Exemple #1
0
        public bool IsAllowed(
            SecureRequestContext requestContext)
        {
            if (!IsUseSecurityRules)
            {
                return(true);
            }

            bool isAllowed = false;

            if (requestContext == null)
            {
                Logger.LogError(5, "Access to a NULL SecureRequestContext cannot be allowed!");
                return(false);
            }

            if (!requestContext.IsSecurityContextDynamic)
            {
                isAllowed = IsRequestContextAllowed(CurrentUserSecurityContext.CurrentUserGroupPermissions, requestContext);
            }
            else
            {
                AppSecurityContext  appSecContext     = new AppSecurityContext(AppSecurityContext.StagingDbLcf);
                UserSecurityContext dynamicSecContext = UserSecurityContext.GetCurrentUserSecurityContext(appSecContext);
                isAllowed = IsRequestContextAllowed(dynamicSecContext.CurrentUserGroupPermissions, requestContext);
            }

            return(isAllowed);
        }
Exemple #2
0
        public static UserSecurityContext GetCurrentUserSecurityContext(AppSecurityContext appSecContext)
        {
            UserSecurityContext currentUserSecContext = new UserSecurityContext(appSecContext.Lcf);

            currentUserSecContext.CurrentUser = Authorisation.CurrentUser;

            if (currentUserSecContext.CurrentUser != null)
            {
                currentUserSecContext.CurrentUserGroups           = currentUserSecContext.GetUserGroups(currentUserSecContext.CurrentUser);
                currentUserSecContext.CurrentUserGroupPermissions = currentUserSecContext.GetUserGroupPermissions(currentUserSecContext.CurrentUserGroups, appSecContext);
            }

            return(currentUserSecContext);
        }
Exemple #3
0
        private void Initialise(ConfigurationInfo lcf)
        {
            if (lcf == null)
            {
                string msg = "SecureContentWrapper detected NULL LCF in ctor!";
                Logger.LogError(5, msg);
                throw new Exception(msg);
            }

            Lcf = lcf;

            AppSecContext = new AppSecurityContext(lcf);

            if (!IsUsingStagingDB) // If using the staging, then leave CurrentUserSecurityContext null, and late bind it later
            {
                CurrentUserSecurityContext = UserSecurityContext.GetCurrentUserSecurityContext(AppSecContext);
            }
        }
Exemple #4
0
        public List <GroupPermissions> GetUserGroupPermissions(
            List <MGGroup> userGroups,
            AppSecurityContext appSecContext)
        {
            if (userGroups == null)
            {
                Logger.LogError(5, "Cannot get UserGroupPermissions for NULL userGroups list!");
                return(null);
            }

            List <GroupPermissions> userGroupPermissions = new List <GroupPermissions>();

            if (userGroups.Count == 0)
            {
                Logger.LogWarning("UserGroup List is empty, returning empty UserGroupPermissionsList!");
                return(userGroupPermissions);
            }

            if (appSecContext == null)
            {
                Logger.LogError(5, "Cannot get UserGroupPermissions with NULL AppSecurityContext!");
                return(null);
            }

            // Store appSecContext.AllGroupPermissions locally so we only read it once from DB.
            // TODO: if the Staging database context, read the permissions only for this group.
            bool isUsingStagingDb =
                (Lcf.DbConInfo.NAME == AppSecurityContext.StagingDbLcf.DbConInfo.NAME);

            Dictionary <int, GroupPermissions> allGroupPerms = null;

            if (!isUsingStagingDb)
            {
                allGroupPerms = appSecContext.AllGroupPermissions;
                if (allGroupPerms == null)
                {
                    Logger.LogError(5, "Cannot get UserGroupPermissions with NULL AppSecurityContext.AllGroupPermissions!");
                    return(null);
                }
                if (allGroupPerms.Count == 0)
                {
                    Logger.LogError(5, "AppSecurityContext.AllGroupPermissions is empty, returning empty UserGroupPermissionsList!");
                    return(userGroupPermissions);
                }
            }

            GroupPermissions groupPerms = null;

            foreach (MGGroup userGroup in userGroups)
            {
                if (userGroup == null)
                {
                    Logger.LogError(5, "NULL UserGroup detected, skipping it ...");
                    continue;
                }
                else if (userGroup.ID < 1)
                {
                    Logger.LogError(5, "Invalid UserGroup.ID detected, skipping it ...");
                    continue;
                }

                if (!isUsingStagingDb)
                {
                    if (!allGroupPerms.ContainsKey(userGroup.ID))
                    {
                        Logger.LogError(5, "UserGroup.ID " + userGroup.ID + " not present in AppSecurityContext.AllGroupPermissions, skipping it ...");
                        continue;
                    }

                    groupPerms = allGroupPerms[userGroup.ID];
                    if (groupPerms == null)
                    {
                        Logger.LogError(5, "NULL GroupPermissions for userGroup.ID = " + userGroup.ID + " detected, skipping adding it ...");
                        continue;
                    }
                }
                else
                {
                    groupPerms = appSecContext.GetGroupPermissions(userGroup);
                }

                if (userGroupPermissions.Contains(groupPerms))
                {
                    Logger.LogError(5, "GroupPermissions for userGroup.ID = " + userGroup.ID + " already added, skipping adding it ...");
                    continue;
                }

                userGroupPermissions.Add(groupPerms);
            }

            return(userGroupPermissions);
        }