/// <summary>
/// Removes the <paramref name="permission"/> from this <see cref="Role"/>.
/// </summary>
/// <param name="permission">The <see cref="Permission"/>.</param>
public void Remove(Permission permission)
{
// validate arguments
if (permission == null)
throw new ArgumentNullException("permission");
permissions.Remove(permission.Operation);
}
/// <summary>
/// Tries to get the <paramref name="permission"/> for the <paramref name="operation"/>.
/// </summary>
/// <param name="operation">The <see cref="ProtectedOperation"/>.</param>
/// <param name="permission">The <see cref="Permission"/>.</param>
/// <returns>Returns true when a <paramref name="permission"/> was found for the <paramref name="operation"/>, otherwise false.</returns>
public bool TryGet(ProtectedOperation operation, out Permission permission)
{
// validate arguments
if (operation == null)
throw new ArgumentNullException("operation");
return permissions.TryGetValue(operation, out permission);
}
/// <summary>
/// Creates the new <paramref name="permission"/> on the <paramref name="role"/>.
/// </summary>
/// <param name="context">The <see cref="IMansionContext"/>.</param>
/// <param name="role">The <see cref="Role"/>.</param>
/// <param name="permission">The <see cref="Permission"/>.</param>
public void CreatePermission(IMansionContext context, Role role, Permission permission)
{
// validate arguments
if (context == null)
throw new ArgumentNullException("context");
if (role == null)
throw new ArgumentNullException("role");
if (permission == null)
throw new ArgumentNullException("permission");
// get the repository
var repository = context.Repository;
// retrieve the role
var roleNode = RetrieveRoleNode(context, role, repository);
// store the permission
var permissionPrefix = permission.Operation.Resource.Id + "_" + permission.Operation.Id + "_";
repository.UpdateNode(context, roleNode, new PropertyBag
{
{permissionPrefix + "granted", permission.Granted},
{permissionPrefix + "priority", permission.Priority},
});
}
/// <summary>
/// Maps a <paramref name="roleNode"/> to <see cref="Role"/>.
/// </summary>
/// <param name="context"></param>
/// <param name="roleNode"></param>
/// <returns></returns>
private Role MapRole(IMansionContext context, Node roleNode)
{
// create the role
var role = new Role(roleNode.PermanentId);
// find all the properties ending with _granted
foreach (var property in roleNode.Where(x => x.Key.EndsWith(GrantedPostfix, StringComparison.OrdinalIgnoreCase)))
{
// get the resourceId and operationId
var permissionParts = property.Key.Substring(0, property.Key.Length - GrantedPostfix.Length).Split(new[] {'_'}, StringSplitOptions.RemoveEmptyEntries);
if (permissionParts.Length != 2)
throw new InvalidOperationException(string.Format("Invalid permission '{0}' found in role '{1}'", property.Key, roleNode.Pointer.PathString));
var resourceId = permissionParts[0];
var operationId = permissionParts[1];
var permissionPrefix = resourceId + "_" + operationId + "_";
// create the operation
var operation = ProtectedOperation.Create(context, resourceId, operationId);
// create the permission
var permission = new Permission
{
Granted = roleNode.Get(context, permissionPrefix + "granted", false),
Operation = operation,
Priority = roleNode.Get(context, permissionPrefix + "priority", 5)
};
// add the permission to the role
role.Add(permission);
}
// return the role
return role;
}
/// <summary>
/// Updates an existing <paramref name="permission"/>.
/// </summary>
/// <param name="context">The <see cref="IMansionContext"/>.</param>
/// <param name="permission">The <see cref="Permission"/>.</param>
public void UpdatePermission(IMansionContext context, Permission permission)
{
// validate arguments
if (context == null)
throw new ArgumentNullException("context");
if (permission == null)
throw new ArgumentNullException("permission");
throw new System.NotImplementedException();
}
/// <summary>
/// Deletes the <paramref name="permission"/> from the <paramref name="role"/>.
/// </summary>
/// <param name="context">The <see cref="IMansionContext"/>.</param>
/// <param name="role">The <see cref="Role"/>.</param>
/// <param name="permission">The <see cref="Permission"/>.</param>
public void DeletePermission(IMansionContext context, Role role, Permission permission)
{
// validate arguments
if (context == null)
throw new ArgumentNullException("context");
if (role == null)
throw new ArgumentNullException("role");
throw new System.NotImplementedException();
}
