public static void Insert(string policyDb, IConditionalExpressionService expression) { var data = new List <AccessControlPolicy>(); IMongoClient _client = new MongoClient(); IMongoDatabase _database = _client.GetDatabase(policyDb); var acPolicyCollection = _database.GetCollection <AccessControlPolicy>("AccessControlPolicy"); data.Add(new AccessControlPolicy { Action = "read", CollectionName = "Department", Description = "....", IsAttributeResourceRequired = true, PolicyId = "policy 1", RuleCombining = "permit-overrides", Target = expression.Parse(Targets[0]), Rules = new AccessControlRule[] { new AccessControlRule { Id = "rule 1", Effect = "Permit", Condition = expression.Parse(Rules[0]) } } }); data.Add(new AccessControlPolicy { Action = "read", CollectionName = "Department", Description = "....", IsAttributeResourceRequired = true, PolicyId = "policy 1", RuleCombining = "permit-overrides", Target = expression.Parse(Targets[1]), Rules = new AccessControlRule[] { new AccessControlRule { Id = "rule 1", Effect = "Permit", Condition = expression.Parse(Rules[1]) } } }); data.Add(new AccessControlPolicy { Action = "read", CollectionName = "Department", Description = "....", IsAttributeResourceRequired = false, PolicyId = "policy 1", RuleCombining = "permit-overrides", Target = expression.Parse(Targets[2]), Rules = new AccessControlRule[] { new AccessControlRule { Id = "rule 1", Effect = "Permit", Condition = expression.Parse(Rules[2]) } } }); acPolicyCollection.InsertMany(data); }
public void Post([FromBody] AccessControlPolicyInsertCommand command) { bool IsResourceRequired = false; if (command.Target.Contains("\"Resource.")) { IsResourceRequired = true; } var accessControlRules = new List <AccessControlRule>(); foreach (var rule in command.Rules) { var condition = _conditionalExpressionService.Parse(rule.Condition); var accessControlRule = new AccessControlRule() { Id = rule.RuleID, Effect = rule.Effect, Condition = condition }; accessControlRules.Add(accessControlRule); if (!IsResourceRequired) { IsResourceRequired = rule.Condition.Contains("\"Resource."); } } var target = _conditionalExpressionService.Parse(command.Target); var accessControlModel = new AccessControlPolicy() { PolicyId = command.PolicyID, CollectionName = command.CollectionName, Action = command.Action, Description = command.Description, RuleCombining = command.RuleCombining, Target = target, Rules = accessControlRules, IsAttributeResourceRequired = IsResourceRequired }; _accessControlPolicyRepository.Add(accessControlModel); }
public void Create([FromBody] PrivacyPolicyInsertCommand command) { bool IsResourceRequired = false; if (command.Target.Contains("\"Resource.")) { IsResourceRequired = true; } var fieldRules = new List <FieldRule>(); var target = _conditionalExpressionService.Parse(command.Target); foreach (var rule in command.Rules) { var condition = _conditionalExpressionService.Parse(rule.Condition); var fieldRule = new FieldRule() { Identifer = rule.RuleID, FieldEffects = rule.FieldEffects, Condition = condition }; fieldRules.Add(fieldRule); if (!IsResourceRequired) { IsResourceRequired = rule.Condition.Contains("\"Resource."); } } var policy = new PrivacyPolicy() { CollectionName = command.CollectionName, Description = command.Description, PolicyId = command.PolicyID, Rules = fieldRules, IsAttributeResourceRequired = IsResourceRequired, Target = target }; _privacyPolicyRepository.Add(policy); }
public static void InsertFivePoliciesForTestingPerformance(string policyDb, IConditionalExpressionService expression) { string[] Targets = new string[] { "BooleanEqual ( Subject.active , 'true' )" }; string[] Rules = new string[] { "IntegerGreaterThan ( Resource.number_developers , '15' ) AND IntegerGreaterThan ( Subject.age , '15' ) AND DateGreaterThan ( Resource.leader.info.date_of_birth , '1/1/1995' )" }; var data = new List <AccessControlPolicy>(); IMongoClient _client = new MongoClient(); IMongoDatabase _database = _client.GetDatabase(policyDb); var acPolicyCollection = _database.GetCollection <AccessControlPolicy>("AccessControlPolicy"); for (int i = 1; i <= 4; i++) { data.Add(new AccessControlPolicy { Action = "read", CollectionName = "Department", Description = "....", IsAttributeResourceRequired = true, PolicyId = "policy 1", RuleCombining = "deny-overrides", Target = expression.Parse(Targets[0]), Rules = new AccessControlRule[] { new AccessControlRule { Id = "rule 1", Effect = "Deny", Condition = expression.Parse(Rules[0]) }, new AccessControlRule { Id = "rule 2", Effect = "Deny", Condition = expression.Parse(Rules[0]) }, new AccessControlRule { Id = "rule 3", Effect = "Deny", Condition = expression.Parse(Rules[0]) } } }); } data.Add(new AccessControlPolicy { Action = "read", CollectionName = "Department", Description = "....", IsAttributeResourceRequired = true, PolicyId = "policy 1", RuleCombining = "permit-overrides", Target = expression.Parse(Targets[0]), Rules = new AccessControlRule[] { new AccessControlRule { Id = "rule 1", Effect = "Permit", Condition = expression.Parse(Rules[0]) }, new AccessControlRule { Id = "rule 2", Effect = "Permit", Condition = expression.Parse(Rules[0]) }, new AccessControlRule { Id = "rule 3", Effect = "Permit", Condition = expression.Parse(Rules[0]) } } }); acPolicyCollection.InsertMany(data); }
public static void InsertPolicyForDemo(string policyDb, IConditionalExpressionService expression) { string[] Targets = new string[] { "BooleanEqual ( Subject.active , 'true' )" }; string[] Rules = new string[] { "StringEqual ( Subject.role , 'intern' ) Or StringEqual ( Subject.role , 'doctor' )", "IntegerGreaterThan ( Resource.dept_id , '8' )" }; var data = new List <AccessControlPolicy>(); IMongoClient _client = new MongoClient(); IMongoDatabase _database = _client.GetDatabase(policyDb); var acPolicyCollection = _database.GetCollection <AccessControlPolicy>("AccessControlPolicy"); data.Add(new AccessControlPolicy { Action = "read", CollectionName = "Department", Description = "....", IsAttributeResourceRequired = false, PolicyId = "policy 1", RuleCombining = "permit-overrides", Target = expression.Parse(Targets[0]), Rules = new AccessControlRule[] { new AccessControlRule { Id = "rule 1", Effect = "Permit", Condition = expression.Parse(Rules[0]) } } }); data.Add(new AccessControlPolicy { Action = "read", CollectionName = "Department", Description = "....", IsAttributeResourceRequired = false, PolicyId = "policy 2", RuleCombining = "permit-overrides", Target = expression.Parse(Targets[0]), Rules = new AccessControlRule[] { new AccessControlRule { Id = "rule 2", Effect = "Permit", Condition = expression.Parse(Rules[1]) } } }); acPolicyCollection.InsertMany(data); var ruleCombiningDB = _database.GetCollection <AccessControlPolicyCombining>("AccessControlPolicyCombiningConfiguration"); var rules = new List <AccessControlPolicyCombining>(); rules.Add(new AccessControlPolicyCombining() { Algorithm = "permit-overrides", PolicyIds = new string[2] { "policy 1", "policy 2" } }); ruleCombiningDB.InsertMany(rules); }