public virtual IHttpActionResult Download(string functionName) { try { View view = GetView("_root"); Durados.Rule rule = GetRule(view, functionName); if (rule == null) { return(ResponseMessage(Request.CreateResponse(HttpStatusCode.NotFound, Messages.RuleNotFound))); } if (!(rule.WorkflowAction == Durados.WorkflowAction.Lambda || rule.WorkflowAction == Durados.WorkflowAction.NodeJS)) { return(ResponseMessage(Request.CreateResponse(HttpStatusCode.BadRequest, "not a lambda function"))); } NodeJS nodejs = new NodeJS(); return(Ok(nodejs.Download(view.GetRuleCredentials(rule), rule.LambdaName))); } catch (Exception exception) { throw new BackAndApiUnexpectedResponseException(exception, this); } }
protected virtual bool IsAllow(View view, Durados.Rule rule) { if (view.Name != "_root") { return(true); } return(view.IsRuleAllow(rule)); }
protected virtual bool CheckUsingSql(View view, Durados.Rule rule, Durados.TriggerDataAction dataAction, Dictionary <string, object> values, string pk, DataRow prevRow, string connectionString, int currentUserId, string currentUserRole) { using (IDbConnection connection = GetConnection(view)) { connection.Open(); string sql; if (dataAction == TriggerDataAction.BeforeCreate || dataAction == TriggerDataAction.AfterCreateBeforeCommit || dataAction == TriggerDataAction.AfterCreate || dataAction == TriggerDataAction.AfterDeleteBeforeCommit || dataAction == TriggerDataAction.AfterDelete) { sql = GetSql(rule, view, prevRow, null, currentUserId, currentUserRole, values); } else { sql = GetSql(rule, view, prevRow, pk, currentUserId, currentUserRole, values); } sql = sql.ReplaceWithDollar(view, values); sql = sql.ReplaceWithSharp(view, null, prevRow); if ((sql.Contains('$') || sql.Contains(Database.DictionaryPrefix + Database.SysPrevPlaceHolder)) && prevRow != null) { sql = sql.ReplaceWithDollar(view, values, prevRow); } if (sql.Contains('$') || sql.Contains('#') || sql.Contains(Database.DictionaryPrefix)) { return(false); } IDbCommand command = GetCommand(sql, connection); if (!string.IsNullOrEmpty(pk)) { foreach (SqlParameter parameter in GetWhereParemeters(view, pk)) { command.Parameters.Add(GetNewParameter(command, parameter.ParameterName, parameter.Value)); } } object scalar = null; try { scalar = command.ExecuteScalar(); } catch { return(false); } if (scalar == null || scalar == DBNull.Value) { return(false); } else { return(true); } } }
public virtual IHttpActionResult GetSecurityActionId(string actionName) { if (!IsAdmin()) { return(ResponseMessage(Request.CreateResponse(HttpStatusCode.Forbidden, Messages.ActionIsUnauthorized))); } View view = (View)map.Database.GetUserView(); Durados.Rule rule = view.GetRules().Where(r => r.Name == actionName).FirstOrDefault(); if (rule == null) { return(ResponseMessage(Request.CreateResponse(HttpStatusCode.NotFound, Messages.RuleNotFound))); } return(Ok(new { id = rule.ID })); }
public virtual IHttpActionResult Get(string objectName, string actionName) { if (!map.Database.Views.ContainsKey(objectName)) { return(ResponseMessage(Request.CreateResponse(HttpStatusCode.NotFound, Messages.ViewNameNotFound))); } View view = (View)map.Database.Views[objectName]; Durados.Rule rule = view.GetRules().FirstOrDefault(r => r.Name == actionName); if (rule == null) { return(ResponseMessage(Request.CreateResponse(HttpStatusCode.NotFound, Messages.RuleNotFound))); } string id = rule.ID.ToString(); return(GetItem(id, true)); }
public virtual bool Check(View view, Durados.Rule rule, Durados.TriggerDataAction dataAction, Dictionary <string, object> values, string pk, DataRow prevRow, bool useSqlPareser, string connectionString, int currentUserId, string currentUserRole) { if (rule.WhereCondition.Equals("true")) { return(true); } if (useSqlPareser && view != view.Database.GetUserView()) { return(CheckUsingSql(view, rule, dataAction, values, pk, prevRow, connectionString, currentUserId, currentUserRole)); } else if (string.IsNullOrEmpty(rule.WhereCondition)) { return(true); } return(parser.Check(rule.WhereCondition.Replace(currentUserId) .Replace(Database.SysUsernamePlaceHolder.AsToken(), GetCurrentUsername(view)) .Replace(Database.SysRolePlaceHolder.AsToken(), currentUserRole) .Replace(GetPrevRowAsToken(view, prevRow)).Replace(GetValuesAsToken(values)).Replace(values) .ReplaceConfig(view))); //.ReplaceGlobals(view)); }