public dynamic GeneralAccessChainValidation(
IRequest Request,
MemberInfo Type,
ModelAction ModelAction,
HttpRequestMethod RequestMethod,
TRelation RelationType,
object ModelItself,
object TypeValue = null,
bool DefaultPolicy = false)
{
var typeName = Type.GetType().GetProperty("Name").GetValue(Type) as string;
var modelPermissions = Type.GetCustomAttributes <ModelPermissionAttribute> ();
var requirements = modelPermissions
.AsParallel()
.Where(requirement =>
requirement.ModelAction == ModelAction &&
requirement.RequestMethod == RequestMethod)
.ToList();
if (requirements != null && requirements.Count > 0)
{
foreach (var requirement in requirements)
{
var validation = APIUtils.InvokeMethod(
requirement.AccessChainResolver,
"Validate",
new object[] {
DbContext,
RequesterID,
Request,
ModelItself,
typeName,
TypeValue,
ModelAction,
RequestMethod,
RelationType
});
if (!(validation is bool && (bool)validation))
{
return("Requirement validation with name { " + requirement.AccessChainResolver.Name +
" } has been failed with result { " + validation + " }");
}
}
}
else if (DefaultPolicy == false)
{
return("Requested action { " + ModelAction + " } is not valid for request method { " +
RequestMethod + " }, or this action is not valid for this type { " +
typeName + " } at all");
}
return(true);
}
private void ResolveRelationDependency(
object model,
string requesterID,
IRequest request,
IRequest relatedRequest,
TRelation intractionType,
HttpRequestMethod httpRequestMethod)
{
var propertyList = model.GetType()
.GetProperties()
.Where(property => property.IsDefined(typeof(RelationDependentValueAttribute), true))
.ToList();
var updateModel = false;
foreach (var item in propertyList)
{
var attribute = item.GetCustomAttribute <RelationDependentValueAttribute> ();
var relationDependentResolver =
httpRequestMethod == HttpRequestMethod.Post ?
attribute.OnRelationCreated :
attribute.OnReleationDeleted;
var result = APIUtils.InvokeMethod(
relationDependentResolver,
"OnRelationEvent",
new object[] {
dbContext,
model,
requesterID,
request,
relatedRequest,
intractionType,
httpRequestMethod
});
if (result != null)
{
model = result;
updateModel = true;
}
}
if (updateModel)
{
dbContext.Update(model);
}
}
public dynamic ValidateRequest(
HttpRequestMethod requestMethod,
IRequest request,
ModelAction requestedAction,
TRelation relationType)
{
if (request == null ||
request.ResourceName == null || string.IsNullOrWhiteSpace(request.ResourceName))
{
return("Request Error: Route parameters should not be empty");
}
// Check ResourceName
//* Check whether resource is exist or not? is direct access allowed or not?
var resourceType = modelParser.GetResourceType(request.ResourceName);
if (resourceType == null)
{
return("Requested resource {" + request.ResourceName +
"} is not exist or direct access is not permitted");
}
request.Temp_ResourceType = resourceType;
if (requestedAction != ModelAction.Create)
{
if (request.IdentifierName == null || string.IsNullOrWhiteSpace(request.IdentifierName) ||
request.IdentifierValue == null || string.IsNullOrWhiteSpace(request.IdentifierValue))
{
return("Request Error: Route parameters should not be empty");
}
//* Check whether this identifier is exist or not for model
var identifierValidator =
(resourceType.GetCustomAttributes(typeof(IdentifierValidatorAttribute), true) as IdentifierValidatorAttribute[])
.Union(
resourceType.GetProperties()
.Where(property => property.IsDefined(typeof(IdentifierValidatorAttribute)))
.Select(validator => validator.GetCustomAttribute(typeof(IdentifierValidatorAttribute), true) as IdentifierValidatorAttribute)
)
.Where(validator => validator.PropertyName == request.IdentifierName)
.FirstOrDefault();
if (identifierValidator == null || identifierValidator.Validator == null)
{
return("Requested model identifier does not exist or it's not permitted to use it as an identifier");
}
var identifierValidation =
APIUtils.InvokeMethod(
identifierValidator.Validator,
"Validate",
new object[] {
request.IdentifierValue
});
if (!(identifierValidation is bool && (bool)identifierValidation))
{
return("Request Error: The value {" + request.IdentifierValue +
"} is not a valid value for identifier {" + request.IdentifierName + "}");
}
}
return(ModelValidation(
Request: request,
ModelType: resourceType,
ModelAction: requestedAction,
RequestMethod: requestMethod,
RelationType: relationType));
}
