public static TypeRulePack GetTypeRules(Lite <RoleEntity> roleLite)
{
var result = new TypeRulePack {
Role = roleLite
};
Schema s = Schema.Current;
cache.GetRules(result, TypeLogic.TypeToEntity.Where(t => !t.Key.IsEnumEntity() && s.IsAllowed(t.Key, false) == null).Select(a => a.Value));
foreach (TypeAllowedRule r in result.Rules)
{
Type type = TypeLogic.EntityToType[r.Resource];
if (OperationAuthLogic.IsStarted)
{
r.Operations = OperationAuthLogic.GetAllowedThumbnail(roleLite, type);
}
if (PropertyAuthLogic.IsStarted)
{
r.Properties = PropertyAuthLogic.GetAllowedThumbnail(roleLite, type);
}
if (QueryAuthLogic.IsStarted)
{
r.Queries = QueryAuthLogic.GetAllowedThumbnail(roleLite, type);
}
}
return(result);
}
public static void StartAllModules(SchemaBuilder sb)
{
TypeAuthLogic.Start(sb);
PropertyAuthLogic.Start(sb);
QueryAuthLogic.Start(sb);
OperationAuthLogic.Start(sb);
PermissionAuthLogic.Start(sb);
}
public static void StartAllModules(SchemaBuilder sb, DynamicQueryManager dqm)
{
TypeAuthLogic.Start(sb, dqm);
PropertyAuthLogic.Start(sb);
QueryAuthLogic.Start(sb, dqm);
OperationAuthLogic.Start(sb);
PermissionAuthLogic.Start(sb, dqm);
}
public override Func <Lite <RoleEntity>, OperationAllowed, OperationAllowed> GetCoerceValueManual(OperationSymbol operationKey)
{
return((role, allowed) =>
{
var required = OperationAuthLogic.MaxTypePermission(operationKey, TypeAllowedBasic.Read, t => TypeAuthLogic.Manual.GetAllowed(role, t));
return allowed < required ? allowed : required;
});
}
public static void StartAllModules(SchemaBuilder sb, bool activeDirectoryIntegration = false)
{
TypeAuthLogic.Start(sb);
PropertyAuthLogic.Start(sb);
QueryAuthLogic.Start(sb);
OperationAuthLogic.Start(sb);
PermissionAuthLogic.Start(sb);
if (activeDirectoryIntegration)
{
PermissionAuthLogic.RegisterTypes(typeof(ActiveDirectoryPermission));
}
}
static OperationAllowed GetDefault(OperationSymbol key, Lite <RoleEntity> role)
{
return(OperationAuthLogic.MaxTypePermission(key, TypeAllowedBasic.Modify, t => TypeAuthLogic.GetAllowed(role, t)));
}
