Example #1
0
 /// <summary>
 /// 添加特权
 /// </summary>
 /// <param name="privilege"></param>
 public void AddPrivilege(Privilege privilege)
 {
     this.m_privileges.Add(privilege);
 }
Example #2
0
        /// <summary>
        /// 根据合并规则对指定特权进行合并
        /// </summary>
        /// <param name="target"></param>
        internal void Merge(Privilege target)
        {
            foreach (Privilege current in this.m_privileges)
            {
                if (current.Name.Equals(target.Name, StringComparison.OrdinalIgnoreCase))
                {
                    if (target.Permission == PermissionType.INHERIT)
                    {
                        return;
                    }

                    switch (current.Permission)
                    {
                        case PermissionType.DEFAULT_ALLOW:
                            if (target.Permission != PermissionType.DEFAULT_DENY)
                            {
                                current.Permission = target.Permission;
                            }
                            break;

                        case PermissionType.DEFAULT_DENY:
                            if (target.Permission != PermissionType.DEFAULT_ALLOW)
                            {
                                current.Permission = target.Permission;
                            }
                            break;

                        case PermissionType.INHERIT:
                            current.Permission = target.Permission;
                            break;

                        case PermissionType.ALLOW:
                            if ((target.Permission == PermissionType.DENY)
                                || (target.Permission == PermissionType.ENFORCE_ALLOW)
                                || (target.Permission == PermissionType.ENFORCE_DENY))
                            {
                                current.Permission = target.Permission;
                            }
                            break;

                        case PermissionType.DENY:
                            if ((target.Permission == PermissionType.ENFORCE_ALLOW)
                                || (target.Permission == PermissionType.ENFORCE_DENY))
                            {
                                current.Permission = target.Permission;
                            }
                            break;

                        case PermissionType.ENFORCE_ALLOW:
                            if (target.Permission == PermissionType.ENFORCE_DENY)
                            {
                                current.Permission = target.Permission;
                            }
                            break;

                        case PermissionType.ENFORCE_DENY:
                            break;

                        default:
                            break;
                    }

                    return;
                }
            }

            this.Privileges.Add(target);
        }
Example #3
0
        /// <summary>
        /// 查询满足给定权限的用户集合(使用动态权限查询,仅查询有效的用户)
        /// </summary>
        /// <param name="privilege"></param>
        /// <returns></returns>
        public IList<Account> SelectAccountsByPrivilege(Privilege privilege)
        {
            Check.Require(privilege != null);

            IList<Account> accounts = new List<Account>();

            foreach (Account account in this.AccountDao.SelectAllEnabled())
            {
                PrivilegeGroup privilegeGroup = this.GetDynamicPrivileges(account);
                foreach (Privilege toTest in privilegeGroup.Privileges)
                {
                    if (string.Equals(toTest.Name, privilege.Name, StringComparison.OrdinalIgnoreCase))
                    {
                        if (toTest.Permission == privilege.Permission)
                        {
                            accounts.Add(account);
                        }
                    }
                }
            }

            return accounts;
        }