private Dictionary <PermissionTypeBase, int> PermissionQueryWithLinq_GetRelatedPermissions(
SecurityContext ctx, int entityId, int identityId, PermissionLevel level)
{
var counters = new int[PermissionTypeBase.PermissionCount];
var permissionTypes = PermissionTypeBase.GetPermissionTypes();
void CountBits(ulong bits)
{
var mask = 1uL;
var b = bits;
foreach (var pt in permissionTypes)
{
if ((b & mask) > 0)
{
counters[pt.Index]++;
}
mask <<= 1;
}
}
var identities = new[] { identityId };
foreach (var change in SecurityQuery.Subtree(ctx)
.GetPermissionChanges(entityId, identities, BreakOptions.StopAtParentBreak)
.Where(x => x.EntryType == EntryType.Normal))
{
switch (level)
{
case PermissionLevel.Allowed:
CountBits(change.ChangedBits.AllowBits);
break;
case PermissionLevel.Denied:
CountBits(change.ChangedBits.DenyBits);
break;
case PermissionLevel.AllowedOrDenied:
CountBits(change.ChangedBits.AllowBits);
CountBits(change.ChangedBits.DenyBits);
break;
default:
throw new ArgumentOutOfRangeException(nameof(level), level, null);
}
}
var result = new Dictionary <PermissionTypeBase, int>();
for (var i = 0; i < PermissionTypeBase.PermissionCount; i++)
{
result.Add(PermissionTypeBase.GetPermissionTypeByIndex(i), counters[i]);
}
return(result);
}
private static PermissionTypeBase[] GetPermissionTypes(string bitMask)
{
var result = new List <PermissionTypeBase>();
var length = bitMask.Length;
for (var i = 0; i < length; i++)
{
if (bitMask[i] != '_')
{
result.Add(PermissionTypeBase.GetPermissionTypeByIndex(length - i - 1));
}
}
return(result.ToArray());
}
/// <summary>
/// Returns resolved permission types by the passed source string like this: "______________+"
/// </summary>
/// <param name="src">Use like tis: "______________+"</param>
/// <returns>PermissionType[]</returns>
internal PermissionTypeBase[] GetPermissionTypes(string src)
{
var result = new List <PermissionTypeBase>();
var index = 0;
for (var i = src.Length - 1; i >= 0; i--)
{
if (src[i] != '_')
{
result.Add(PermissionTypeBase.GetPermissionTypeByIndex(index));
}
index++;
}
return(result.ToArray());
}
private Dictionary <PermissionTypeBase, int> PermissionQueryWithLinq_GetRelatedPermissions_OLD(
TestSecurityContext ctx, int entityId, int identityId, PermissionLevel level)
{
var counters = new int[PermissionTypeBase.PermissionCount];
var permissionTypes = PermissionTypeBase.GetPermissionTypes();
void CountBits(ulong bits)
{
var mask = 1uL;
var b = bits;
foreach (var pt in permissionTypes)
{
if ((b & mask) > 0)
{
counters[pt.Index]++;
}
mask = mask << 1;
}
}
//var identities = new TestSecurityContext(new TestUser { Id = identityId }).GetGroups();
//identities.Add(identityId);
var identities = new[] { identityId };
var aces = SecurityQuery.ParentChain(ctx).GetEntities(entityId, BreakOptions.StopAtParentBreak)
.Where(e => e.Acl != null) // relevant entities
.SelectMany(e => e.Acl.Entries) // join
.Where(e => identities.Contains(e.IdentityId) && // identity filter
!e.LocalOnly && // local only entry is not affected on the parent chain
e.EntryType == EntryType.Normal) // only the normal entries are relevant
.Union(SecurityQuery.Subtree(ctx).GetEntities(entityId) // do not stop at breaks
.Where(e => e.Acl != null) // relevant entities
.SelectMany(e => e.Acl.Entries) // join
.Where(e => identities.Contains(e.IdentityId) && // identity filter
e.EntryType == EntryType.Normal) // only the normal entries are relevant
);
foreach (var ace in aces)
{
switch (level)
{
case PermissionLevel.Allowed:
CountBits(ace.AllowBits);
break;
case PermissionLevel.Denied:
CountBits(ace.DenyBits);
break;
case PermissionLevel.AllowedOrDenied:
CountBits(ace.AllowBits);
CountBits(ace.DenyBits);
break;
default:
throw new ArgumentOutOfRangeException(nameof(level), level, null);
}
}
var result = new Dictionary <PermissionTypeBase, int>();
for (var i = 0; i < PermissionTypeBase.PermissionCount; i++)
{
result.Add(PermissionTypeBase.GetPermissionTypeByIndex(i), counters[i]);
}
return(result);
}
