public bool IsGranted(string principal, Operation operation, string resource)
{
var operationString = operation.ToString().ToLowerInvariant();
if (Denied.Contains(resource, operationString, principal))
{
return(false);
}
// If read is denied also write should be denied.
if (operation == Operation.Write && Denied.Contains(resource, Operation.Read.ToString().ToLowerInvariant(), principal))
{
return(false);
}
if (Granted.Contains(resource, operationString, principal))
{
return(true);
}
// If write is granted also read should be granted.
if (operation == Operation.Read &&
Granted.Contains(resource, Operation.Write.ToString().ToLowerInvariant(), principal))
{
return(true);
}
return(false);
}
private string GetId()
{
return(string.Join("__",
Group,
(Owned ? "TRUE" : "FALSE"),
(Granted.Replace(" ", "_").Replace("-", "_").Replace("__", "_"))
).ToUpperInvariant());
}
private void OnAccessGranted(CommonOKMessage msg)
{
m_requestingAccess = false;
AccessGranted = true;
logger.Info("Access to auth. server granted");
#if DEBUG
Console.Beep(444, 200);
#endif
Granted?.Invoke(this);
}
private static void AddPlayer(Player player, Group playerGroup)
{
_playerGroups[player] = playerGroup;
Granted?.Invoke(player, playerGroup);
}
/// <summary>
/// Grant the role a permission.
/// </summary>
/// <param name="permission">Permission.</param>
protected void Grant(Permission permission)
{
Granted.Add(permission);
}
/// <summary>
/// Can role do Permission.
/// </summary>
/// <remarks>Is this role granted with this permission.</remarks>
/// <param name="permission">Permission.</param>
/// <returns>Boolean indicating whether it can.</returns>
public bool Can(Permission permission)
{
return(Granted.Contains(permission));
}
