Example #1
0
        public RbacEngineWebResponse Post([FromBody] RbacEngineWebRequest request)
        {
            RbacEngineWebResponse response = new RbacEngineWebResponse();

            try
            {
                response.UserName = request.UserName;
                response.RoleName = request.RoleName;
                using (Rbac ctx = new Rbac(request.UserName, request.RbacName, request.RoleName))
                {
                    response.RbacName = request.RbacName;
                    SqlQueryParser parser = new SqlQueryParser(ctx, request.SkipParsing);
                    parser.Parse(request.Query);

                    using (RbacSqlQueryEngine eng = new RbacSqlQueryEngine(parser, request.DebugMode))
                    {
                        eng.SkipExecution = request.SkipExecution;
                        eng.Execute();
                        response.SetResult(eng);
                    }
                }
            }
            catch (Exception ex)
            {
                response.SetResult(ex.Message);
            }

            return(response);
        }
Example #2
0
 private void IsAllowedToInsertOrUpdateOrDelete(string query = null)
 {
     using (Rbac rbac = new Rbac("essie"))   //<-- you should pass the logged in user name from the context
     {
         using (SqlQueryParser parser = new SqlQueryParser(rbac))
         {
             parser.Parse(query); //<-- this will throw error if not permitted and silent is false
         }
     }
 }
Example #3
0
 private void IsAllowedToInsertOrUpdateOrDelete(string query = null)
 {
     using (Rbac rbac = new Rbac("essie"))   //<-- you should pass the logged in user name from the context
     {
         using (SqlQueryParser parser = new SqlQueryParser(rbac))
         {
             parser.Parse(query); //<-- this will throw exception if not permitted
             //<-- if you are here, you are goood. Just perform basic insert/update/delete
         }
     }
 }
Example #4
0
 private void LoadAssemblies()
 {
     //this will load the assembly into memory, so that 2nd call is more efficient
     try
     {
         Rbac           rbac   = new Rbac("Lashawn", "Books", "role_city_mgr");
         SqlQueryParser parser = new SqlQueryParser(rbac);
         parser.Parse("select * from Author");
     }
     catch { }
 }
Example #5
0
        private void btnExecute_Click(object sender, EventArgs e)
        {
            SetStatusText("Parsing...");

            txtErrors.Text        = string.Empty;
            txtParsedQuerys1.Text = string.Empty;
            txtParsedQuery.Text   = string.Empty;
            txtErrors.Visible     = false;
            RbacEngineWebResponse response = new RbacEngineWebResponse();

            this.Cursor = Cursors.WaitCursor;
            try
            {
                _Request.RbacName          = ((Rbac)cbInstances.SelectedItem).Name;
                _Request.UserName          = ((RbacUser)cbUsers.SelectedItem).UserName;
                _Request.RoleName          = ((RbacRole)cbRoles.SelectedItem).Name;
                _Request.Query             = txtQuery.Text;
                engineInput.SelectedObject = _Request;

                using (Rbac ctx = new Rbac(_Request.UserName, _Request.RbacName, _Request.RoleName))
                {
                    SqlQueryParser parser = new SqlQueryParser(ctx, _Request.SkipParsing);
                    parser.Parse(_Request.Query);
                    response.SetResult(parser);
                    BindResult(response);
                    SetStatusText("Parsing...Done.", response);


                    if (parser.QueryType == RbacQueryTypes.Select)
                    {
                        SetStatusText("Parsing...Done. Executing...", response);

                        using (RbacSqlQueryEngine eng = new RbacSqlQueryEngine(parser, _Request.DebugMode))
                        {
                            eng.SkipExecution = _Request.SkipExecution;
                            eng.Execute();
                            response.SetResult(eng);
                            SetStatusText("Parsing...Done. Executing...Done.", response);
                        }
                    }
                }
            }
            catch (RbacException ex)
            {
                txtErrors.Text    = ex.Message;
                txtErrors.Visible = true;
                SetStatusText("Done.");
            }

            BindResult(response);
            tabControl1.SelectedIndex = 0;
            this.Cursor = Cursors.Default;
        }
Example #6
0
        private void btnExecuteAll_Click(object sender, EventArgs e)
        {
            if (lvwQueries.Tag != null)
            {
                DataTable table = lvwQueries.Tag as DataTable;
                if (table.Columns["ParsedQueryStage1"] == null)
                {
                    table.Columns.Add("ParsedQueryStage1");
                    table.Columns.Add("ParsedQuery");
                    table.Columns.Add("Errors");
                }
                foreach (DataRow row in table.Rows)
                {
                    try
                    {
                        Rbac rbac = new Rbac(row["User"].ToString(), "Books", row["Role"].ToString());

                        SqlQueryParser parser = new SqlQueryParser(rbac);
                        parser.Parse(row["Query"].ToString());
                        RbacSqlQueryEngine engine = new RbacSqlQueryEngine(parser, true);
                        engine.Execute();
                        row["ParsedQueryStage1"] = parser.ParsedQueryStage1;
                        row["ParsedQuery"]       = parser.ParsedQuery;
                        row["Errors"]            = parser.AllErrors + Environment.NewLine;
                    }
                    catch (Exception ex)
                    {
                        row["Errors"] = ex.Message;
                    }
                }

                string fileName = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, table.TableName + "_out.csv");
                try
                {
                    table.ToCsv(fileName);
                    MessageBox.Show("Test results are saved on " + fileName + "!", "Success", MessageBoxButtons.OK, MessageBoxIcon.Information);
                }
                catch (Exception ex)
                {
                    MessageBox.Show(ex.Message,
                                    "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
                }
            }
        }
Example #7
0
        // POST: api/Rbac
        public string Post([FromBody] RbacWebRequest request)
        {
            RbacWebResponse response = new RbacWebResponse(request.RbacId);

            if (request.RbacId == 0)
            {
                response.SetResult(string.Format("Rbac instance with rbac id '{0}' not found!", request.RbacId));
                return(JsonConvert.SerializeObject(response));
            }

            RbacUser user = new Rbac(request.RbacId).GetUser(request.UserName);

            if (user == null)
            {
                response.SetResult(string.Format("User '{0}' not found!", request.UserName));
                return(JsonConvert.SerializeObject(response));
            }

            if (!string.IsNullOrEmpty(request.RoleName))
            {
                user.Role = new RbacRole(request.RoleName);   //dangerous code, only to be used for role testing
                if (user.Role == null)
                {
                    response.SetResult(string.Format("Role '{0}' not found!", request.RoleName));
                    return(JsonConvert.SerializeObject(response));
                }
            }
            SqlQueryParser parser = new SqlQueryParser(new RbacContext(user), request.SkipParsing);

            parser.Parse(request.Query);
            RbacSqlQueryEngine engine = new RbacSqlQueryEngine(parser, request.DebugMode);

            engine.SkipExecution = request.SkipExecution;
            engine.Execute();
            response.SetResult(engine);
            return(JsonConvert.SerializeObject(response));
        }
Example #8
0
        public void TestBatch()
        {
            GenericParserAdapter genParser = new GenericParserAdapter(Path.Combine(_rootDir, "Books", "tests.csv"));

            genParser.FirstRowHasHeader = true;
            DataTable table = genParser.GetDataTable();

            if (table.Columns["ParsedQueryStage1"] == null)
            {
                table.Columns.Add("ParsedQueryStage1");
                table.Columns.Add("ParsedQuery");
                table.Columns.Add("Records");
                table.Columns.Add("Errors");
                table.Columns.Add("TestResult");
            }
            bool cleaned = false;

            foreach (DataRow row in table.Rows)
            {
                //if (row["Id"].ToString() == "11")
                //    Debugger.Break();

                Rbac     rbac = new Rbac(row["User"].ToString());
                RbacRole role = Rbac.GetRole(row["Role"].ToString());

                if (!cleaned)
                {
                    CleanDataFromDb(rbac.ConnectionString);
                    cleaned = true;
                }
                SqlQueryParser parser = new SqlQueryParser(rbac);
                try
                {
                    parser.Parse(row["Query"].ToString());
                }
                catch (Exception ex)
                {
                    row["Errors"] = ex.Message;
                    if (row["Expected"].ToString().Equals(row["Errors"].ToString()))
                    {
                        row["TestResult"] = "Passed";
                    }
                    else
                    {
                        row["TestResult"] = "Failed";
                    }
                    continue;
                }
                row["ParsedQueryStage1"] = parser.ParsedQueryStage1;
                row["ParsedQuery"]       = parser.ParsedQuery;
                row["Errors"]           += parser.AllErrors;

                if (string.IsNullOrEmpty(parser.AllErrors))
                {
                    RbacSqlQueryEngine engine = new RbacSqlQueryEngine(parser, true);
                    engine.Execute();
                    if (engine.IsErrored)
                    {
                        row["Records"] = "Errored";
                    }
                    else if ((parser.QueryType == RbacQueryTypes.Select) && (engine.Table == null))
                    {
                        row["Records"] = "Errored";
                    }
                    else if ((parser.QueryType == RbacQueryTypes.Select) && (engine.Table != null))
                    {
                        row["Records"] = engine.Table.Rows.Count + " record(s)";
                    }

                    if (!string.IsNullOrEmpty(parser.AllErrors))
                    {
                        row["Errors"] += parser.AllErrors + Environment.NewLine;
                    }

                    if (!string.IsNullOrEmpty(engine.AllErrors))
                    {
                        row["Errors"] += engine.AllErrors + Environment.NewLine;
                    }
                }

                if (row["Expected"].ToString().Equals(row["Errors"].ToString()))
                {
                    row["TestResult"] = "Passed";
                }
                else
                {
                    row["TestResult"] = "Failed";
                }

                CleanDataFromDb(rbac.ConnectionString);
            }

            string outFile = Path.Combine(_rootDir, "Books", "tests_result.csv");

            table.ToCsv(outFile);

            WriteColor(ConsoleColor.Green, outFile + " is generated!");
            Console.WriteLine();
            ToCsvMarkdownFormat(table, Path.Combine(_rootDir, "Books", "tests_result.md"));
        }
Example #9
0
        private void btnExecuteAll_Click(object sender, EventArgs e)
        {
            Cursor = Cursors.WaitCursor;
            toolStripProgressBar1.Visible = true;
            if (lvwQueries.Tag != null)
            {
                DataTable table = lvwQueries.Tag as DataTable;
                toolStripProgressBar1.Maximum = table.Rows.Count;
                if (table.Columns["ParsedQueryStage1"] == null)
                {
                    table.Columns.Add("ParsedQueryStage1");
                    table.Columns.Add("ParsedQuery");
                    table.Columns.Add("Errors");
                }
                foreach (DataRow row in table.Rows)
                {
                    try
                    {
                        Rbac rbac = new Rbac(row["User"].ToString(), "Books", row["Role"].ToString());

                        RbacEngineWebResponse response = new RbacEngineWebResponse();
                        this.Cursor       = Cursors.WaitCursor;
                        _Request.RbacName = rbac.Name;
                        _Request.UserName = rbac.User.UserName;
                        _Request.RoleName = rbac.User.Role.Name;
                        _Request.Query    = row["Query"].ToString();

                        SqlQueryParser parser = new SqlQueryParser(rbac);
                        parser.Parse(_Request.Query);
                        response.SetResult(parser);
                        SetStatusText("Parsing...Done.", response);

                        if (parser.QueryType == RbacQueryTypes.Select)
                        {
                            SetStatusText("Parsing...Done. Executing...", response);
                            RbacSqlQueryEngine engine = new RbacSqlQueryEngine(parser, true);
                            engine.Execute();
                            response.SetResult(engine);
                            SetStatusText("Parsing...Done. Executing...Done.", response);
                        }
                        row["ParsedQueryStage1"] = parser.ParsedQueryStage1;
                        row["ParsedQuery"]       = parser.ParsedQuery;
                        row["Errors"]            = parser.AllErrors + Environment.NewLine;
                        SetStatusText("Done.", response);
                    }
                    catch (Exception ex)
                    {
                        row["Errors"] = ex.Message;
                    }

                    toolStripProgressBar1.PerformStep();
                    Application.DoEvents();
                }
                toolStripProgressBar1.Visible = false;
                string fileName = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, table.TableName + "_out.csv");
                try
                {
                    table.ToCsv(fileName);
                    MessageBox.Show("Test results are saved on " + fileName + "!", "Success", MessageBoxButtons.OK, MessageBoxIcon.Information);
                }
                catch (Exception ex)
                {
                    Cursor = Cursors.Default;
                    MessageBox.Show(ex.Message,
                                    "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
                }

                tabControl1.SelectedIndex = 0;
                Cursor = Cursors.Default;
            }
        }