Exemple #1
0
        /// <summary>
        /// Guards the action represented by MemberInfo by checking the permission-derived attributes and throwing exception if
        /// any of authorization attributes do not pass
        /// </summary>
        public static void AuthorizeAndGuardAction(IApplication app,
                                                   MemberInfo actionInfo,
                                                   ISession session = null,
                                                   GetSessionFunc getSessionFunc = null)
        {
            var failed = FindAuthorizationFailingPermission(app, actionInfo, session, getSessionFunc);

            if (failed != null)
            {
                throw new AuthorizationException(string.Format(StringConsts.SECURITY_AUTHROIZATION_ERROR, failed, actionInfo.ToDescription()));
            }
        }
Exemple #2
0
           /// <summary>
           /// Checks the action represented by MemberInfo by checking the permission-derived attributes and returns false if 
           /// any of authorization attributes do not pass
           /// </summary>
           public static Permission FindAuthorizationFailingPermission(MemberInfo actionInfo, ISession session = null, GetSessionFunc getSessionFunc = null)
           { //20150124 DKh - added caching instead of reflection. Glue inproc binding speed improved 20%
             Permission[] permissions;
             if (!s_AttrCache.TryGetValue(actionInfo, out permissions))
             {
               permissions = actionInfo.GetCustomAttributes(typeof(Permission), true).Cast<Permission>().ToArray();
               var dict = new Dictionary<MemberInfo,Permission[]>(s_AttrCache);
               dict[actionInfo] = permissions;
               s_AttrCache = dict;//atomic
             }

             for(var i=0; i<permissions.Length; i++)
             {
               var permission = permissions[i];
               if (i==0 && session==null && getSessionFunc!=null) session = getSessionFunc();
               if (!permission.Check(session)) return permission;
             }
             return null;
           }
Exemple #3
0
        /// <summary>
        /// Guards the action  by checking a single permission and throwing exception if any of authorization attributes do not pass
        /// </summary>
        public static void AuthorizeAndGuardAction(IApplication app,
                                                   Permission permission,
                                                   string actionName,
                                                   ISession session = null,
                                                   GetSessionFunc getSessionFunc = null)
        {
            if (permission == null)
            {
                return;
            }

            if (session == null && getSessionFunc != null)
            {
                session = getSessionFunc();
            }

            var failed = !permission.Check(app, session);

            if (failed)
            {
                throw new AuthorizationException(string.Format(StringConsts.SECURITY_AUTHROIZATION_ERROR, failed, actionName ?? CoreConsts.UNKNOWN));
            }
        }
Exemple #4
0
        /// <summary>
        /// Guards the action represented by enumerable of permissions by checking all permissions and throwing exception if
        /// any of authorization attributes do not pass
        /// </summary>
        public static void AuthorizeAndGuardAction(IApplication app,
                                                   IEnumerable <Permission> permissions,
                                                   string actionName,
                                                   ISession session = null,
                                                   GetSessionFunc getSessionFunc = null)
        {
            if (permissions == null)
            {
                return;
            }


            if (session == null && permissions.Any() && getSessionFunc != null)
            {
                session = getSessionFunc();
            }

            var failed = permissions.FirstOrDefault(perm => perm != null && !perm.Check(app, session));

            if (failed != null)
            {
                throw new AuthorizationException(string.Format(StringConsts.SECURITY_AUTHROIZATION_ERROR, failed, actionName ?? CoreConsts.UNKNOWN));
            }
        }
Exemple #5
0
        /// <summary>
        /// Checks the action represented by MemberInfo by checking the permission-derived attributes and returns false if
        /// any of authorization attributes do not pass
        /// </summary>
        public static Permission FindAuthorizationFailingPermission(IApplication app, MemberInfo actionInfo, ISession session = null, GetSessionFunc getSessionFunc = null)
        { //20150124 DKh - added caching instead of reflection. Glue inproc binding speed improved 20%
            Permission[] permissions;
            if (!s_AttrCache.TryGetValue(actionInfo, out permissions))
            {
                permissions = actionInfo.GetCustomAttributes(typeof(Permission), true).Cast <Permission>().ToArray();
                var dict = new Dictionary <MemberInfo, Permission[]>(s_AttrCache);
                dict[actionInfo] = permissions;
                s_AttrCache      = dict;//atomic
            }

            for (var i = 0; i < permissions.Length; i++)
            {
                var permission = permissions[i];
                if (i == 0 && session == null && getSessionFunc != null)
                {
                    session = getSessionFunc();
                }
                if (!permission.Check(app, session))
                {
                    return(permission);
                }
            }
            return(null);
        }
Exemple #6
0
 /// <summary>
 /// Checks the action represented by MemberInfo by checking the permission-derived attributes and returns false if
 /// any of authorization attributes do not pass
 /// </summary>
 public static bool AuthorizeAction(IApplication app, MemberInfo actionInfo, ISession session = null, GetSessionFunc getSessionFunc = null)
 {
     return(FindAuthorizationFailingPermission(app, actionInfo, session, getSessionFunc) == null);
 }
Exemple #7
0
        /// <summary>
        /// Guards the action represented by enumerable of permissions by checking all permissions and throwing exception if
        /// any of authorization attributes do not pass
        /// </summary>
        public static void AuthorizeAndGuardAction(IEnumerable<Permission> permissions, string actionName, ISession session = null, GetSessionFunc getSessionFunc = null)
        {
            if (permissions==null) return;

             if (session==null && permissions.Any() && getSessionFunc!=null) session = getSessionFunc();

             var failed = permissions.FirstOrDefault(perm => !perm.Check(session));

             if (failed!=null)
               throw new AuthorizationException(string.Format(StringConsts.SECURITY_AUTHROIZATION_ERROR, failed,  actionName ?? CoreConsts.UNKNOWN));
        }
Exemple #8
0
        ////20140124 DKh - added caching instead of reflection. Glue inproc binding speed improved 20%
        ///// <summary>
        ///// Checks the action represented by MemberInfo by checking the permission-derived attributes and returns false if
        ///// any of authorization attributes do not pass
        ///// </summary>
        //public static Permission FindAuthorizationFailingPermission(MemberInfo actionInfo, ISession session = null, GetSessionFunc getSessionFunc = null)
        //{
        //  var attrs = actionInfo.GetCustomAttributes(typeof(Permission), true).Cast<Permission>();
        //  var first = true;
        //  foreach(var attr in attrs)
        //  {
        //    if (first && session==null && getSessionFunc!=null) session = getSessionFunc();
        //    first = false;
        //    if (!attr.Check(session)) return attr;
        //  }
        //  return null;
        //}
        /// <summary>
        /// Guards the action represented by MemberInfo by checking the permission-derived attributes and throwing exception if
        /// any of authorization attributes do not pass
        /// </summary>
        public static void AuthorizeAndGuardAction(MemberInfo actionInfo, ISession session = null, GetSessionFunc getSessionFunc = null)
        {
            var failed = FindAuthorizationFailingPermission(actionInfo, session, getSessionFunc);

             if (failed!=null)
               throw new AuthorizationException(string.Format(StringConsts.SECURITY_AUTHROIZATION_ERROR, failed,  actionInfo.ToDescription()));
        }
Exemple #9
0
 /// <summary>
 /// Checks the action represented by MemberInfo by checking the permission-derived attributes and returns false if
 /// any of authorization attributes do not pass
 /// </summary>
 public static bool AuthorizeAction(MemberInfo actionInfo, ISession session = null, GetSessionFunc getSessionFunc = null)
 {
     return FindAuthorizationFailingPermission(actionInfo, session, getSessionFunc) == null;
 }
Exemple #10
0
 /// <summary>
 /// Checks the action represented by MemberInfo by checking the permission-derived attributes and returns false if
 /// any of authorization attributes do not pass
 /// </summary>
 public static bool AuthorizeAction(ISecurityManager secman, MemberInfo actionInfo, ISession session = null, GetSessionFunc getSessionFunc = null)
 {
     return(FindAuthorizationFailingPermission(secman, actionInfo, session, getSessionFunc) == null);
 }