ResponseContext IAccessControlPrivacyService.ExecuteSecurityProcess(JObject user, JObject[] resource, string action, string collectionName, JObject environment)
        {
            _user           = user;
            _collectionName = collectionName;
            _action         = action;
            _environment    = environment;

            environment.AddAnnotation(action);
            EffectResult effect = AccessControlCollectionPolicyProcessing();

            if (effect == EffectResult.Deny)
            {
                return(new ResponseContext(EffectResult.Deny, null));
            }

            var accessControlRecordPolicies = _accessControlPolicyRepository.GetPolicies(collectionName, action, true);

            _policyCombining = accessControlRecordPolicies.Count > 0 ? _accessControlPolicyRepository.GetPolicyCombining(accessControlRecordPolicies)
                                                                    : "permit-overrides";

            _resource = new List <JObject>();

            foreach (var record in resource)
            {
                if (AccessControlRecordPolicyProcessing(record, _policyCombining, accessControlRecordPolicies) != null)
                {
                    _resource.Add(record);
                }
            }

            if (_resource.Count == 0)
            {
                return(new ResponseContext(EffectResult.Deny, null));
            }

            if (!action.Equals("read"))
            {
                return(new ResponseContext(EffectResult.Permit, _resource));
            }

            _collectionPrivacyRules = GetFieldCollectionRules();
            var privacyRecords = new JArray();

            //Parallel.ForEach(_resource, record =>
            //{
            //    var privacyField = GetPrivacyRecordField(record, policies);
            //    var privacyRecord = PrivacyProcessing(record, privacyField);
            //    Console.WriteLine(privacyRecord);
            //    privacyRecords.Add(privacyRecord);
            //});
            foreach (var record in _resource)
            {
                Console.WriteLine(DateTime.Now.Millisecond);
                var privacyFields = GetPrivacyRecordField(record);
                var privacyRecord = PrivacyProcessing(record, privacyFields);
                Console.WriteLine(DateTime.Now.Millisecond);
                privacyRecords.Add(privacyRecord);
            }
            return(new ResponseContext(EffectResult.Permit, privacyRecords));
        }
Example #2
0
        ResponseContext IAccessControlService.ExecuteProcess(JObject user, JObject[] resource, string action, string collectionName, JObject environment)
        {
            _user           = user;
            _collectionName = collectionName;
            _action         = action;
            _environment    = environment;

            environment.AddAnnotation(action);

            EffectResult effect = CollectionAccessControlProcess();

            if (effect == EffectResult.Deny)
            {
                return(new ResponseContext(EffectResult.Deny, null));
            }
            else if (effect == EffectResult.Permit)
            {
                return(new ResponseContext(EffectResult.Permit, resource));
            }

            var accessControlRecordPolicies = _accessControlPolicyRepository.GetPolicies(collectionName, action, true);

            if (accessControlRecordPolicies.Count == 0)
            {
                return(new ResponseContext(EffectResult.Deny, null));
            }

            string policyCombining = _accessControlPolicyRepository.GetPolicyCombining(accessControlRecordPolicies);

            ICollection <JObject> _resource = new List <JObject>();

            if (resource.Length > 1000)
            {
                Parallel.ForEach(resource, record =>
                {
                    if (RowAccessControlProcess(record, policyCombining, accessControlRecordPolicies) != null)
                    {
                        lock (_resource)
                            _resource.Add(record);
                    }
                });
            }
            else
            {
                foreach (var record in resource)
                {
                    if (RowAccessControlProcess(record, policyCombining, accessControlRecordPolicies) != null)
                    {
                        _resource.Add(record);
                    }
                }
            }
            if (_resource.Count == 0)
            {
                return(new ResponseContext(EffectResult.Deny, null));
            }

            return(new ResponseContext(EffectResult.Permit, _resource));
        }