Esempi in C# (CSharp) per PrivacyABAC.Core.Service ConditionalExpressionService.Evaluate

Esempio n. 1

File: AccessControlService.cs Progetto: xuansonha17031991/privacy-aware-access-control-model

        private AccessControlEffect CollectionAccessControlProcess(Subject subject, Resource resource, string action, EnvironmentObject environment)
        {
            AccessControlEffect result = AccessControlEffect.NotApplicable;

            ICollection <AccessControlPolicy> collectionPolicies = _accessControlPolicyRepository.Get(resource.Name, action, false);

            string policyCombining = _policyCombiningRepository.GetRuleCombining(collectionPolicies);

            var targetPolicies = new List <AccessControlPolicy>();

            foreach (var policy in collectionPolicies)
            {
                bool isTarget = _expressionService.Evaluate(policy.Target, subject.Data, null, environment.Data);
                if (isTarget)
                {
                    targetPolicies.Add(policy);
                }
            }

            foreach (var policy in targetPolicies)
            {
                string policyEffect = String.Empty;

                foreach (var rule in policy.Rules)
                {
                    bool isApplied = _expressionService.Evaluate(rule.Condition, subject.Data, null, environment.Data);
                    if (isApplied && rule.Effect.Equals("Permit") && policy.RuleCombining.Equals("permit-overrides"))
                    {
                        policyEffect = "Permit";
                        break;
                    }
                    if (isApplied && rule.Effect.Equals("Deny") && policy.RuleCombining.Equals("deny-overrides"))
                    {
                        policyEffect = "Deny";
                        break;
                    }
                }
                if (policyEffect.Equals("Permit") && policyCombining.Equals("permit-overrides"))
                {
                    result = AccessControlEffect.Permit;
                    break;
                }
                else if (policyEffect.Equals("Deny") && policyCombining.Equals("deny-overrides"))
                {
                    result = AccessControlEffect.Deny;
                    break;
                }
            }
            return(result);
        }

Esempio n. 2

File: PrivacyService.cs Progetto: xuansonha17031991/privacy-aware-access-control-model

        private IDictionary <string, string> GetFieldCollectionRules(Subject subject, Resource resource, string action, EnvironmentObject environment)
        {
            var policies       = _privacyPolicyRepository.GetPolicies(resource.Name, false);
            var targetPolicies = new List <PrivacyPolicy>();

            foreach (var policy in policies)
            {
                bool isTarget = _expressionService.Evaluate(policy.Target, subject.Data, null, environment.Data);
                if (isTarget)
                {
                    targetPolicies.Add(policy);
                }
            }
            var fieldCollectionRules = new Dictionary <string, string>();

            foreach (var policy in targetPolicies)
            {
                foreach (var collectionField in policy.Rules)
                {
                    bool isApplied = _expressionService.Evaluate(collectionField.Condition, subject.Data, null, environment.Data);
                    if (isApplied)
                    {
                        InsertPrivacyRule(fieldCollectionRules, collectionField.FieldEffects);
                    }
                }
            }
            return(fieldCollectionRules);
        }