public static Expression IsAllowedExpression(Expression entity, TypeAllowedBasic requested, bool inUserInterface) { Type type = entity.Type; TypeAllowedAndConditions tac = GetAllowed(type); Expression baseValue = Expression.Constant(tac.FallbackOrNone.Get(inUserInterface) >= requested); var expression = tac.Conditions.Aggregate(baseValue, (acum, tacRule) => { var lambda = TypeConditionLogic.GetCondition(type, tacRule.TypeCondition); var exp = (Expression)Expression.Invoke(lambda, entity); if (tacRule.Allowed.Get(inUserInterface) >= requested) { return(Expression.Or(exp, acum)); } else { return(Expression.And(Expression.Not(exp), acum)); } }); var cleaned = DbQueryProvider.Clean(expression, false, null) !; var orsSimplified = AndOrSimplifierVisitor.SimplifyOrs(cleaned); return(orsSimplified); }
static MapColorProvider[] GetMapColors() { if (!BasicPermission.AdminRules.IsAuthorized()) { return(new MapColorProvider[0]); } var roleRules = AuthLogic.RolesInOrder().ToDictionary(r => r, r => TypeAuthLogic.GetTypeRules(r).Rules.ToDictionary(a => Navigator.ResolveWebTypeName(a.Resource.ToType()), a => a.Allowed)); return(roleRules.Keys.Select((r, i) => new MapColorProvider { Name = "role-" + r.Key(), NiceName = "Role - " + r.ToString(), GetJsProvider = ColorModule["authAdminColor"](MapClient.NodesConstant, "role-" + r.Key()), AddExtra = t => { TypeAllowedAndConditions tac = roleRules[r].TryGetC(t.webTypeName); if (tac == null) { return; } t.extra["role-" + r.Key() + "-ui"] = GetName(ToStringList(tac, userInterface: true)); t.extra["role-" + r.Key() + "-db"] = GetName(ToStringList(tac, userInterface: false)); t.extra["role-" + r.Key() + "-tooltip"] = ToString(tac.Fallback) + "\n" + (tac.Conditions.IsNullOrEmpty() ? null : tac.Conditions.ToString(a => a.TypeCondition.NiceToString() + ": " + ToString(a.Allowed), "\n") + "\n"); }, Defs = i == 0 ? GetAllGradients(roleRules) : null, Order = 10, }).ToArray()); }
static MapColorProvider[] GetMapColors() { if (!BasicPermission.AdminRules.IsAuthorized()) { return(new MapColorProvider[0]); } var roleRules = AuthLogic.RolesInOrder().ToDictionary(r => r, r => TypeAuthLogic.GetTypeRules(r).Rules.ToDictionary(a => a.Resource.CleanName, a => a.Allowed)); return(roleRules.Keys.Select((r, i) => new MapColorProvider { Name = "role-" + r.Key(), NiceName = "Role - " + r.ToString(), AddExtra = t => { TypeAllowedAndConditions tac = roleRules[r].TryGetC(t.typeName); if (tac == null) { return; } t.extra["role-" + r.Key() + "-ui"] = GetName(ToStringList(tac, userInterface: true)); t.extra["role-" + r.Key() + "-db"] = GetName(ToStringList(tac, userInterface: false)); t.extra["role-" + r.Key() + "-tooltip"] = ToString(tac.Fallback) + "\n" + (tac.Conditions.IsNullOrEmpty() ? null : tac.Conditions.ToString(a => a.TypeCondition.NiceToString() + ": " + ToString(a.Allowed), "\n") + "\n"); }, Order = 10, }).ToArray()); }
public static TypeAllowedAndConditions GetAllowed(Type type) { if (!typeof(Entity).IsAssignableFrom(type)) { return(new TypeAllowedAndConditions(TypeAllowed.Create)); } TypeAllowedAndConditions tac = typeRules.GetAllowed(type); return(tac); }
private static List <TypeAllowedBasic?> ToStringList(TypeAllowedAndConditions tac, bool userInterface) { List <TypeAllowedBasic?> result = new List <TypeAllowedBasic?>(); result.Add(tac.Fallback == null ? (TypeAllowedBasic?)null : tac.Fallback.Value.Get(userInterface)); foreach (var c in tac.Conditions) { result.Add(c.Allowed.Get(userInterface)); } return(result); }
public TypeRuleBuilder(TypeAllowedRule rule) { this.allowed = new TypeAllowedBuilder(rule.Allowed.Fallback); this.conditions = rule.Allowed.Conditions.Select(c => new TypeConditionRuleBuilder(c.TypeCondition, c.Allowed)).ToMList(); this.availableConditions = rule.AvailableConditions; this.allowedBase = rule.AllowedBase; this.resource = rule.Resource; this.properties = rule.Properties; this.operations = rule.Operations; this.queries = rule.Queries; this.RebindEvents(); }
public static RuleTypeEntity ToRuleType(this TypeAllowedAndConditions allowed, Lite <RoleEntity> role, TypeEntity resource) { return(new RuleTypeEntity { Role = role, Resource = resource, Allowed = allowed.Fallback.Value, Conditions = allowed.Conditions.Select(a => new RuleTypeConditionEmbedded { Allowed = a.Allowed, Condition = a.TypeCondition }).ToMList() }); }
public static bool IsAllowedFor(this Lite <IEntity> lite, TypeAllowedBasic requested) { TypeAllowedAndConditions tac = GetAllowed(lite.EntityType); if (requested <= tac.MinUI()) { return(true); } if (tac.MaxUI() < requested) { return(false); } return(Server.Return((ITypeAuthServer s) => s.IsAllowedForInUserInterface(lite, requested))); }
public static bool IsAllowedFor(this Entity entity, TypeAllowedBasic requested) { TypeAllowedAndConditions tac = GetAllowed(entity.GetType()); if (requested <= tac.MinUI()) { return(true); } if (tac.MaxUI() < requested) { return(false); } return(Server.Return((ITypeAuthServer s) => s.IsAllowedForInUserInterface(entity.ToLite(), requested))); }
public override Func <Lite <RoleEntity>, PropertyAllowed, PropertyAllowed> GetCoerceValueManual(PropertyRoute pr) { return((role, a) => { if (!TypeLogic.TypeToEntity.ContainsKey(pr.RootType)) { return PropertyAllowed.Write; } TypeAllowedAndConditions aac = TypeAuthLogic.Manual.GetAllowed(role, pr.RootType); TypeAllowedBasic ta = aac.MaxUI(); PropertyAllowed pa = ta.ToPropertyAllowed(); return a < pa ? a : pa; }); }
private static Func <T, bool>?IsAllowedInMemory <T>(TypeAllowedAndConditions tac, TypeAllowedBasic allowed, bool inUserInterface) where T : Entity { if (tac.Conditions.Any(c => TypeConditionLogic.GetInMemoryCondition <T>(c.TypeCondition) == null)) { return(null); } return(entity => { foreach (var cond in tac.Conditions.Reverse()) { var func = TypeConditionLogic.GetInMemoryCondition <T>(cond.TypeCondition) !; if (func(entity)) { return cond.Allowed.Get(inUserInterface) >= allowed; } } return tac.FallbackOrNone.Get(inUserInterface) >= allowed; }); }
static void Schema_Saving(Entity ident) { if (ident.IsGraphModified && !inSave.Value) { TypeAllowedAndConditions access = GetAllowed(ident.GetType()); var requested = TypeAllowedBasic.Write; var min = access.MinDB(); var max = access.MaxDB(); if (requested <= min) { return; } if (max < requested) { throw new UnauthorizedAccessException(AuthMessage.NotAuthorizedTo0The1WithId2.NiceToString().FormatWith(requested.NiceToString(), ident.GetType().NiceName(), ident.IdOrNull)); } Schema_Saving_Instance(ident); } }
internal static Expression IsAllowedExpressionDebug(Expression entity, TypeAllowedBasic requested, bool inUserInterface) { Type type = entity.Type; TypeAllowedAndConditions tac = GetAllowed(type); Expression baseValue = Expression.Constant(tac.FallbackOrNone.Get(inUserInterface) >= requested); var list = (from line in tac.Conditions select Expression.New(ciGroupDebugData, Expression.Constant(line.TypeCondition, typeof(TypeConditionSymbol)), Expression.Invoke(TypeConditionLogic.GetCondition(type, line.TypeCondition), entity), Expression.Constant(line.Allowed))).ToArray(); Expression newList = Expression.ListInit(Expression.New(typeof(List <ConditionDebugData>)), list); Expression liteEntity = Expression.Call(null, miToLite.MakeGenericMethod(entity.Type), entity); return(Expression.New(ciDebugData, liteEntity, Expression.Constant(requested), Expression.Constant(inUserInterface), Expression.Constant(tac.Fallback), newList)); }
public ConstantFunctionButEnums(TypeAllowedAndConditions allowed) { this.Allowed = allowed; }
public TypeRuleBuilder(TypeAllowedRule rule) { this.allowed = new TypeAllowedBuilder(rule.Allowed.Fallback); this.conditions = rule.Allowed.Conditions.Select(c => new TypeConditionRuleBuilder(c.TypeCondition, c.Allowed)).ToMList(); this.availableConditions = rule.AvailableConditions; this.allowedBase = rule.AllowedBase; this.Resource = rule.Resource; this.Properties = rule.Properties; this.Operations = rule.Operations; this.Queries = rule.Queries; this.RebindEvents(); }
static List<TypeAllowedBasic?> ToStringList(TypeAllowedAndConditions tac, bool userInterface) { List<TypeAllowedBasic?> result = new List<TypeAllowedBasic?>(); result.Add(tac.Fallback == null ? (TypeAllowedBasic?)null : tac.Fallback.Value.Get(userInterface)); foreach (var c in tac.Conditions) result.Add(c.Allowed.Get(userInterface)); return result; }