public StoredItemSecurityContext(StoredObjectId item, IUserInfoStore user) { Condition.Requires(item).IsNotNull(); Condition.Requires(user).IsNotNull(); this.Item = item; this.User = user; }
public PerUserAccessCondition(StoredObjectId item, IUserInfoStore user) { Condition.Requires(item).IsNotNull(); Condition.Requires(user).IsNotNull(); this.Item = item; this.User = user; }
public StoreSecurityException(IHasId item, IUserInfoStore user, StoredItemAccessMode ruleType) : base(string.Format("{2} Access denied on {0} for {1}", item, user, ruleType)) { Condition.Requires(item).IsNotNull(); Condition.Requires(user).IsNotNull(); this._item = item; this._user = user; this._ruleType = ruleType; }
public override void GetObjectData(SerializationInfo info, StreamingContext context) { // call base base.GetObjectData(info, context); //pull out added info this._item = info.GetValue("_item", typeof(object)) as IHasId; this._user = info.GetValue("_user", typeof( object)) as IUserInfoStore; this._ruleType = (StoredItemAccessMode)info.GetValue("_ruleType", typeof(StoredItemAccessMode)); }
public override void GetObjectData(SerializationInfo info, StreamingContext context) { // call base base.GetObjectData(info, context); //pull out added info this._item = info.GetValue("_item", typeof(object)) as IHasId; this._user = info.GetValue("_user", typeof(object)) as IUserInfoStore; this._ruleType = (StoredItemAccessMode)info.GetValue("_ruleType", typeof(StoredItemAccessMode)); }
/// <summary> /// for a particular stored item, accessing user, and access mode, get all applicable rules, in order of least /// dependent rule to most /// </summary> /// <param name="ruleType"></param> /// <param name="storeItem"></param> /// <param name="user"></param> /// <returns></returns> protected List<StoreAccessRule> GetItemRulesForUser(StoredItemAccessMode ruleType, IHasId storeItem, IUserInfoStore user) { //first look for item specific rules, and null item rules SearchFilterOf<StoreAccessRule> filter = new SearchFilterOf<StoreAccessRule>((x) => { if (x.RuleType == ruleType && (x.Item == null || x.Item.Id.Equals(storeItem.Id))) return true; return false; }); var list = RuleStore.Search<StoreAccessRule>(filter); List<IHasDependencyOf<StoreAccessRule>> unsortedList = list.ConvertListTo<IHasDependencyOf<StoreAccessRule>, StoreAccessRule>(); //now order the list by dependency from least to most var sortedList = DependencyUtil.SortHasADependency(unsortedList); //return var sortedConvertedList = sortedList.ConvertListTo<StoreAccessRule, IHasDependencyOf<StoreAccessRule>>(); //add ALL overriding rules to the first on the list //RULE 1: The owner will always have full access to item sortedConvertedList.Insert(0, new StoreAccessRule("OWNER", ruleType, (ihasId, accessUser) => { if (accessUser.Id.Equals(user.Id)) { return true; } return null; })); return sortedConvertedList; }
protected bool HasAccessToItem(StoredItemAccessMode ruleType, IHasId storeItem, IUserInfoStore user) { var rules = this.GetItemRulesForUser(ruleType, storeItem, user); //if no rules are present, default to no access if (rules == null || rules.Count == 0) return false; foreach (var each in rules) { var res = each.HasAccess(storeItem, user); //if it's doesn't have a value the rule is skipped if (!res.HasValue) { continue; } return res.Value; } return false; }
protected void HasAccessToItemAndThrow(StoredItemAccessMode ruleType, IHasId storeItem, IUserInfoStore user) { if (!this.HasAccessToItem(ruleType, storeItem, user)) { throw new StoreSecurityException(storeItem, user, ruleType); } }
/// <summary> /// for a particular stored item, accessing user, and access mode, get all applicable rules, in order of least /// dependent rule to most /// </summary> /// <param name="ruleType"></param> /// <param name="storeItem"></param> /// <param name="user"></param> /// <returns></returns> protected List <StoreAccessRule> GetItemRulesForUser(StoredItemAccessMode ruleType, IHasId storeItem, IUserInfoStore user) { //first look for item specific rules, and null item rules SearchFilterOf <StoreAccessRule> filter = new SearchFilterOf <StoreAccessRule>((x) => { if (x.RuleType == ruleType && (x.Item == null || x.Item.Id.Equals(storeItem.Id))) { return(true); } return(false); }); var list = RuleStore.Search <StoreAccessRule>(filter); List <IHasDependencyOf <StoreAccessRule> > unsortedList = list.ConvertListTo <IHasDependencyOf <StoreAccessRule>, StoreAccessRule>(); //now order the list by dependency from least to most var sortedList = DependencyUtil.SortHasADependency(unsortedList); //return var sortedConvertedList = sortedList.ConvertListTo <StoreAccessRule, IHasDependencyOf <StoreAccessRule> >(); //add ALL overriding rules to the first on the list //RULE 1: The owner will always have full access to item sortedConvertedList.Insert(0, new StoreAccessRule("OWNER", ruleType, (ihasId, accessUser) => { if (accessUser.Id.Equals(user.Id)) { return(true); } return(null); })); return(sortedConvertedList); }
protected bool HasAccessToItem(StoredItemAccessMode ruleType, IHasId storeItem, IUserInfoStore user) { var rules = this.GetItemRulesForUser(ruleType, storeItem, user); //if no rules are present, default to no access if (rules == null || rules.Count == 0) { return(false); } foreach (var each in rules) { var res = each.HasAccess(storeItem, user); //if it's doesn't have a value the rule is skipped if (!res.HasValue) { continue; } return(res.Value); } return(false); }