public static Program.ExitCode AddAssignment(AuthUserRole assgnUR, rbacLINQ2SQLDataContext db) { //check if the role exists var query = from aur in db.AuthUserRole where aur.Role_Id == assgnUR.Role_Id && aur.User_Id == assgnUR.User_Id select aur; //if does not exist, add: if (query.Count() == 0) { //here must be checking role addition posibility within SSOD //... db.AuthUserRole.InsertOnSubmit(assgnUR); try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } } //if exists, Ignore or Update: else { return Program.ExitCode.ElementExists; } }
public static Program.ExitCode AddAction(Action a_in, rbacLINQ2SQLDataContext db) { //check if exists var query = from act in db.Action where act.Name == a_in.Name select act; //if does not exist, add: if (query.Count() == 0) { db.Action.InsertOnSubmit(a_in); try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } } //if exists, Ignore or Update: else { return Program.ExitCode.ElementExists; } }
public static void AddAction_noTryCatch(Action a_in, rbacLINQ2SQLDataContext db) { //check if exists var query = from act in db.Action where act.Name == a_in.Name select act; //if does not exist, add: if (query.Count() == 0) { db.Action.InsertOnSubmit(a_in); db.SubmitChanges(); System.Diagnostics.Debug.WriteLine("Added Action: {0}", a_in.Name); } else { System.Diagnostics.Debug.WriteLine("Existing Action: {0}", a_in.Name); } }
public static void AddObject_noTryCatch(Object o_in, rbacLINQ2SQLDataContext db) { //check if the role exists var query = from obj in db.Object where obj.Name == o_in.Name select obj; //if does not exist, add: if (query.Count() == 0) { db.Object.InsertOnSubmit(o_in); db.SubmitChanges(); System.Diagnostics.Debug.WriteLine("Added Object: {0}", o_in.Name); } else { System.Diagnostics.Debug.WriteLine("Existing Object: {0}", o_in.Name); } }
public static Program.ExitCode RmAssignment(AuthUserRole assgnUR, rbacLINQ2SQLDataContext db) { //check if the Assignment exists var query = from aur in db.AuthUserRole where aur.Role_Id == assgnUR.Role_Id && aur.User_Id == assgnUR.User_Id select aur; //if does exist, delete: if (query.Count() != 0) { //Без учета Активных ролей. db.AuthUserRole.DeleteOnSubmit(query.First()); try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } } else { return Program.ExitCode.ElementDoesNotExists; } }
public static Program.ExitCode AddObject(Object o_in, rbacLINQ2SQLDataContext db) { //check if the role exists var query = from obj in db.Object where obj.Name == o_in.Name select obj; //if does not exist, add: if (query.Count() == 0) { db.Object.InsertOnSubmit(o_in); try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } } //if exists, Ignore or Update: else { return Program.ExitCode.ElementExists; } }
public static void AddUser_noTryCatch(User u, rbacLINQ2SQLDataContext db) { //check if the user exists var query = from usr in db.User where usr.Name == u.Name && usr.Policy_Id == u.Policy_Id select usr; //if doesn't exist, add: if (query.Count() == 0) { db.User.InsertOnSubmit(u); db.SubmitChanges(); System.Diagnostics.Debug.WriteLine("Added User: {0}", u.Name); } else { System.Diagnostics.Debug.WriteLine("Existing User: {0}", u.Name); } }
public static Program.ExitCode RmUser(User u, rbacLINQ2SQLDataContext db, bool submitChanges = true) { try { User user = db.User.Single(u1 => (u1.Id == u.Id && u1.Name == u.Name && u1.Policy_Id == u.Policy_Id)); //Можем запрещать удалять Юзера, у которого есть assigned roles. //if (user.AuthUserRole.Count != 0) //{ // return Program.ExitCode.HasAssigned; //} foreach (Session s in user.Session) { db.ActiveRole.DeleteAllOnSubmit(s.ActiveRole); } db.Session.DeleteAllOnSubmit(user.Session); db.AuthUserRole.DeleteAllOnSubmit(user.AuthUserRole); db.User.DeleteOnSubmit(db.User.Single(u1 => (u1.Id == u.Id && u1.Policy_Id == u.Policy_Id))); if (submitChanges) db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } }
public static Program.ExitCode UpdateRole(Role r, rbacLINQ2SQLDataContext db) { var query = from role in db.Role where role.Name == r.Name && role.Policy_Id == r.Policy_Id select role; query.First().Cardinality = r.Cardinality; try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } }
public static Program.ExitCode RmPermissionPerObject(PermissionPerObject ppo_in, rbacLINQ2SQLDataContext db) { var query_ppo = from ppo in db.PermissionPerObject where ppo.Action_Id == ppo_in.Action_Id && ppo.Object_Id == ppo_in.Object_Id && ppo.Permission_Id == ppo_in.Permission_Id select ppo; // if there's no such an element - return corresponding status: if (query_ppo.Count() == 0) return Program.ExitCode.ElementDoesNotExists; //Otherwise, delete from PermissionPerObject: db.PermissionPerObject.DeleteOnSubmit(query_ppo.First()); try { db.SubmitChanges(); } catch (Exception exc) { return Program.ExitCode.Error; } // Check, if there's a PpO entity for the ppo.Permission_Id permission. query_ppo = from ppo in db.PermissionPerObject where ppo.Permission_Id == ppo_in.Permission_Id select ppo; // If not, delete this "empty" ppo.Permission_Id from Permission and from RolePermission // Otherwise, return success if (query_ppo.Count() != 0) { return Program.ExitCode.Success; } else { var query_p = from p in db.Permission where p.Id == ppo_in.Permission_Id select p; db.RolePermission.DeleteAllOnSubmit(query_p.First().RolePermission); db.Permission.DeleteOnSubmit(query_p.First()); try { db.SubmitChanges(); } catch (Exception exc) { return Program.ExitCode.Error; } } return Program.ExitCode.Success; }
public static Program.ExitCode RmRole(Role r, rbacLINQ2SQLDataContext db, bool submitChanges = true) { try { Role role = db.Role.Single(r1 => (r1.Id == r.Id && r1.Policy_Id == r.Policy_Id)); //Можем запрещать удалять Роли, которые привязаны к каким-то Юзерам //if (role.AuthUserRole.Count != 0) //{ // return Program.ExitCode.HasAssigned; //} //здесь не удаляется роль из SSOD, DSOD, RH db.ActiveRole.DeleteAllOnSubmit(role.ActiveRole); db.AuthUserRole.DeleteAllOnSubmit(role.AuthUserRole); db.RolePermission.DeleteAllOnSubmit(role.RolePermission); db.Role.DeleteOnSubmit(role); if (submitChanges) db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } }
public static Program.ExitCode AddRole(Role r, rbacLINQ2SQLDataContext db) { //check if the role exists var query = from role in db.Role where role.Name == r.Name && role.Policy_Id == r.Policy_Id select role; //if does not exist, add: if (query.Count() == 0) { db.Role.InsertOnSubmit(r); try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } } //if exists, Ignore or Update: else { return Program.ExitCode.ElementExists; } }
public static Program.ExitCode RmObject(Object o_in, rbacLINQ2SQLDataContext db) { var query = from obj in db.Object where obj.Name == o_in.Name select obj; if (query.Count() == 0) return Program.ExitCode.ElementDoesNotExists; Object o = query.First(); HashSet<int> pids = new HashSet<int>(); foreach (var ppo in o.PermissionPerObject) { pids.Add(ppo.Permission_Id); db.PermissionPerObject.DeleteOnSubmit(ppo); } try { db.SubmitChanges(); } catch (Exception exc) { return Program.ExitCode.Error; } //check if there're entities for PPOs deleted. If not - delete these Permission entities: var prmsn = db.PermissionPerObject.Where(x => (pids.Contains<int>(x.Permission_Id))) .Select(x => x.Permission_Id); foreach (int i in prmsn) pids.Remove(i); var query1 = db.Permission.Where(x => pids.Contains<int>(x.Id)); foreach (var q in query1) { RmPermission(q, db, false); } db.Object.DeleteOnSubmit(o); try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } }
public static Program.ExitCode AddRH(Role senior, Role junior, rbacLINQ2SQLDataContext db) { // Check if roles exist var roleS = from r in db.Role where r.Name == senior.Name && r.Policy_Id == senior.Policy_Id select r; var roleJ = from r in db.Role where r.Name == junior.Name && r.Policy_Id == junior.Policy_Id select r; if (roleS.Count() == 1 && roleJ.Count() == 1) { RoleHierarchy rh = new RoleHierarchy() { SeniorRole_Id = roleS.First().Id, JuniorRole_Id = roleJ.First().Id, }; // Check if RH exists: var query = from t in db.RoleHierarchy where t.SeniorRole_Id == rh.SeniorRole_Id && t.JuniorRole_Id == rh.JuniorRole_Id select t; if (query.Count() == 1) { return Program.ExitCode.ElementExists; } try { db.RoleHierarchy.InsertOnSubmit(rh); db.SubmitChanges(); return Program.ExitCode.Success; } catch { return Program.ExitCode.Error; } } else { return Program.ExitCode.ElementDoesNotExists; } }
public static void AddPolicy_noTryCatch(Policy p, rbacLINQ2SQLDataContext db) { //check if the role exists var query = from policy in db.Policy where policy.Name == p.Name select policy; //if does not exist, add: if (query.Count() == 0) { db.Policy.InsertOnSubmit(p); db.SubmitChanges(); System.Diagnostics.Debug.WriteLine("Added Policy: {0}", p.Name); } else { System.Diagnostics.Debug.WriteLine("Existing Policy: {0}", p.Name); } }
public static Program.ExitCode AddPolicy(Policy p, rbacLINQ2SQLDataContext db) { //check if the role exists var query = from policy in db.Policy where policy.Name == p.Name select policy; //if does not exist, add: if (query.Count() == 0) { db.Policy.InsertOnSubmit(p); try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } } //if exists, Ignore or Update: else { return Program.ExitCode.ElementExists; } }
public static void AddPermission_noTryCatch(Permission p_in, Action a_in, Object o_in, rbacLINQ2SQLDataContext db) { bool ppo_exists = false; bool p_exists = false; var query_p = from p in db.Permission where p.Name == p_in.Name && p.Policy_Id == p_in.Policy_Id select p; if (query_p.Count() != 0) p_exists = true; // if does not exist in Permission_Table, add: if (!p_exists) { db.Permission.InsertOnSubmit(p_in); db.SubmitChanges(); System.Diagnostics.Debug.WriteLine("Added Permission {0}:", p_in.Name); } else { System.Diagnostics.Debug.WriteLine("Existing Permission {0}:", p_in.Name); } Permission perm = db.Permission.Single(p => p.Name == p_in.Name && p.Policy_Id == p_in.Policy_Id); var query_ppo = from ppo in db.PermissionPerObject where ppo.Action_Id == a_in.Id && ppo.Object_Id == o_in.Id && ppo.Permission_Id == perm.Id select ppo; if (query_ppo.Count() != 0) { ppo_exists = true; System.Diagnostics.Debug.WriteLine("Existing PermissionPerObject {0}->({1},{2}):",p_in.Name,a_in.Name,o_in.Name); } // if does not exist in PermissionPerObject_Table, add: else { db.PermissionPerObject.InsertOnSubmit(new PermissionPerObject { Action_Id = a_in.Id, Object_Id = o_in.Id, Permission_Id = perm.Id }); db.SubmitChanges(); System.Diagnostics.Debug.WriteLine("Added PermissionPerObject {0}->({1},{2}):", p_in.Name, a_in.Name, o_in.Name); } }
public static Program.ExitCode AddPermission(Permission p_in, Action a_in, Object o_in, rbacLINQ2SQLDataContext db) { bool ppo_exists = false; bool p_exists = false; var query_p = from p in db.Permission where p.Name == p_in.Name && p.Policy_Id == p_in.Policy_Id select p; if (query_p.Count() != 0) p_exists = true; // if does not exist in Permission_Table, add: if (!p_exists) { db.Permission.InsertOnSubmit(p_in); try { db.SubmitChanges(); } catch (Exception exc) { return Program.ExitCode.Error; } } Permission perm = db.Permission.Single(p => p.Name == p_in.Name && p.Policy_Id == p_in.Policy_Id); var query_ppo = from ppo in db.PermissionPerObject where ppo.Action_Id == a_in.Id && ppo.Object_Id == o_in.Id && ppo.Permission_Id == perm.Id select ppo; if (query_ppo.Count() != 0) ppo_exists = true; if (ppo_exists) { return Program.ExitCode.ElementExists; } // if does not exist in PermissionPerObject_Table, add: else { db.PermissionPerObject.InsertOnSubmit(new PermissionPerObject{ Action_Id = a_in.Id, Object_Id = o_in.Id, Permission_Id = perm.Id}); try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } } }
public static Program.ExitCode RmPermission(Permission p_in, rbacLINQ2SQLDataContext db, bool submitChanges = true) { var query_p = from p in db.Permission where p.Name == p_in.Name && p.Policy_Id == p_in.Policy_Id select p; if (query_p.Count() == 0) { return Program.ExitCode.ElementDoesNotExists; } db.PermissionPerObject.DeleteAllOnSubmit(query_p.First().PermissionPerObject); db.RolePermission.DeleteAllOnSubmit(query_p.First().RolePermission); db.Permission.DeleteOnSubmit(query_p.First()); try { if (submitChanges) db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } }
public static Program.ExitCode AddRolePermission(RolePermission rp_in, rbacLINQ2SQLDataContext db) { //check if the role exists var query = from rp in db.RolePermission where rp.Role_Id == rp_in.Role_Id && rp.Permission_Id == rp_in.Permission_Id select rp; //if does not exist, add: if (query.Count() == 0) { //here must be checking of role-permission addition posibility within Constraints of RBAC2. //... db.RolePermission.InsertOnSubmit(rp_in); try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } } //if exists: else { return Program.ExitCode.ElementExists; } }
public static Program.ExitCode RmPolicy(Policy policy_in, rbacLINQ2SQLDataContext db) { Program.ExitCode status; //check if the policy exists var query = from policy in db.Policy where policy.Id == policy_in.Id select policy; //if does exist, remove: if (query.Count() != 0) { Policy p = query.First(); foreach (User u in p.User) { status = RmUser(u, db, false); if (status != Program.ExitCode.Success) return status; } foreach (Role r in p.Role) { status = RmRole(r, db, false); if (status != Program.ExitCode.Success) return status; } foreach (Permission perm in p.Permission) { status = RmPermission(perm, db, false); if (status != Program.ExitCode.Success) return status; } db.Policy.DeleteOnSubmit(p); try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } } //if doesn't exist: else { return Program.ExitCode.ElementDoesNotExists; } }
public static void AddRolePermission_noTryCatch(RolePermission rp_in, rbacLINQ2SQLDataContext db) { //check if the role exists var query = from rp in db.RolePermission where rp.Role_Id == rp_in.Role_Id && rp.Permission_Id == rp_in.Permission_Id select rp; //if does not exist, add: if (query.Count() == 0) { //here must be checking of role-permission addition posibility within Constraints of RBAC2. //... db.RolePermission.InsertOnSubmit(rp_in); db.SubmitChanges(); System.Diagnostics.Debug.WriteLine("Added RolePermission {0}->{1}:", rp_in.Role_Id, rp_in.Permission_Id); } else { System.Diagnostics.Debug.WriteLine("Existing RolePermission {0}->{1}:", rp_in.Role_Id, rp_in.Permission_Id); } }
public static Program.ExitCode RmRolePermission(RolePermission rp_in, rbacLINQ2SQLDataContext db) { //check if the role exists var query = from rp in db.RolePermission where rp.Role_Id == rp_in.Role_Id && rp.Permission_Id == rp_in.Permission_Id select rp; //if does exist, remove: if (query.Count() != 0) { //here must be checking of role-permission addition posibility within Constraints of RBAC2. //... /* * Без учета Активных ролей. Вообще, эта операция должна выполняться, когда выбранная роль не залогинена ни у одного пользователя * Т.е. когда query.First().Role.ActiveRole.Count == 0 * Более того, когда все роли, лежащие Выше по ролевой иерархии, не залогинены. (чтобы спокойно у них отобрать permission) * */ db.RolePermission.DeleteOnSubmit(query.First()); try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } } //if doesn't exist: else { return Program.ExitCode.ElementExists; } }
public static void AddRole_noTryCatch(Role r, rbacLINQ2SQLDataContext db) { //check if the role exists var query = from role in db.Role where role.Name == r.Name && role.Policy_Id == r.Policy_Id select role; //if does not exist, add: if (query.Count() == 0) { db.Role.InsertOnSubmit(r); db.SubmitChanges(); System.Diagnostics.Debug.WriteLine("Added Role: {0}", r.Name); } else { System.Diagnostics.Debug.WriteLine("Existing Role: {0}", r.Name); } }
public static void AddAssignment_noTryCatch(AuthUserRole assgnUR, rbacLINQ2SQLDataContext db) { //check if the role exists var query = from aur in db.AuthUserRole where aur.Role_Id == assgnUR.Role_Id && aur.User_Id == assgnUR.User_Id select aur; //if does not exist, add: if (query.Count() == 0) { //here must be checking role addition posibility within SSOD //... db.AuthUserRole.InsertOnSubmit(assgnUR); db.SubmitChanges(); System.Diagnostics.Debug.WriteLine("Added User->Role: {0}->{1}", assgnUR.User_Id, assgnUR.Role_Id); } else { System.Diagnostics.Debug.WriteLine("Existing User->Role: {0}->{1}", assgnUR.User_Id, assgnUR.Role_Id); } }
// StaticSOD and DynamicSOD are not fully implemented // (with paying no attention to Role Hierarchy relations) public static Program.ExitCode AddStaticSOD(Role r1, Role r2, rbacLINQ2SQLDataContext db) { // Check if roles exist var role1 = from r in db.Role where r.Name == r1.Name && r.Policy_Id == r1.Policy_Id select r; var role2 = from r in db.Role where r.Name == r2.Name && r.Policy_Id == r2.Policy_Id select r; if (role1.Count() == 1 || role2.Count() == 1) { StaticSOD ssod1 = new StaticSOD() { Role_Id = role1.First().Id, ExclusiveRole_Id = role2.First().Id, }; StaticSOD ssod2 = new StaticSOD() { Role_Id = role2.First().Id, ExclusiveRole_Id = role1.First().Id, }; // Check if SSOD exists: var query1 = from t in db.StaticSOD where t.Role_Id == ssod1.Role_Id && t.ExclusiveRole_Id == ssod1.ExclusiveRole_Id select t; var query2 = from t in db.StaticSOD where t.Role_Id == ssod2.Role_Id && t.ExclusiveRole_Id == ssod2.ExclusiveRole_Id select t; if (query1.Count() == 1 && query2.Count() == 1) { return Program.ExitCode.ElementExists; } try { if (query1.Count() != 1) db.StaticSOD.InsertOnSubmit(ssod1); if (query2.Count() != 1) db.StaticSOD.InsertOnSubmit(ssod2); db.SubmitChanges(); return Program.ExitCode.Success; } catch { return Program.ExitCode.Error; } } else { return Program.ExitCode.ElementDoesNotExists; } }
public static Program.ExitCode UpdateUser(User u, rbacLINQ2SQLDataContext db) { var query = from usr in db.User where usr.Name == u.Name && usr.Policy_Id == u.Policy_Id select usr; query.First().Password = u.Password; try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } }
public static Program.ExitCode AddUser(User u, rbacLINQ2SQLDataContext db) { //check if the user exists var query = from usr in db.User where usr.Name == u.Name && usr.Policy_Id == u.Policy_Id select usr; //if doesn't exist, add: if (query.Count() == 0) { db.User.InsertOnSubmit(u); try { db.SubmitChanges(); return Program.ExitCode.Success; } catch (Exception exc) { return Program.ExitCode.Error; } } //if exists: else { return Program.ExitCode.ElementExists; } }