public void ApplyPermissionUpdate() { var tables = Columns.GroupBy(c => c.Table.Name).Select(grp => grp.ToList()).ToList(); foreach (var allColumnnsInATable in tables) { if (allColumnnsInATable.Count > 0) { RbacTable rbacTable = TablesReferred.Find(allColumnnsInATable[0].Table.Name); if (rbacTable == null) { throw new Exception("Could not find table name in referred tables!"); } if (rbacTable.AllowedOperations.HasFlag(RbacDBOperations.Update)) { foreach (RbacSelectColumn column in allColumnnsInATable) { RbacColumn rbacColumn = rbacTable.FindColumn(column.Name); if (!rbacColumn.AllowedOperations.HasFlag(RbacDBOperations.Update)) { RbacException.Raise(string.Format("User '{0}' has permission to update table '{1}', however has no permission to update column '{2}'!", Context.User.UserName, rbacTable.Name, rbacColumn.Name), RbacExceptionCategories.Parser); } } } else { RbacException.Raise(string.Format("User '{0}' does not have permission to update table '{1}'!", Context.User.UserName, rbacTable.Name), RbacExceptionCategories.Parser); } } } IsPermissionApplied = true; }
public void ApplyPermissionSelect() { var tables = Columns.GroupBy(c => c.Table.Name).Select(grp => grp.ToList()).ToList(); foreach (var allColumnnsInATable in tables) { if (allColumnnsInATable.Count > 0) { //RbacTable rbacTable = TablesReferred.Find(allColumnnsInATable[0].Table.Name); //if (rbacTable == null) // throw new Exception("Could not find table name in referred tables!"); if (allColumnnsInATable[0].Table.AllowedOperations.HasFlag(RbacDBOperations.Read)) { foreach (RbacSelectColumn column in allColumnnsInATable) { RbacColumn rbacColumn = allColumnnsInATable[0].Table.FindColumn(column.Name); if (rbacColumn == null) { RbacException.Raise( string.Format("Role '{0}' belongs to '{1}' is not in sync with database. The column '{2}' of table '{3}' was not found in the role meta data", this.Context.User.UserName, this.Context.User.Role.Name, column.Name, column.Table.Name)); } if (!rbacColumn.AllowedOperations.HasFlag(RbacDBOperations.Read)) { RemoveColumnFromSelect(column); } } } else { //user do not have access to this table RemoveColumnFromSelect(allColumnnsInATable); } } } IsPermissionApplied = true; }