private static string GetActionColor(EffectiveActionAndStrategy effectiveActionAndStrategy)
{
if (effectiveActionAndStrategy.ActionGranted != true)
{
return(Colors.Default);
}
switch (effectiveActionAndStrategy.ActionName)
{
case "Create":
return(effectiveActionAndStrategy.ActionInherited
? SecondaryColors.Create
: Colors.Create);
case "Read":
return(effectiveActionAndStrategy.ActionInherited
? SecondaryColors.Read
: Colors.Read);
case "Update":
return(effectiveActionAndStrategy.ActionInherited
? SecondaryColors.Update
: Colors.Update);
case "Delete":
return(effectiveActionAndStrategy.ActionInherited
? SecondaryColors.Delete
: Colors.Delete);
default:
return(Colors.Default);
}
}
private static EffectiveActionAndStrategy GetEffectiveActionPermissions(
Resource resource, string actionName, string claimSetName)
{
var effectiveActionAndStrategy = new EffectiveActionAndStrategy(resource.Name, actionName);
// Step 1: Process default metadata, top to bottom (least to most in terms of priority)
// Process ancestors first, top to bottom
var inheritedDefaultActionAndStrategyPairs =
(from r in resource.Ancestors
let pair = r.ActionAndStrategyPairs.SingleOrDefault(x => x.ActionName == actionName)
where pair != null
select new
{
OriginatingResourceName = r.Name,
ActionAndStrategy = pair
})
.Reverse()
.ToList();
foreach (var pair in inheritedDefaultActionAndStrategyPairs)
{
effectiveActionAndStrategy.TrySetAuthorizationStrategy(
pair.ActionAndStrategy.AuthorizationStrategy,
pair.OriginatingResourceName,
inherited: true,
isDefault: true);
}
var localActionAndStrategy = resource
.ActionAndStrategyPairs
.SingleOrDefault(x => x.ActionName == actionName)
?? ActionAndStrategy.Empty;
effectiveActionAndStrategy.TrySetAuthorizationStrategy(
localActionAndStrategy.AuthorizationStrategy,
resource.Name,
inherited: false,
isDefault: true);
// Step 2: Process from bottom to top (least to most in terms of priority)
// Are there any explicit settings on the resource for the current actiona and claim set?
ActionAndStrategy explicitActionAndStrategyForAction;
if (localActionAndStrategy.ExplicitActionAndStrategyByClaimSetName.TryGetValue(
claimSetName,
out explicitActionAndStrategyForAction))
{
// There was a claim set specific setting on the current resource
effectiveActionAndStrategy.TrySetActionGranted(inherited: false);
effectiveActionAndStrategy.TrySetAuthorizationStrategy(
explicitActionAndStrategyForAction.AuthorizationStrategy,
resource.Name,
inherited: false,
isDefault: false);
}
// Now look for explicit claim set overrides up the resource claim lineage
var claimsetOverridePermissions =
(from r in resource.Ancestors
let pair = r.ActionAndStrategyPairs.SingleOrDefault(x => x.ActionName == actionName)
let claimsetPair = GetClaimSetSpecificActionAndStrategy(pair, claimSetName)
where claimsetPair != null
select new
{
OriginatingResourceName = r.Name,
ActionAndStrategy = claimsetPair
})
.ToList();
foreach (var pair in claimsetOverridePermissions)
{
effectiveActionAndStrategy.TrySetActionGranted(inherited: true);
effectiveActionAndStrategy.TrySetAuthorizationStrategy(
pair.ActionAndStrategy.AuthorizationStrategy,
pair.OriginatingResourceName,
inherited: true,
isDefault: false);
}
return(effectiveActionAndStrategy);
}
private static string GetAuthorizationStrategyText(EffectiveActionAndStrategy effectiveActionAndStrategy)
{
// If there is no authorization strategy in effect, just return an empty string
if (string.IsNullOrEmpty(effectiveActionAndStrategy.AuthorizationStrategy))
{
return(string.Empty);
}
//bool authStrategyLocalAndClaimSetSpecific =
//!effectiveActionAndStrategy.AuthorizationStrategyInherited
//&& !effectiveActionAndStrategy.AuthorizationStrategyIsDefault;
var sb = new StringBuilder();
// Inherited settings are grayed and italicized
if (effectiveActionAndStrategy.AuthorizationStrategyInherited)
{
sb.Append(@"<font color=""#a0a0a0""><i>");
}
// Claim Set specific settings are bold-faced
if (!effectiveActionAndStrategy.AuthorizationStrategyIsDefault)
{
sb.Append("<b>");
}
// Append the strategy name
sb.Append(effectiveActionAndStrategy.AuthorizationStrategy);
// Claim Set specific settings are bold-faced
if (!effectiveActionAndStrategy.AuthorizationStrategyIsDefault)
{
sb.Append("</b>");
}
// Inherited settings are grayed and italicized
if (effectiveActionAndStrategy.AuthorizationStrategyInherited)
{
sb.Append(@"</i></font>");
}
// Look for overrides
if (effectiveActionAndStrategy.OverriddenClaimSetAuthorizationStrategy != null)
{
// Overrides are displayed in red, strikethrough font (Claim Set overrides are bold-faced too)
sb.Append(@"<BR/><font color=""#FF0000""><s><b>");
if (effectiveActionAndStrategy.OverriddenClaimSetAuthorizationStrategyInherited)
{
sb.Append(@"<i>");
}
sb.Append(effectiveActionAndStrategy.OverriddenClaimSetAuthorizationStrategy);
if (effectiveActionAndStrategy.OverriddenClaimSetAuthorizationStrategyInherited)
{
// Add on originating resource name for the inherited overrides
sb.Append(@" (" + effectiveActionAndStrategy.OverriddenClaimSetAuthorizationStrategyOriginatingResourceName + ")");
sb.Append(@"</i>");
}
sb.Append(@"</b></s></font>");
}
if (effectiveActionAndStrategy.OverriddenDefaultAuthorizationStrategy != null)
{
// Overrides are displayed in red, strikethrough font
sb.Append(@"<BR/><font color=""#FF0000""><s>");
if (effectiveActionAndStrategy.OverriddenDefaultAuthorizationStrategyInherited)
{
sb.Append(@"<i>");
}
sb.Append(effectiveActionAndStrategy.OverriddenDefaultAuthorizationStrategy);
if (effectiveActionAndStrategy.OverriddenDefaultAuthorizationStrategyInherited)
{
// Add on originating resource name for the inherited overrides
sb.Append(@" (" + effectiveActionAndStrategy.OverriddenDefaultAuthorizationStrategyOriginatingResourceName + ")");
sb.Append(@"</i>");
}
sb.Append(@"</s></font>");
}
return(sb.ToString());
}
private static string EmphasizeExplicitStop(EffectiveActionAndStrategy effectiveActionAndStrategy)
{
return(!effectiveActionAndStrategy.ActionInherited
? "</B>"
: string.Empty);
}
