コード例 #1
0
        private void InitializeInterpreter()
        {
            Dictionary <String, AbstractFunction> functions = new Dictionary <string, AbstractFunction>();

            foreach (var entry in fm.FunctionDict)
            {
                String key      = entry.Key;
                var    function = entry.Value;
                functions.Add(key, function);
            }

            if (model.Model.ContainsKey("g"))
            {
                foreach (var entry in model.Model["g"])
                {
                    String       key = entry.Key;
                    Assertion    ast = entry.Value;
                    IRoleManager rm  = ast.RM;
                    functions.Add(key, BuiltInFunctions.GenerateGFunction(key, rm));
                }
            }
            _interpreter = new Interpreter();
            foreach (var func in functions)
            {
                _interpreter.SetFunction(func.Key, func.Value);
            }
            _parsedExpression = null;
        }
コード例 #2
0
ファイル: CoreEnforcer.cs プロジェクト: harsimranb/Casbin.NET
        private Interpreter GetAndInitializeInterpreter()
        {
            var functions = new Dictionary <string, AbstractFunction>();

            foreach (var entry in functionMap.FunctionDict)
            {
                string key      = entry.Key;
                var    function = entry.Value;
                functions.Add(key, function);
            }

            if (model.Model.ContainsKey(PermConstants.Section.RoleSection))
            {
                foreach (var entry in model.Model[PermConstants.Section.RoleSection])
                {
                    string key = entry.Key;
                    var    ast = entry.Value;
                    var    rm  = ast.RoleManager;
                    functions.Add(key, BuiltInFunctions.GenerateGFunction(key, rm));
                }
            }

            var interpreter = new Interpreter();

            foreach (var func in functions)
            {
                interpreter.SetFunction(func.Key, func.Value);
            }
            return(interpreter);
        }
コード例 #3
0
        /// <summary>
        /// enforce decides whether a "subject" can access a "object" with the operation
        /// "action", input parameters are usually: (sub, obj, act).
        /// </summary>
        /// <param name="rvals">the request needs to be mediated, usually an array of strings,
        /// can be class instances if ABAC is used.</param>
        /// <returns>whether to allow the request.</returns>
        public Boolean Enforce(params Object[] rvals)
        {
            if (!_enabled)
            {
                return(true);
            }

            Dictionary <String, AbstractFunction> functions = new Dictionary <string, AbstractFunction>();

            foreach (var entry in fm.FunctionDict)
            {
                String key      = entry.Key;
                var    function = entry.Value;

                functions.Add(key, function);
            }
            if (model.Model.ContainsKey("g"))
            {
                foreach (var entry in model.Model["g"])
                {
                    String       key = entry.Key;
                    Assertion    ast = entry.Value;
                    IRoleManager rm  = ast.RM;
                    functions.Add(key, BuiltInFunctions.GenerateGFunction(key, rm));
                }
            }

            String expString   = model.Model["m"]["m"].Value;
            var    interpreter = new Interpreter();

            foreach (var func in functions)
            {
                interpreter.SetFunction(func.Key, func.Value);
            }

            Effect.Effect[] policyEffects;
            float[]         matcherResults;
            int             policyLen;
            object          result = null;

            if ((policyLen = model.Model["p"]["p"].Policy.Count) != 0)
            {
                policyEffects  = new Effect.Effect[policyLen];
                matcherResults = new float[policyLen];

                for (int i = 0; i < model.Model["p"]["p"].Policy.Count; i++)
                {
                    List <String> pvals = model.Model["p"]["p"].Policy[i];
                    Dictionary <String, Object> parameters = new Dictionary <string, object>();
                    for (int j = 0; j < model.Model["r"]["r"].Tokens.Length; j++)
                    {
                        String token = model.Model["r"]["r"].Tokens[j];
                        parameters.Add(token, rvals[j]);
                    }
                    for (int j = 0; j < model.Model["p"]["p"].Tokens.Length; j++)
                    {
                        String token = model.Model["p"]["p"].Tokens[j];
                        parameters.Add(token, pvals[j]);
                    }
                    foreach (var item in parameters)
                    {
                        interpreter.SetVariable(item.Key, item.Value);
                    }
                    result = interpreter.Eval(expString);
                    if (result is Boolean)
                    {
                        if (!((Boolean)result))
                        {
                            policyEffects[i] = Effect.Effect.Indeterminate;
                            continue;
                        }
                    }
                    else if (result is float)
                    {
                        if ((float)result == 0)
                        {
                            policyEffects[i] = Effect.Effect.Indeterminate;
                            continue;
                        }
                        else
                        {
                            matcherResults[i] = (float)result;
                        }
                    }
                    else
                    {
                        throw new Exception("matcher result should be bool, int or float");
                    }
                    if (parameters.ContainsKey("p_eft"))
                    {
                        String eft = (String)parameters["p_eft"];
                        if (eft.Equals("allow"))
                        {
                            policyEffects[i] = Effect.Effect.Allow;
                        }
                        else if (eft.Equals("deny"))
                        {
                            policyEffects[i] = Effect.Effect.Deny;
                        }
                        else
                        {
                            policyEffects[i] = Effect.Effect.Indeterminate;
                        }
                    }
                    else
                    {
                        policyEffects[i] = Effect.Effect.Allow;
                    }

                    if (model.Model["e"]["e"].Value.Equals("priority(p_eft) || deny"))
                    {
                        break;
                    }
                }
            }
            else
            {
                policyEffects  = new Effect.Effect[1];
                matcherResults = new float[1];

                Dictionary <String, Object> parameters = new Dictionary <string, Object>();
                for (int j = 0; j < model.Model["r"]["r"].Tokens.Length; j++)
                {
                    String token = model.Model["r"]["r"].Tokens[j];
                    parameters.Add(token, rvals[j]);
                }
                for (int j = 0; j < model.Model["p"]["p"].Tokens.Length; j++)
                {
                    String token = model.Model["p"]["p"].Tokens[j];
                    parameters.Add(token, "");
                }

                foreach (var item in parameters)
                {
                    interpreter.SetVariable(item.Key, item.Value);
                }

                result = interpreter.Eval(expString, parameters.Select(x => new Parameter(x.Key, x.Value)).ToArray());

                if ((Boolean)result)
                {
                    policyEffects[0] = Effect.Effect.Allow;
                }
                else
                {
                    policyEffects[0] = Effect.Effect.Indeterminate;
                }
            }
            result = eft.MergeEffects(model.Model["e"]["e"].Value, policyEffects, matcherResults);
            return((Boolean)result);
        }