protected void CheckSelfACP(OM2MAccessControlPolicyEntity acp, string originator, OM2MOperation operation)
{
if (acp != null && originator != null)
{
foreach (var rule in acp.SelfPrivileges)
{
if (CheckRule(rule, originator, operation))
{
return;
}
}
}
throw new OM2MException(OM2MResponseStatusCode.Forbidden);
}
private void InitACP()
{
using (var db = new OM2MDbContext())
{
var cseConfig = CseConfig;
var acpId = db.GenerateId();
var acpEntity = new OM2MAccessControlPolicyEntity();
acpEntity.ParentId = $"/{cseConfig.CseBaseId}";
acpEntity.CreationTime = OM2MTimeStamp.NowTimeStamp;
acpEntity.LastModifiedTime = acpEntity.CreationTime;
acpEntity.ResourceId = $"/{cseConfig.CseBaseId}/acp-{acpId}";
acpEntity.ResourceName = CseConfig.AdminAcpName;
acpEntity.ResourceType = (int)OM2MResourceType.AccessControlPolicy;
acpEntity.HierarchicalUri = $"/{cseConfig.CseBaseId}/{cseConfig.CseBaseName}/{acpEntity.ResourceName}";
var ruleEntity = new OM2MAccessControlRuleEntity();
ruleEntity.AccessControlOriginators.Add(CseConfig.AdminOriginator);
ruleEntity.AccessControlOperations = 63;
acpEntity.SelfPrivileges.Add(ruleEntity);
ruleEntity = new OM2MAccessControlRuleEntity();
ruleEntity.AccessControlOriginators.Add(CseConfig.AdminOriginator);
ruleEntity.AccessControlOriginators.Add($"/{cseConfig.CseBaseId}");
ruleEntity.AccessControlOperations = 63;
acpEntity.Privileges.Add(ruleEntity);
db.Resources.Add(acpEntity);
var uriMapEntity = new OM2MUriMapEntity();
uriMapEntity.Uri = acpEntity.HierarchicalUri;
uriMapEntity.ResourceId = acpEntity.ResourceId;
db.UriMaps.Add(uriMapEntity);
db.SaveChanges();
}
}
// ToDo:
public override OM2MResponsePrimitive DoCreate(OM2MRequestPrimitive request)
{
using (var db = CreateDbContext())
{
var query = db.Resources.Where(x => x.ResourceId == request.TargetId);
if (query.Count() == 0)
{
throw new OM2MNotFoundException("Can not find parent resource.");
}
var parentEntity = query.First();
var acpList = db.GetAcpList(parentEntity);
CheckACP(acpList, request.From, OM2MOperation.Create);
if (request.Content == null)
{
throw new OM2MBadRequestException("A content is required for creation.");
}
var entity = new OM2MAccessControlPolicyEntity();
var resource = request.Content as OM2MAccessControlPolicy;
if (resource == null)
{
throw new OM2MBadRequestException("Incorrect resource representation in content.");
}
if (resource.Privileges == null)
{
throw new OM2MBadRequestException("Privileges is mandatory.");
}
if (resource.SelfPrivileges == null)
{
throw new OM2MBadRequestException("SelfPrivileges is mandatory.");
}
entity.CreationTime = OM2MTimeStamp.NowTimeStamp;
entity.LastModifiedTime = entity.CreationTime;
entity.ParentId = parentEntity.ResourceId;
entity.ResourceType = (int)OM2MResourceType.AccessControlPolicy;
if (resource.ExpirationTime != null)
{
entity.ExpirationTime = resource.ExpirationTime;
}
if (resource.Labels != null)
{
entity.Labels.Clear();
entity.Labels.AddRange(resource.Labels);
}
if (resource.AnnounceTo != null)
{
entity.AnnounceTo.AddRange(resource.AnnounceTo);
}
if (resource.AnnouncedAttribute != null)
{
entity.AnnouncedAttribute.AddRange(resource.AnnouncedAttribute);
}
foreach (var rule in resource.Privileges.AccessControlRule)
{
entity.Privileges.Add(rule.ToEntity());
}
foreach (var rule in resource.SelfPrivileges.AccessControlRule)
{
entity.SelfPrivileges.Add(rule.ToEntity());
}
db.Resources.Add(entity);
db.SaveChanges();
var subs = db.Resources.OfType <OM2MSubscriptionEntity>().Where(x => x.ParentId == parentEntity.ResourceId).ToList();
CseService.Notify(subs, parentEntity, OM2MResourceStatus.ChildCreated);
var response = new OM2MResponsePrimitive(CseConfig, request);
response.Content = entity.ToResource(OM2MResultContent.Attributes);
response.ResponseStatusCode = OM2MResponseStatusCode.Created;
return(response);
}
}
public override OM2MResponsePrimitive DoCreate(OM2MRequestPrimitive request)
{
using (var db = CreateDbContext())
{
var parentEntity = db.Resources.Find(request.TargetId);
if (parentEntity == null)
{
throw new OM2MNotFoundException($"Cannot find parent resource: {request.TargetId}.");
}
List <string> acpIds = null;
if (parentEntity is OM2MCseBaseEntity)
{
var ee = parentEntity as OM2MCseBaseEntity;
acpIds = ee.AccessControlPolicyIds;
}
else if (parentEntity is OM2MRemoteCseEntity)
{
var ee = parentEntity as OM2MContainerEntity;
acpIds = ee.AccessControlPolicyIds;
}
if (request.From != null)
{
}
var acpList = new List <OM2MAccessControlPolicyEntity>();
if (acpIds != null)
{
foreach (var i in acpIds)
{
var queryAcp = db.Resources.Where(x => x.ResourceId == i)
.OfType <OM2MAccessControlPolicyEntity>()
.Include(x => x.PrivilegesCore);
if (queryAcp.Count() == 0)
{
// Damaged
continue;
}
acpList.Add(queryAcp.First());
}
}
CheckACP(acpList, request.From, OM2MOperation.Create);
if (request.Content == null)
{
throw new OM2MBadRequestException("A content is required for creation.");
}
var resource = request.Content as OM2MAE;
if (resource == null)
{
throw new OM2MBadRequestException("Incorrect resource representation in content.");
}
/*
* appName O
* App-ID M
* AE-ID NP
* pointOfAccess O
* ontologyRef O
* nodeLink O
* requestReachability M
* contentSerialization O
* e2eSecInfo O
*/
var entity = new OM2MAEEntity();
// Check NP attributes
if (resource.AEID != null)
{
throw new OM2MBadRequestException("AE-ID is not permitted.");
}
// Assign M attributes
if (resource.AppID == null)
{
throw new OM2MBadRequestException("App-ID is mandatory.");
}
/*
* if (aeResource.RequestReachability == null)
* {
* throw new OM2MBadRequestException("requestReachability is mandatory.");
* }*/
entity.AppId = resource.AppID;
// Assign M/O attributes
if (resource.AppName != null)
{
entity.AppName = resource.AppName;
}
if (resource.PointOfAccess != null)
{
entity.PointOfAccess.AddRange(resource.PointOfAccess);
}
if (resource.OntologyRef != null)
{
entity.OntologyRef = resource.OntologyRef;
}
if (resource.RequestReachability == null)
{
entity.RequestReachability = true;
}
else
{
entity.RequestReachability = resource.RequestReachability.Value;
}
if (resource.NodeLink != null)
{
entity.NodeLink = resource.NodeLink;
}
var id = db.GenerateId();
entity.ResourceId = $"/{CseConfig.CseBaseId}/CAE{id}";
entity.CreationTime = OM2MTimeStamp.NowTimeStamp;
entity.LastModifiedTime = entity.CreationTime;
entity.ParentId = parentEntity.ResourceId;
entity.ResourceType = (int)OM2MResourceType.AE;
entity.AEId = $"CAE{id}";
if (resource.ResourceName != null)
{
// ToDo: need to check resource name
entity.ResourceName = resource.ResourceName;
}
else
{
entity.ResourceName = $"ae_{id}";
}
entity.HierarchicalUri = parentEntity.HierarchicalUri + "/" + entity.ResourceName;
{
var acpId = db.GenerateId();
var acpEntity = new OM2MAccessControlPolicyEntity();
acpEntity.CreationTime = OM2MTimeStamp.NowTimeStamp;
acpEntity.LastModifiedTime = acpEntity.CreationTime;
acpEntity.ParentId = $"/{CseConfig.CseBaseId}";
acpEntity.ResourceId = $"/{CseConfig.CseBaseId}/acp-{acpId}";
acpEntity.ResourceName = $"acpae_{acpId}";
var ruleEntity = new OM2MAccessControlRuleEntity();
ruleEntity.AccessControlOperations = 63;
ruleEntity.AccessControlOriginators.Add(CseConfig.AdminOriginator);
acpEntity.SelfPrivileges.Add(ruleEntity);
ruleEntity = new OM2MAccessControlRuleEntity();
ruleEntity.AccessControlOperations = 63;
ruleEntity.AccessControlOriginators.Add(entity.AEId);
ruleEntity.AccessControlOriginators.Add(CseConfig.AdminOriginator);
acpEntity.Privileges.Add(ruleEntity);
acpEntity.HierarchicalUri = $"/{CseConfig.CseBaseId}/{CseConfig.CseBaseName}/{acpEntity.ResourceName}";
entity.AccessControlPolicyIds.Add(acpEntity.ResourceId);
//parentEntity.Resources.Add(acpEntity);
db.Resources.Add(acpEntity);
var uriMapEntity2 = new OM2MUriMapEntity();
uriMapEntity2.Uri = acpEntity.HierarchicalUri;
uriMapEntity2.ResourceId = acpEntity.ResourceId;
db.UriMaps.Add(uriMapEntity2);
}
//parentEntity.Resources.Add(entity);
db.Resources.Add(entity);
var uriMapEntity = new OM2MUriMapEntity();
uriMapEntity.Uri = entity.HierarchicalUri;
uriMapEntity.ResourceId = entity.ResourceId;
db.UriMaps.Add(uriMapEntity);
db.SaveChanges();
var subs = db.Resources
.OfType <OM2MSubscriptionEntity>()
.Where(x => x.ParentId == parentEntity.ResourceId).ToList();
CseService.Notify(subs, entity, OM2MResourceStatus.ChildCreated);
var response = new OM2MResponsePrimitive(CseConfig, request);
response.ResponseStatusCode = OM2MResponseStatusCode.Created;
response.Content = entity.ToResource(OM2MResultContent.Attributes);
return(response);
}
}
