/// <summary>
/// Checks if the given user has access
/// </summary>
/// <param name="type">What kind of statement to be generated</param>
/// <param name="tableName">Table name</param>
/// <param name="idColName">Id column name</param>
/// <param name="rowId">Row id</param>
/// <param name="tableAlias">Optional table alias e.g. SQL = TableName as tn, tableAlias="tn"</param>
/// <param name="userId">User id</param>
/// <param name="userBitMask">User id converted to bit mask</param>
/// <param name="userGroupBitMask">User access groups converted to bit mask</param>
/// <returns>True if the user has access</returns>
public bool HasAccess(AccessRightType type, string tableName, string idColName, object rowId, int userId, string userBitMask, string userGroupBitMask)
{
var accessRights = GenerateAccessRightsStatement(type, userId, userBitMask, userGroupBitMask);
return(sqlService.OpenConnection((connection) =>
{
var hasAccess = connection.Query <object>($"SELECT {idColName} FROM {tableName} " +
$"WHERE {idColName} = :rowId AND {accessRights}", new { rowId });
return hasAccess.Any();
}));
}
public Form_AccessRights(AccessRightType _type)
{
InitializeComponent();
type = _type;
groupBox_UserName.Location = groupBox_ProcessName.Location;
textBox_FileAccessFlags.Text = FilterAPI.ALLOW_MAX_RIGHT_ACCESS.ToString();
switch (type)
{
case AccessRightType.ProcessNameRight: groupBox_ProcessName.Visible = true; break;
case AccessRightType.ProccessIdRight: groupBox_ProcessId.Visible = true; break;
case AccessRightType.UserNameRight: groupBox_UserName.Visible = true; break;
}
}
/// <summary>
/// Creates the where condition for a particular table and row
/// </summary>
/// <param name="type">What kind of statement to be generated</param>
/// <param name="tableAlias">Optional table alias e.g. SLQ = TableName as tn, tableAlias="tn"</param>
/// <param name="userId">User id</param>
/// <param name="userBitMask">User id converted to bit mask</param>
/// <param name="userGroupBitMask">User access groups converted to bit mask</param>
/// <returns>Where condition for a row level access control</returns>
public string GenerateAccessRightsStatement(AccessRightType type, int userId, string userBitMask, string userGroupBitMask, string tableAlias = "")
{
if (type == AccessRightType.Read)
{
return(GenerateStatement(userId, "UserReadAccess", "GroupReadAccess", userBitMask, userGroupBitMask, tableAlias));
}
else if (type == AccessRightType.Write)
{
return(GenerateStatement(userId, "UserWriteAccess", "GroupWriteAccess", userBitMask, userGroupBitMask, tableAlias));
}
else if (type == AccessRightType.Full)
{
return(GenerateStatement(userId, "UserFullAccess", "GroupFullAccess", userBitMask, userGroupBitMask, tableAlias));
}
else
{
return(string.Empty);
}
}
/// <summary>
/// Checks if the given user has access
/// </summary>
/// <param name="type">What kind of statement to be generated</param>
/// <param name="tableName">Table name</param>
/// <param name="idColName">Id column name</param>
/// <param name="rowId">Row id</param>
/// <param name="session">Session instance</param>
/// <returns>True if the user has access</returns>
public bool HasAccess(AccessRightType type, string tableName, string idColName, object rowId, Session.Session session)
{
return(HasAccess(type, tableName, idColName, rowId, session.UserId,
session.UserBitMask, session.UserAccessGroupsBitMask));
}
public AccessRight(string resourseId, AccessRightType accessRightType)
{
ResourseId = resourseId;
AccessRightType = accessRightType;
}
