public SecurityTool(ISecurity objSecurity, ISecurityAction securityAction, IList roles) { _objSecurity = objSecurity; _securityString = objSecurity.Security; objAction = securityAction; _rolesAll = roles; }
public SecurityTool( ISecurity objSecurity, ISecurityAction securityAction, IList roles ) { _objSecurity = objSecurity; _securityString = objSecurity.Security; objAction = securityAction; _rolesAll = roles; }
public when_checking_can_authorize_with_target_that_can_authorize() { action_that_can_authorize = new MySecurityAction(_ => true, _ => null); action_that_cannot_authorize = new MySecurityAction(_ => true, _ => null); descriptor = new SecurityDescriptor(); descriptor.AddAction(action_that_cannot_authorize); descriptor.AddAction(action_that_can_authorize); }
public when_checking_can_authorize_with_target_that_can_authorize() { action_that_can_authorize = new MySecurityAction(o => true, o => null); action_that_cannot_authorize = new MySecurityAction(o => true, ObjectDisposedException => null); descriptor = new BaseSecurityDescriptor(); descriptor.AddAction(action_that_cannot_authorize); descriptor.AddAction(action_that_can_authorize); }
public when_checking_can_authorize_with_no_targets_that_can_authorize() { action_that_cannot_authorize = new MySecurityAction(o => false, o => null); another_action_that_cannot_authorize = new MySecurityAction(o => false, o => null); descriptor = new BaseSecurityDescriptor(); descriptor.AddAction(another_action_that_cannot_authorize); descriptor.AddAction(action_that_cannot_authorize); }
public when_checking_can_authorize_with_no_targets_that_can_authorize() { action_that_cannot_authorize = new MySecurityAction(o => false,o => null); another_action_that_cannot_authorize = new MySecurityAction(o => false,o => null); descriptor = new BaseSecurityDescriptor(); descriptor.AddAction(another_action_that_cannot_authorize); descriptor.AddAction(action_that_cannot_authorize); }
public when_checking_can_authorize_with_target_that_can_authorize() { action_that_can_authorize = new MySecurityAction(o => true, o => null); action_that_cannot_authorize = new MySecurityAction(o => true, ObjectDisposedException => null); descriptor = new BaseSecurityDescriptor(); descriptor.AddAction(action_that_cannot_authorize); descriptor.AddAction(action_that_can_authorize); }
//------------------------------------------- protected Boolean hasAction(IList actions, ISecurityAction action) { foreach (ISecurityAction ma in actions) { if (ma.Id == action.Id) { return(true); } } return(false); }
public Boolean HasAction(IRole role, ISecurityAction a) { IList actions = GetActionsByRole(role); foreach (ISecurityAction action in actions) { if (action.Id == a.Id) { return(true); } } return(false); }
//---------------------------------------------------------------------------------------------------------------------------------- private String addAttachment(ForumBoard board, ForumPost data, List <Attachment> attachList, String content) { if (attachList.Count <= 0) { return(content); } ISecurityAction action = SecurityAction.GetByAction(new AttachmentController().Show); Boolean hasAction = SecurityHelper.HasAction((User)ctx.viewer.obj, board, action, ctx); if (!hasAction) { String amsg = string.Format(alang("attachmentsInfo"), attachList.Count); return(content + "<div class=\"attachmentForbidden\"><span class=\"afText\">" + alang("exAttachmentView") + "</span>(<span class=\"afInfo\">" + amsg + "</span>)</div>"); } StringBuilder sb = new StringBuilder(); String created = getAttachmentLastUpdateTime(attachList).ToString(); sb.Append("<div class=\"hr\"></div><div class=\"attachmentTitleWrap\"><div class=\"attachmentTitle\">" + alang("attachment") + " <span class=\"note\">(" + created + ")</span> "); if (ctx.viewer.Id == data.Creator.Id || hasAdminPermission(data)) { sb.AppendFormat("<a href=\"{0}\">" + alang("adminAttachment") + "</a>", to(new Edits.AttachmentController().Admin, data.TopicId)); } sb.Append("</div></div><ul class=\"attachmentList\">"); foreach (Attachment attachment in attachList) { string fileName = attachment.GetFileShowName(); if (attachment.IsImage) { sb.AppendFormat("<li><div>{0} <span class=\"note\">({1}KB, {2})</span></div>", fileName, attachment.FileSizeKB, attachment.Created); sb.AppendFormat("<div><a href=\"{0}\" target=\"_blank\"><img src=\"{1}\" /></a></div></li>", attachment.FileUrl, attachment.FileMediuUrl); } else { sb.AppendFormat("<li><div>{0} <span class=\"note right10\">({1}KB, {2})</span>", fileName, attachment.FileSizeKB, attachment.Created); sb.AppendFormat("<img src=\"{1}\" /><a href=\"{0}\" target=\"_blank\">" + alang("hitDownload") + "</a></div>", to(new AttachmentController().Show, attachment.Id) + "?id=" + attachment.Guid, strUtil.Join(sys.Path.Img, "/s/download.png")); } } sb.Append("</ul>"); content = string.Format("<div>{0}</div><div id=\"attachmentPanel\">{1}</div>", content, sb.ToString()); return(content); }
protected void addActionToRole(Hashtable results, String rkey, int aid) { IList actions = results[rkey] as IList; if (actions == null) { actions = new ArrayList(); results[rkey] = actions; } ISecurityAction action = objAction.GetById(aid); if (action != null) { actions.Add(action); } }
//---------------------------------------------------------------------- public static Boolean HasAction(User user, ISecurity objSecurity, ISecurityAction action, MvcContext ctx) { SecurityTool securityTool = ForumSecurityService.GetSecurityTool(objSecurity, ctx); Boolean hasAction = securityTool.HasAction(user.Role, action); if (hasAction) { return(true); } hasAction = securityTool.HasAction(user.Rank, action); if (hasAction) { return(true); } if (ctx.owner.obj.GetType() != typeof(Site)) { IRole roleInOwner = ctx.owner.obj.GetUserRole(user); hasAction = securityTool.HasAction(roleInOwner, action); if (hasAction) { return(true); } } if (new ModeratorService().IsModerator(objSecurity as ForumBoard, user)) { hasAction = securityTool.HasAction(ForumRole.Moderator, action); if (hasAction) { return(true); } } return(false); }
//---------------------------------------------------------------------- public static Boolean HasAction( User user, ISecurity objSecurity, ISecurityAction action, MvcContext ctx ) { SecurityTool securityTool = ForumSecurityService.GetSecurityTool( objSecurity, ctx ); Boolean hasAction = securityTool.HasAction( user.Role, action ); if (hasAction) return true; hasAction = securityTool.HasAction( user.Rank, action ); if (hasAction) return true; if (ctx.owner.obj.GetType() != typeof( Site )) { IRole roleInOwner = ctx.owner.obj.GetUserRole( user ); hasAction = securityTool.HasAction( roleInOwner, action ); if (hasAction) return true; } if (new ModeratorService().IsModerator( objSecurity as ForumBoard, user )) { hasAction = securityTool.HasAction( ForumRole.Moderator, action ); if (hasAction) return true; } return false; }
private String getInputValue(IRole role, ISecurityAction action) { //return string.Format( "{0}_{1}_{2}", role.TypeFullName, role.TypeId, action.Id ); return(string.Format("{0}_{1}_{2}", role.Role.GetType().FullName, role.Role.Id, action.Id)); }
public void AddAction(ISecurityAction securityAction) { _actions.Add(securityAction); }
//------------------------------------------- protected Boolean hasAction( IList actions, ISecurityAction action ) { foreach (ISecurityAction ma in actions) { if (ma.Id == action.Id) return true; } return false; }
public Boolean HasAction( IRole role, ISecurityAction a ) { IList actions = GetActionsByRole( role ); foreach (ISecurityAction action in actions) { if (action.Id == a.Id) return true; } return false; }
/// <summary> /// ����û����Ƿ���е�ǰ�ڵ��Ȩ�� /// </summary> /// <param name="user">����û�</param> /// <param name="action">��ȫ�ڵ�</param> /// <param name="isRunScript">�Ƿ���нű����</param> /// <returns></returns> public bool CheckSecurityAction(IUser user, ISecurityAction action, bool isRunScript) { if (!isRunScript) { return user.RoleNames.Any(n => _roles.ContainsKey(n) && _roles[n].Contain(action.Key)); } var scope = ScriptEngine.CreateScope(); scope.SetVariable("User", user); scope.SetVariable("Action", action); scope.SetVariable("�û�", user); scope.SetVariable("��ȫ�ڵ�", action); scope.SetVariable("ͨ��", true); scope.SetVariable("�ܾ�", false); return user.RoleNames.Any(n => _roles.ContainsKey(n) && _roles[n].Contain(action, ScriptEngine, ScriptScope)); }
/// <summary> /// Tacks the action. /// </summary> /// <param name="action">The action.</param> private void TackAction(ISecurityAction action) { if (action == null) return; _securityActions.Add(action.Key, action); if (action.Children == null) return; foreach (var child in action.Children) { TackAction(child); } }
private String getInputValue( IRole role, ISecurityAction action ) { //return string.Format( "{0}_{1}_{2}", role.TypeFullName, role.TypeId, action.Id ); return string.Format( "{0}_{1}_{2}", role.Role.GetType().FullName, role.Role.Id, action.Id ); }
public void AddChild(ISecurityAction action) { if (Children == null) Children = new HashSet<ISecurityAction>(); if (!Children.Contains(action)) { action.Parent = this; Children.Add(action); } }
public SecurityTool(ISecurity objSecurity, ISecurityAction securityAction) { _objSecurity = objSecurity; _securityString = objSecurity.Security; objAction = securityAction; }
/// <summary> /// Instantiates an instance of <see cref="AuthorizeActionResult"/> for the specificed <see cref="ISecurityAction"/> /// </summary> /// <param name="action"><see cref="ISecurityAction"/> that this <see cref="AuthorizeActionResult"/> pertains to.</param> public AuthorizeActionResult(ISecurityAction action) { Action = action; }
public SecurityTool( ISecurity objSecurity, ISecurityAction securityAction ) { _objSecurity = objSecurity; _securityString = objSecurity.Security; objAction = securityAction; }
public override bool Contain(ISecurityAction action, ScriptEngine engine, ScriptScope scope) { return Contain(action.Key, engine, scope); }
/// <summary> /// Instantiates an instance of <see cref="AuthorizeActionResult"/> for the specificed <see cref="ISecurityAction"/> /// </summary> /// <param name="action"><see cref="ISecurityAction"/> that this <see cref="AuthorizeActionResult"/> pertains to.</param> public AuthorizeActionResult(ISecurityAction action) { Action = action; }