public ILookup <BigTuple <Guid>, AclEntry> ParseAcls(string acl)
{
var res = from sentry in (acl ?? "").Split(',')
let parts = sentry.Split(':')
where parts.Length == 4
let entry = from subjId in Maybe.ParseGuid(parts[0])
from targetId in ParseTargetId(parts[1])
from privId in Maybe.ParseGuid(parts[2])
let skind = parts[3]
from kind in
string.Equals(skind, "allow", StringComparison.InvariantCultureIgnoreCase) ? Maybe.Value(AclEntryKind.Allow) :
string.Equals(skind, "deny", StringComparison.InvariantCultureIgnoreCase) ? Maybe.Value(AclEntryKind.Deny) :
Maybe.Null <AclEntryKind>()
from subj in SubjectProviders.Select(p => p.Find(subjId)).FirstOrDefault(s => s != null)
from priv in Privileges.FirstOrDefault(p => p.SID == privId)
select new { targetId, e = new AclEntry {
Subject = subj, Privilege = priv, Kind = kind
} }
where entry.Kind == MaybeKind.Value
select entry.Value;
return(res.ToLookup(x => x.targetId, x => x.e));
}
public AnnotatedAclEntry ResolveAclEntry(UnresolvedAclEntry e, SecurityTargetKind targetKind)
{
return(new AnnotatedAclEntry
{
Entry = new AclEntry
{
Privilege = Privileges.FirstOrDefault(p => p.SID == e.PrivilegeId),
Subject = _memoizer.Memoize(new { e.SubjectId }, sid => SubjectProviders.Select(p => p.Find(sid.SubjectId)).FirstOrDefault(s => s != null)),
Kind = e.Allow ? AclEntryKind.Allow : AclEntryKind.Deny
},
InheritedFrom = e.IsInherited ? ResolveTarget(e.SourceTarget, targetKind) : null
});
}