public bool HasFlag(ResourcePermissionType flags) { if (Resource != null) { return(Resource.Permissions.HasFlag(flags)); } return(false); }
public static bool IsAuthorized(List <UsageRight> usageRights, ResourcePermissionType requiredPermissions, List <Group> groupMembership, string username) { List <UsageRight> applicableGroupRights; UsageRight userRights; ResourcePermissionType cumulativeResourceRights = ResourcePermissionType.None; // User rights override group rights when specified, thus we want to check user rights first and bail with the answer if possible userRights = GetRightsOfUser(usageRights, username); if (userRights != null) { // If the user has the required rights, we are done. if (userRights.HasFlags(requiredPermissions)) { return(true); } else // Now, if the user has any rights, we know it is denied because rights are either set or not set as a whole { return(false); } } // So, if we are here, the user does not have specific rights, we need to check group rights applicableGroupRights = GetRightsOfGroupsToWhichUserBelongs(usageRights, groupMembership); // If nothing is applicable then we know access is denied. if (applicableGroupRights == null) { return(false); } /* Now, group rights are granting cumulative. For instance, if a user is a member of groups A and B where A has readonly access and B has only checkout access then * the user would have both readonly and checkout access. Only user flags are applied to decline access as the system defaults to no access. Thus the simple way to * look at it is that by making a user a member of a group you are granting the specified permissions of that group. */ // So, we need to cumulate permissions, this is easily accomplished with a bitwise or operation for (int i = 0; i < applicableGroupRights.Count; i++) { if (applicableGroupRights[i].Permissions.Resource != null) { cumulativeResourceRights |= applicableGroupRights[i].Permissions.Resource.Permissions; } } return(cumulativeResourceRights.HasFlag(requiredPermissions)); }
public static bool IsAuthorized(List<UsageRight> usageRights, ResourcePermissionType requiredPermissions, List<Group> groupMembership, string username) { List<UsageRight> applicableGroupRights; UsageRight userRights; ResourcePermissionType cumulativeResourceRights = ResourcePermissionType.None; // User rights override group rights when specified, thus we want to check user rights first and bail with the answer if possible userRights = GetRightsOfUser(usageRights, username); if (userRights != null) { // If the user has the required rights, we are done. if (userRights.HasFlags(requiredPermissions)) return true; else // Now, if the user has any rights, we know it is denied because rights are either set or not set as a whole return false; } // So, if we are here, the user does not have specific rights, we need to check group rights applicableGroupRights = GetRightsOfGroupsToWhichUserBelongs(usageRights, groupMembership); // If nothing is applicable then we know access is denied. if (applicableGroupRights == null) return false; /* Now, group rights are granting cumulative. For instance, if a user is a member of groups A and B where A has readonly access and B has only checkout access then * the user would have both readonly and checkout access. Only user flags are applied to decline access as the system defaults to no access. Thus the simple way to * look at it is that by making a user a member of a group you are granting the specified permissions of that group. */ // So, we need to cumulate permissions, this is easily accomplished with a bitwise or operation for (int i = 0; i < applicableGroupRights.Count; i++) if (applicableGroupRights[i].Permissions.Resource != null) cumulativeResourceRights |= applicableGroupRights[i].Permissions.Resource.Permissions; return cumulativeResourceRights.HasFlag(requiredPermissions); }
public ResourceRequest(string user, Data.ResourceId id, GlobalPermissionType global, ResourcePermissionType resource) : base(user, id.ToString(), global, resource) { }
public GlobalRequest(string user, GlobalPermissionType global, ResourcePermissionType resource) : base(user, GLOBAL_FILE_ID, global, resource) { }
public Request(string user, string id, GlobalPermissionType global, ResourcePermissionType resource) : this(user, id, new GlobalPermission(global), new ResourcePermission(resource)) { }
public bool HasFlag(ResourcePermissionType flags) { if (Resource != null) return Resource.Permissions.HasFlag(flags); return false; }
public ResourcePermission(ResourcePermissionType permissions) { Permissions = permissions; }