions(dataContext, identity, objIDs, permissions));
        }