public void RegisterBuilder(SecurityObjectBuilder securityObjectMetaData)
 {
     if (resource.Any(p => p.RealObject == securityObjectMetaData.RealObject))
     {
         resource.Remove(resource.First(p => p.RealObject == securityObjectMetaData.RealObject));
     }
     resource.Add(securityObjectMetaData);
 }
        private SecurityObjectBuilder GetOrCreateBuilder(ModifiedObjectMetadata modifyObjectMetada)
        {
            SecurityObjectBuilder securityObjectMetaData = securityObjectRepository.GetObjectMetaData(modifyObjectMetada.Object);

            if (securityObjectMetaData == null)
            {
                securityObjectMetaData = new SecurityObjectBuilder();
                securityObjectMetaData.SecurityObject = modifyObjectMetada.Object;
                securityObjectMetaData.RealObject     = securityDbContext.RealDbContext.GetObject(modifyObjectMetada.Object);
                securityObjectRepository.RegisterBuilder(securityObjectMetaData);
            }
            return(securityObjectMetaData);
        }
        private IList <BlockedObjectInfo> CheckModificationObjects(SecurityObjectBuilder securityObjectMetaData, Type targetType, string memberName)
        {
            List <BlockedObjectInfo> blockedList = new List <BlockedObjectInfo>();
            bool isGranted = securityDbContext.Security.IsGranted(targetType, SecurityOperation.Write, securityObjectMetaData.RealObject, memberName);

            if (!isGranted)
            {
                // throw new SecurityAccessException("Write Deny " + targetType.ToString() + "Member name " + memberName);
                blockedList.Add(new BlockedObjectInfo {
                    operationType = BlockedObjectInfo.OperationType.Write,
                    objectType    = targetType,
                    memberName    = memberName
                });
            }
            return(blockedList);
        }
 private void ApplyModification(IEnumerable <EntityEntry> entitiesEntry, IEnumerable <ModifiedObjectMetadata> modifyObjectsMetada)
 {
     foreach (var entityEntry in entitiesEntry)
     {
         ModifiedObjectMetadata modifyObjectMetada     = modifyObjectsMetada.First(p => p.Object == entityEntry.Entity);
         SecurityObjectBuilder  securityObjectMetaData = securityObjectRepository.GetObjectMetaData(entityEntry.Entity);
         if (securityObjectMetaData == null)
         {
             securityObjectMetaData                = new SecurityObjectBuilder();
             securityObjectMetaData.RealObject     = securityDbContext.RealDbContext.GetObject(entityEntry.Entity);
             securityObjectMetaData.SecurityObject = entityEntry.Entity;
             securityObjectRepository.RegisterBuilder(securityObjectMetaData);
         }
         ApplyModyfication(securityObjectMetaData.RealObject, modifyObjectMetada);
     }
 }
        private IEnumerable <SecurityObjectBuilder> PrepareRemovedObjects(IEnumerable <EntityEntry> entitiesEntry)
        {
            List <SecurityObjectBuilder> securityObjectBuilders = new List <SecurityObjectBuilder>();

            foreach (EntityEntry entityEntry in entitiesEntry)
            {
                SecurityObjectBuilder securityObjectMetaData = securityObjectRepository.GetObjectMetaData(entityEntry.Entity);
                if (securityObjectMetaData == null)
                {
                    securityObjectMetaData                = new SecurityObjectBuilder();
                    securityObjectMetaData.RealObject     = securityDbContext.RealDbContext.GetObject(entityEntry.Entity);
                    securityObjectMetaData.SecurityObject = entityEntry.Entity;
                    securityObjectRepository.RegisterBuilder(securityObjectMetaData);
                }
                securityObjectBuilders.Add(securityObjectMetaData);
            }
            return(securityObjectBuilders);
        }
예제 #6
0
        private IEnumerable <object> GetOrCreateResultObjects(IEnumerable <object> securityObjects, IEnumerable <object> objects, IEnumerable <SecurityObjectBuilder> modyficationsObjects)
        {
            List <object> resultObject = new List <object>();

            foreach (object targetObject in objects)
            {
                SecurityObjectBuilder objectMetaData = modyficationsObjects.FirstOrDefault(p => p.RealObject == targetObject);
                if (objectMetaData != null && objectMetaData.SecurityObject != null)
                {
                    resultObject.Add(objectMetaData.SecurityObject);
                }
                else
                {
                    resultObject.Add(targetObject);
                }
            }
            return(resultObject);
        }
        private static Dictionary <string, List <SecurityObjectBuilder> > GetModifyObjectsInListProperty(SecurityObjectBuilder modyficationsObject, List <SecurityObjectBuilder> modyficationsObjects, IModel model, IPermissionProcessor processor)
        {
            Dictionary <string, List <SecurityObjectBuilder> > denyObjectsInListProperty = new Dictionary <string, List <SecurityObjectBuilder> >();
            Type        targetType = modyficationsObject.RealObject.GetType();
            IEntityType entityType = model.FindEntityType(targetType);
            IEnumerable <INavigation>  properties     = entityType.GetNavigations();
            IEnumerable <PropertyInfo> propertiesInfo = targetType.GetRuntimeProperties();

            foreach (INavigation propertyNavigation in properties)
            {
                PropertyInfo navigationListPropertyInfo = propertiesInfo.First(p => p.Name == propertyNavigation.Name);
                if (propertyNavigation.IsCollection())
                {
                    IEnumerable listObject = (IEnumerable)navigationListPropertyInfo.GetValue(modyficationsObject.RealObject);
                    if (listObject != null)
                    {
                        foreach (object objectInList in listObject)
                        {
                            List <object> denyObject;
                            modyficationsObject.BlockedObjectsInListProperty.TryGetValue(propertyNavigation.Name, out denyObject);
                            if (denyObject != null && denyObject.Contains(objectInList))
                            {
                                continue;
                            }
                            SecurityObjectBuilder securityObjectMetaData = modyficationsObjects.FirstOrDefault(p => p.RealObject == objectInList);

                            if (securityObjectMetaData != null && securityObjectMetaData.NeedToModify())
                            {
                                List <SecurityObjectBuilder> modyfiObjectInList;
                                if (!denyObjectsInListProperty.TryGetValue(propertyNavigation.Name, out modyfiObjectInList))
                                {
                                    modyfiObjectInList = new List <SecurityObjectBuilder>();
                                    denyObjectsInListProperty.Add(propertyNavigation.Name, modyfiObjectInList);
                                }
                                SecurityObjectBuilder objectInListMetaInfo = modyficationsObjects.First(p => p.RealObject == objectInList);
                                modyfiObjectInList.Add(objectInListMetaInfo);
                            }
                        }
                    }
                }
            }
            return(denyObjectsInListProperty);
        }
        public static IEnumerable <SecurityObjectBuilder> GetModificationsDifferences(IPermissionProcessor processor, IModel model, IEnumerable <object> processingEntity, IEnumerable <object> blockedObjects)
        {
            List <SecurityObjectBuilder> modifiedObjects = new List <SecurityObjectBuilder>();

            foreach (object targetObject in processingEntity)
            {
                SecurityObjectBuilder securityObjectBuilder = new SecurityObjectBuilder();
                modifiedObjects.Add(securityObjectBuilder);
                securityObjectBuilder.RealObject                   = targetObject;
                securityObjectBuilder.BlockedProperties            = GetBlockedProperties(targetObject, model, processor);
                securityObjectBuilder.BlockedNavigationProperties  = GetBlockedNavigationProperties(targetObject, blockedObjects, model, processor);
                securityObjectBuilder.BlockedObjectsInListProperty = GetBlockedObjectsInListProperty(targetObject, blockedObjects, model, processor);
            }
            foreach (SecurityObjectBuilder modyficationsObject in modifiedObjects)
            {
                modyficationsObject.ModifyObjectsInListProperty = GetModifyObjectsInListProperty(modyficationsObject, modifiedObjects, model, processor);
            }

            return(modifiedObjects);
        }
        private IList <BlockedObjectInfo> CheckModificationObjects(IEnumerable <ModifiedObjectMetadata> modifyObjectsMetada)
        {
            List <BlockedObjectInfo> blockedList = new List <BlockedObjectInfo>();

            foreach (ModifiedObjectMetadata modifyObjectMetada in modifyObjectsMetada)
            {
                SecurityObjectBuilder securityObjectMetaData = securityObjectRepository.GetObjectMetaData(modifyObjectMetada.Object);
                Type targetType = securityObjectMetaData.RealObject.GetType();

                foreach (string memberName in modifyObjectMetada.Properties.Keys)
                {
                    blockedList.AddRange(CheckModificationObjects(securityObjectMetaData, targetType, memberName));
                }
                foreach (string memberName in modifyObjectMetada.NavigationProperties)
                {
                    blockedList.AddRange(CheckModificationObjects(securityObjectMetaData, targetType, memberName));
                }
            }

            return(blockedList);
        }
        private IEnumerable <BlockedObjectInfo> CheckModifiedNavigations(IEnumerable <ModifiedObjectMetadata> modifyObjectMetadaForAddedObjects)
        {
            List <BlockedObjectInfo> blockedList = new List <BlockedObjectInfo>();

            foreach (ModifiedObjectMetadata modifyObjectMetada in modifyObjectMetadaForAddedObjects)
            {
                SecurityObjectBuilder securityObjectMetaData = GetOrCreateBuilder(modifyObjectMetada);
                Type targetType = securityObjectMetaData.RealObject.GetType();
                foreach (var navigationProperty in modifyObjectMetada.NavigationProperties)
                {
                    bool isGranted = securityDbContext.Security.IsGranted(targetType, SecurityOperation.Write, securityObjectMetaData.RealObject, navigationProperty);
                    if (!isGranted)
                    {
                        blockedList.Add(new BlockedObjectInfo {
                            operationType = BlockedObjectInfo.OperationType.Write,
                            objectType    = targetType,
                            memberName    = navigationProperty
                        });
                    }
                }
            }
            return(blockedList);
        }
예제 #11
0
        private IEnumerable <object> CreateSecurityObjects(IEnumerable <object> processingEntity, IEnumerable <object> denyObjects, IEnumerable <SecurityObjectBuilder> modyficationsObjects)
        {
            List <object> securityObjects = new List <object>();

            foreach (object targetObject in processingEntity)
            {
                SecurityObjectBuilder modifyObjectMetaInfo = modyficationsObjects.First(p => p.RealObject == targetObject);
                if (modifyObjectMetaInfo != null)
                {
                    object securityObject;
                    if (modifyObjectMetaInfo.SecurityObject == null)
                    {
                        securityObject = modifyObjectMetaInfo.CreateSecurityObject(securityDbContext.Model, securityObjectRepository);
                    }
                    else
                    {
                        securityObject = modifyObjectMetaInfo.SecurityObject;
                    }
                    securityObjects.Add(securityObject);
                }
            }
            return(securityObjects);
        }
 public bool RemoveBuilder(SecurityObjectBuilder builder)
 {
     return(resource.Remove(builder));
 }
        public object CreateRealObject(IModel model, ISecurityObjectRepository securityObjectRepository)
        {
            Type targetType = SecurityObject.GetType();

            RealObject = Activator.CreateInstance(SecurityObject.GetType());
            IEntityType entityType = model.FindEntityType(targetType);
            IEnumerable <PropertyInfo> properiesInfo = targetType.GetRuntimeProperties();
            IEnumerable <INavigation>  navigations   = entityType.GetNavigations();

            IReadOnlyList <IProperty> primaryKeyProperties = entityType.FindPrimaryKey().Properties;

            foreach (PropertyInfo propertyInfo in properiesInfo)
            {
                object defaultValue = propertyInfo.GetValue(RealObject);
                defaultValueDictionary[propertyInfo.Name] = defaultValue;
                if (navigations.Any(p => p.Name == propertyInfo.Name))
                {
                    INavigation navigation = navigations.First(p => p.Name == propertyInfo.Name);
                    if (navigation.IsCollection())
                    {
                        IClrCollectionAccessor collectionAccessor              = navigation.GetCollectionAccessor();
                        IEnumerable            realObjectListPropertyValue     = (IEnumerable)propertyInfo.GetValue(RealObject);
                        IEnumerable            securityObjectListPropertyValue = (IEnumerable)propertyInfo.GetValue(SecurityObject);
                        if (securityObjectListPropertyValue != null && realObjectListPropertyValue != null)
                        {
                            foreach (object objectInListProperty in securityObjectListPropertyValue)
                            {
                                SecurityObjectBuilder metadata = securityObjectRepository.GetObjectMetaData(objectInListProperty);
                                if (metadata == null)
                                {
                                    metadata = new SecurityObjectBuilder();
                                    securityObjectRepository.RegisterBuilder(metadata);
                                    metadata.SecurityObject = objectInListProperty;
                                    metadata.CreateRealObject(model, securityObjectRepository);
                                }
                                collectionAccessor.Add(RealObject, metadata.RealObject);
                            }
                        }
                    }
                    else
                    {
                        object realValue = propertyInfo.GetValue(SecurityObject);
                        if (!Equals(realValue, null))
                        {
                            SecurityObjectBuilder metadata = securityObjectRepository.GetObjectMetaData(realValue);
                            if (metadata == null)
                            {
                                metadata = new SecurityObjectBuilder();
                                securityObjectRepository.RegisterBuilder(metadata);
                                metadata.SecurityObject = realValue;

                                metadata.CreateRealObject(model, securityObjectRepository);
                            }
                            if (propertyInfo.SetMethod != null)
                            {
                                propertyInfo.SetValue(RealObject, metadata.RealObject);
                            }
                        }
                    }
                }
                else
                {
                    bool isGeneratedPrimaryKey = false;
                    foreach (IProperty primaryKeyProperty in primaryKeyProperties)
                    {
                        if ((propertyInfo.Name == primaryKeyProperty.Name) && primaryKeyProperty.RequiresValueGenerator)
                        {
                            isGeneratedPrimaryKey = true;
                        }
                    }
                    if (propertyInfo.SetMethod != null && !isGeneratedPrimaryKey)
                    {
                        object securityValue = propertyInfo.GetValue(SecurityObject);
                        propertyInfo.SetValue(RealObject, securityValue);
                    }
                }
            }
            return(RealObject);
        }
        public object CreateSecurityObject(IModel model, ISecurityObjectRepository securityObjectRepository)
        {
            Type targetType = RealObject.GetType();

            SecurityObject = Activator.CreateInstance(RealObject.GetType());
            IEntityType entityType = model.FindEntityType(targetType);
            IEnumerable <PropertyInfo> propertiesInfo = targetType.GetRuntimeProperties();
            IEnumerable <INavigation>  navigations    = entityType.GetNavigations();

            foreach (PropertyInfo propertyInfo in propertiesInfo)
            {
                object defaultValue = propertyInfo.GetValue(SecurityObject);
                defaultValueDictionary[propertyInfo.Name] = defaultValue;
                if (this.IsPropertyBlocked(propertyInfo.Name))
                {
                    if (navigations.Any(p => p.Name == propertyInfo.Name))
                    {
                        INavigation navigation = navigations.First(p => p.Name == propertyInfo.Name);
                        if (navigation.IsCollection())
                        {
                            if (propertyInfo.SetMethod != null)
                            {
                                propertyInfo.SetValue(SecurityObject, null);
                            }
                        }
                    }
                    continue;
                }
                if (navigations.Any(p => p.Name == propertyInfo.Name))
                {
                    INavigation navigation = navigations.First(p => p.Name == propertyInfo.Name);
                    if (navigation.IsCollection())
                    {
                        IClrCollectionAccessor collectionAccessor         = navigation.GetCollectionAccessor();
                        IEnumerable            objectRealListProperty     = (IEnumerable)propertyInfo.GetValue(RealObject);
                        IEnumerable            objectSecurityListProperty = (IEnumerable)propertyInfo.GetValue(SecurityObject);
                        List <object>          denyObject;
                        BlockedObjectsInListProperty.TryGetValue(propertyInfo.Name, out denyObject);
                        if (objectRealListProperty != null)
                        {
                            foreach (object objInList in objectRealListProperty)
                            {
                                if (denyObject != null && denyObject.Contains(objInList))
                                {
                                    continue;
                                }
                                object objectToAdd;
                                SecurityObjectBuilder metadata = securityObjectRepository.GetObjectMetaData(objInList);
                                if (metadata != null)
                                {
                                    if (metadata.SecurityObject != null)
                                    {
                                        objectToAdd = metadata.SecurityObject;
                                    }
                                    else
                                    {
                                        objectToAdd = metadata.CreateSecurityObject(model, securityObjectRepository);
                                    }
                                }
                                else
                                {
                                    throw new Exception();
                                }
                                collectionAccessor.Add(SecurityObject, objectToAdd);
                            }
                        }
                    }
                    else
                    {
                        object realValue = propertyInfo.GetValue(RealObject);
                        SecurityObjectBuilder metadata = securityObjectRepository.GetObjectMetaData(realValue);
                        if (metadata != null && realValue != null)
                        {
                            if (metadata.SecurityObject == null)
                            {
                                metadata.SecurityObject = metadata.CreateSecurityObject(model, securityObjectRepository);
                            }
                            if (propertyInfo.SetMethod != null)
                            {
                                propertyInfo.SetValue(SecurityObject, metadata.SecurityObject);
                            }
                        }
                        else
                        {
                            if (propertyInfo.SetMethod != null)
                            {
                                propertyInfo.SetValue(SecurityObject, realValue);
                            }
                        }
                    }
                }
                else
                {
                    if (propertyInfo.SetMethod != null)
                    {
                        object realValue = propertyInfo.GetValue(RealObject);
                        propertyInfo.SetValue(SecurityObject, realValue);
                    }
                }
            }
            foreach (PropertyInfo propertyInfo in propertiesInfo)
            {
                object originalValue = propertyInfo.GetValue(SecurityObject);
                originalValueSecurityObjectDictionary.Add(propertyInfo.Name, originalValue);
            }

            if (SecurityObject is ISecurityEntity)
            {
                ISecurityEntity securityEntity = (ISecurityEntity)SecurityObject;

                List <string> blockedMembers = new List <string>();
                blockedMembers.AddRange(BlockedProperties);
                blockedMembers.AddRange(BlockedNavigationProperties);

                securityEntity.BlockedMembers = blockedMembers;
            }

            return(SecurityObject);
        }