protected virtual void ApplySecurityRules(SecurityResourceConfigurationInfo src, SecuredResourceContainerInfo resourceContainer, ISecurityConfiguration securityConfiguration)
{
foreach (SecuredResourceInfo resource in resourceContainer.SecuredResources)
{
List <Object> securedResources = securityConfiguration.GetSecuredResource(resource.Scope, resource.Name);
if (securedResources == null)
{
return;
}
if (securedResources.Count > 0)
{
var minLevel = resource.ConfigurationOptions.Select(option => option.Level).Min();
var restrictiveOptions = from option in resource.ConfigurationOptions
where option.Level == minLevel
select option;
List <ConfigurationOptionInfo> applicableOptions = new List <ConfigurationOptionInfo>(restrictiveOptions);
string[] allRoleNames = (from roles in src.SecurityRoles select roles.Name).ToArray();
// new string[src.SecurityRoles.Count];
//foreach (SecurityRoleInfo role in src.SecurityRoles)
//{
// allRoleNames[allRoleNames.Length-1] = role.Name;
//}
List <string> userRoleNames = UserBLL.HasRoles(
UserBLL.GetCurrentUser(),
allRoleNames);
var anyRoles = from role in src.SecurityRoles where (from userRole in userRoleNames where role.Name == userRole select userRole).Any() select role;
foreach (SecurityRoleInfo role in
(from role in src.SecurityRoles where (from userRole in userRoleNames where role.Name == userRole select userRole).Any() select role))
{
var grantedOptions = role.GrantedResourceContainers.Where(grc => grc.Name == resourceContainer.Name)
.SelectMany(grc => grc.GrantedResources.Where(gr => (gr.Scope == resource.Scope) && (gr.Name == resource.Name)))
.Select(gr => gr.Option)
.SelectMany(grantedOption => resource.ConfigurationOptions.Where(option => option.OptionId == grantedOption)
.Select(option => option));
foreach (ConfigurationOptionInfo option in grantedOptions)
{
if (applicableOptions.RemoveAll(ao => (ao.Property == option.Property) && (ao.Level < option.Level)) > 0)
{
applicableOptions.Add(option);
}
}
}
foreach (ConfigurationOptionInfo applicableOption in applicableOptions)
{
foreach (object securedResource in securedResources)
{
PropertyInfo optionProperty = securedResource.GetType().GetProperty(applicableOption.Property);
optionProperty.SetValue(securedResource, Convert.ChangeType(applicableOption.Value, optionProperty.PropertyType), null);
}
}
}
}
}
protected override void OnPreRenderComplete(EventArgs e)
{
XmlSerializer s = new XmlSerializer(typeof(SecurityResourceConfigurationInfo));
Stream stream = null;
SecurityResourceConfigurationInfo src = null;
try
{
stream = File.OpenRead(HttpContext.Current.Request.PhysicalApplicationPath + ConfigurationManager.AppSettings["SecurityConfigurationFile"]);
src = (SecurityResourceConfigurationInfo)s.Deserialize(stream);
}
catch (Exception)
{
}
finally
{
stream.Close();
}
if (src == null)
{
return;
}
if (Page is ISecurityConfiguration)
{
var pageFileQuery = from container in src.SecuredResourceContainers
where (container.Name.ToUpper() == Request.Path.ToUpper())
select container;
if (pageFileQuery.Count() > 0)
{
ApplySecurityRules(src, pageFileQuery.ElementAt(0), (ISecurityConfiguration)Page);
}
}
List <UserControl> userControls = new List <UserControl>();
AccumulateUserControls(this, userControls);
foreach (UserControl userControl in userControls)
{
if (userControl is ISecurityConfiguration)
{
var userControlFileQuery = from container in src.SecuredResourceContainers
where (container.Name.ToUpper() == userControl.AppRelativeVirtualPath.Substring(1).ToUpper())
select container;
if (userControlFileQuery.Count() > 0)
{
ApplySecurityRules(src, userControlFileQuery.ElementAt(0), (ISecurityConfiguration)userControl);
}
}
}
base.OnPreRenderComplete(e);
}
protected void Application_PostAcquireRequestState(object sender, EventArgs e)
{
string formName = Request.AppRelativeCurrentExecutionFilePath.Substring(1);
if ((formName.ToUpper() == "/SelectWarehouse.aspx".ToUpper()) ||
(formName.ToUpper() == "/AccessDenied.aspx".ToUpper()) ||
(formName.ToUpper() == "/ErrorPage.aspx".ToUpper()) ||
new FileInfo(formName.Substring(1)).Extension.ToUpper() != ".aspx".ToUpper())
{
return;
}
if (Session["CurrentWarehouse"] == null)
{
Response.Redirect("SelectWarehouse.aspx", true);
}
XmlSerializer s = new XmlSerializer(typeof(SecurityResourceConfigurationInfo));
Stream stream = null;
SecurityResourceConfigurationInfo src = null;
try
{
stream = File.OpenRead(HttpContext.Current.Request.PhysicalApplicationPath + ConfigurationManager.AppSettings["SecurityConfigurationFile"]);
src = (SecurityResourceConfigurationInfo)s.Deserialize(stream);
}
catch (Exception)
{
}
finally
{
stream.Close();
}
if (src == null)
{
return;
}
string[] allRoleNames = new string[src.SecurityRoles.Count];
int i = 0;
foreach (SecurityRoleInfo role in src.SecurityRoles)
{
allRoleNames[i++] = role.Name;
}
List <string> userRoleNames = null;
if (formName == "/SelectWarehouse.aspx")
{
userRoleNames = UserBLL.HasRoles(
UserBLL.GetCurrentUser(),
allRoleNames);
}
else
{
userRoleNames = UserBLL.HasRoles(
UserBLL.GetCurrentUser(),
allRoleNames);
}
var forms = from role in src.SecurityRoles
where userRoleNames.Any(urn => urn == role.Name) && role.GrantedResourceContainers.Any(gr => gr.Name == formName)
select role;
if (forms.Count() == 0)
{
Response.Redirect("AccessDenied.aspx");
}
}
//helper method for applying the security rules of the application
private void AppllySecurityRules(string pageName, GINGridViewerDriver driver)
{
XmlSerializer s = new XmlSerializer(typeof(SecurityResourceConfigurationInfo));
SecurityResourceConfigurationInfo src = null;
using (Stream stream = File.OpenRead(HttpContext.Current.Request.PhysicalApplicationPath + ConfigurationManager.AppSettings["SecurityConfigurationFile"]))
{
try
{
src = (SecurityResourceConfigurationInfo)s.Deserialize(stream);
}
catch (Exception)
{
}
}
if (src == null)
{
return;
}
List <string> allRoleNames = new List <string>();
foreach (SecurityRoleInfo role in src.SecurityRoles)
{
allRoleNames.Add(role.Name);
}
List <string> userRoleNames = UserBLL.HasRoles(
UserBLL.GetCurrentUser(),
allRoleNames.ToArray());
foreach (SecurityRoleInfo role in
(from role in src.SecurityRoles where (from userRole in userRoleNames where role.Name == userRole select userRole).Any() select role))
{
SecuredResourceContainerInfo resourceContainer = src.SecuredResourceContainers.Find(cont => cont.Name == pageName);
if (resourceContainer == null)
{
break;
}
foreach (GINColumnDescriptor column in driver.Columns)
{
SecuredResourceInfo securedResource = resourceContainer.SecuredResources.Find(sr => (sr.Scope == driver.Name) && (sr.Name == column.Name));
if (securedResource != null)
{
var minLevel = securedResource.ConfigurationOptions.Select(option => option.Level).Min();
var restrictiveOptions = from option in securedResource.ConfigurationOptions
where option.Level == minLevel
select option;
List <ConfigurationOptionInfo> applicableOptions = new List <ConfigurationOptionInfo>(restrictiveOptions);
var grantedOptions = role.GrantedResourceContainers.Where(grc => grc.Name == resourceContainer.Name)
.SelectMany(grc => grc.GrantedResources.Where(gr => (gr.Scope == securedResource.Scope) && (gr.Name == securedResource.Name))
.Select(gr => gr.Option)
.SelectMany(grantedOption => securedResource.ConfigurationOptions.Where(option => option.OptionId == grantedOption)
.Select(option => option)));
foreach (ConfigurationOptionInfo option in grantedOptions)
{
if (applicableOptions.RemoveAll(ao => (ao.Property == option.Property) && (ao.Level < option.Level)) > 0)
{
applicableOptions.Add(option);
}
}
foreach (ConfigurationOptionInfo applicableOption in applicableOptions)
{
PropertyInfo optionProperty = column.GetType().GetProperty(applicableOption.Property);
optionProperty.SetValue(column, Convert.ChangeType(applicableOption.Value, optionProperty.PropertyType), null);
}
}
}
}
}
