public PushResponseBuilder(ISession session, PushRequest pushRequest, IAccessControlLists acls)
{
this.session = session;
this.pushRequest = pushRequest;
this.acls = acls;
this.metaPopulation = this.session.Database.MetaPopulation;
}
public static bool Set(this Step step, IObject @object, IAccessControlLists acls, object value)
{
var acl = acls[@object];
if (step.ExistNext)
{
if (acl.CanRead(step.PropertyType))
{
if (step.PropertyType.Get(@object.Strategy) is IObject property)
{
step.Next.Set(property, acls, value);
return(true);
}
}
return(false);
}
if (step.PropertyType is RoleType roleType)
{
if (acl.CanWrite(roleType))
{
roleType.Set(@object.Strategy, value);
return(true);
}
}
return(false);
}
public PullInstantiate(ISession session, Pull pull, IAccessControlLists acls, IFetchService fetchService)
{
this.session = session;
this.pull = pull;
this.fetchService = fetchService;
this.acls = acls;
}
public PullExtent(ISession session, Pull pull, IAccessControlLists acls, IExtentService extentService, IFetchService fetchService)
{
this.session = session;
this.pull = pull;
this.extentService = extentService;
this.fetchService = fetchService;
this.acls = acls;
}
internal AccessControlList(IAccessControlLists accessControlLists, IObject @object)
{
this.AccessControlLists = accessControlLists;
this.Object = (Object)@object;
this.classId = this.Object.Strategy.Class.Id;
this.lazyLoaded = false;
}
public PullResponseBuilder(IAccessControlLists acls, ITreeService treeService)
{
this.acls = acls;
this.treeService = treeService;
this.objects = new HashSet <IObject>();
this.accessControlsWriter = new AccessControlsWriter(this.acls);
this.permissionsWriter = new PermissionsWriter(this.acls);
}
public SyncResponseBuilder(ISession session, SyncRequest syncRequest, IAccessControlLists acls)
{
this.session = session;
this.syncRequest = syncRequest;
this.acls = acls;
this.accessControlsWriter = new AccessControlsWriter(this.acls);
this.permissionsWriter = new PermissionsWriter(this.acls);
}
public InvokeResponseBuilder(ISession session, InvokeRequest invokeRequest, IAccessControlLists acls)
{
this.session = session;
this.invocations = invokeRequest.i;
this.isolated = invokeRequest.o?.i ?? false;
this.continueOnError = invokeRequest.o?.c ?? false;
this.acls = acls;
}
public static void Resolve(this Node[] treeNodes, IObject @object, IAccessControlLists acls, ISet <IObject> objects)
{
if (@object != null)
{
foreach (var node in treeNodes)
{
node.Resolve(@object, acls, objects);
}
}
}
public static void Ensure(this Step step, IObject @object, IAccessControlLists acls)
{
var acl = acls[@object];
if (step.PropertyType is RoleType roleType)
{
if (roleType.IsMany)
{
throw new NotSupportedException("RoleType with muliplicity many");
}
if (roleType.ObjectType.IsComposite)
{
if (acl.CanRead(roleType))
{
var role = roleType.Get(@object.Strategy);
if (role == null)
{
if (acl.CanWrite(roleType))
{
role = @object.Strategy.Session.Create((Class)roleType.ObjectType);
roleType.Set(@object.Strategy, role);
}
}
if (step.ExistNext)
{
if (role is IObject next)
{
step.Next.Ensure(next, acls);
}
}
}
}
}
else
{
var associationType = (AssociationType)step.PropertyType;
if (associationType.IsMany)
{
throw new NotSupportedException("AssociationType with muliplicity many");
}
if (acl.CanRead(associationType))
{
if (associationType.Get(@object.Strategy) is IObject association)
{
if (step.ExistNext)
{
step.Next.Ensure(association, acls);
}
}
}
}
}
internal AccessControlList(IAccessControlLists accessControlLists, IObject @object, bool isWorkspace)
{
this.deniedPermissionFilter = isWorkspace
? (Func <Permission, bool>)WorkspaceDeniedPermissionFilter
: DatabaseDeniedPermissionFilter;
this.AccessControlLists = accessControlLists;
this.Object = (Object)@object;
this.classId = this.Object.Strategy.Class.Id;
this.lazyLoaded = false;
}
public static object Get(this Step step, IObject @object, IAccessControlLists acls)
{
var acl = acls[@object];
if (acl.CanRead(step.PropertyType))
{
if (step.ExistNext)
{
var currentValue = step.PropertyType.Get(@object.Strategy);
if (currentValue != null)
{
if (currentValue is IObject)
{
return(step.Next.Get((IObject)currentValue, acls));
}
var results = new HashSet <object>();
foreach (var item in (IEnumerable)currentValue)
{
var nextValueResult = step.Next.Get((IObject)item, acls);
if (nextValueResult is HashSet <object> )
{
results.UnionWith((HashSet <object>)nextValueResult);
}
else
{
results.Add(nextValueResult);
}
}
return(results);
}
}
return(step.PropertyType.Get(@object.Strategy));
}
return(null);
}
internal PermissionsWriter(IAccessControlLists acls)
{
this.acls = acls;
}
public static void Resolve(this Node @this, IObject @object, IAccessControlLists acls, ISet <IObject> objects)
{
if (@object != null)
{
var acl = acls[@object];
if (acl.CanRead(@this.PropertyType))
{
if (@this.PropertyType is IRoleType roleType)
{
if (roleType.ObjectType.IsComposite)
{
if (roleType.IsOne)
{
var role = @object.Strategy.GetCompositeRole(roleType.RelationType);
if (role != null)
{
objects.Add(role);
foreach (var node in @this.Nodes)
{
node.Resolve(role, acls, objects);
}
}
}
else
{
var roles = @object.Strategy.GetCompositeRoles(roleType.RelationType);
foreach (IObject role in roles)
{
objects.Add(role);
foreach (var node in @this.Nodes)
{
node.Resolve(role, acls, objects);
}
}
}
}
}
else if (@this.PropertyType is IAssociationType associationType)
{
if (associationType.IsOne)
{
var association = @object.Strategy.GetCompositeAssociation(associationType.RelationType);
if (association != null)
{
objects.Add(association);
foreach (var node in @this.Nodes)
{
node.Resolve(association, acls, objects);
}
}
}
else
{
var associations = @object.Strategy.GetCompositeAssociations(associationType.RelationType);
foreach (IObject association in associations)
{
objects.Add(association);
foreach (var node in @this.Nodes)
{
node.Resolve(association, acls, objects);
}
}
}
}
}
}
}
public SecurityResponseBuilder(ISession session, SecurityRequest securityRequest, IAccessControlLists acls)
{
this.session = session;
this.securityRequest = securityRequest;
this.acls = acls;
}
internal AccessControlsWriter(IAccessControlLists acls)
{
this.acls = acls;
}
public static void Ensure(this Fetch fetch, IObject allorsObject, IAccessControlLists acls) => fetch.Step.Ensure(allorsObject, acls);
public static bool Set(this Fetch fetch, IObject allorsObject, IAccessControlLists acls, object value) => fetch.Step != null && fetch.Step.Set(allorsObject, acls, value);
public static object Get(this Fetch fetch, IObject allorsObject, IAccessControlLists acls) => fetch.Step == null ? allorsObject : fetch.Step.Get(allorsObject, acls);
