public static void Demand(this Func <SecurityPrivilege, bool> can, SecurityPrivilege p)
{
if (!can(p))
{
throw new UnauthorizedAccessException();
}
}
public static bool AppliesTo <TDomain>(this ISecurityService <TDomain> conf, SecurityPrivilege priv, SecurityTarget target)
{
//Contract.Requires( conf != null );
//Contract.Requires( priv != null );
//Contract.Requires( target != null );
return(conf
.KindsFor(target)
.SelectMany(k => k.ApplicablePrivilegeSets)
.Any(priv.BelongsTo));
}
public static IQueryable <StaticQueryTuple <TObject1, TObject2> > AllGrantedPairs <TDomain, TObject1, TObject2>(
this ISecurityService <TDomain> service, IQueryable <TObject1> source1, IQueryable <TObject2> source2,
ISecuritySubject subject, SecurityPrivilege privilege)
where TObject1 : class, ISecurityObject
where TObject2 : class, ISecurityObject
{
return
(from t in service.AllGrantedTargets(subject, privilege, 2)
join o1 in source1 on t.X0 equals o1.ID
join o2 in source2 on t.X1 equals o2.ID
select new StaticQueryTuple <TObject1, TObject2> {
Object1 = o1, Object2 = o2
});
}
/// <summary>
/// Determins if a subject has rights to a target.
/// </summary>
/// <typeparam name="TDomain"></typeparam>
/// <param name="service"></param>
/// <param name="target"></param>
/// <param name="subject"></param>
/// <param name="privilege">Rights of subject to specified target to determine</param>
/// <returns></returns>
public static bool HasPrivilege <TDomain>(
this ISecurityService <TDomain> service, SecurityTarget target, ISecuritySubject subject, SecurityPrivilege privilege)
{
return(service.Can(target, subject)(privilege));
}
public static bool HasPrivilege <TDomain>(
this ISecurityService <TDomain> service, ISecurityObject obj, ISecuritySubject subject, SecurityPrivilege privilege)
{
return(service.HasPrivilege(Sec.Target(obj), subject, privilege));
}
public static IQueryable <TObject> AllGrantedObjects <TDomain, TObject>(
this ISecurityService <TDomain> service, IQueryable <TObject> source, ISecuritySubject subject, SecurityPrivilege privilege)
where TObject : class, ISecurityObject
{
return(from t in service.AllGrantedTargets(subject, privilege, 1)
join o in source on t.X0 equals o.ID
select o);
}
public static IQueryable <BigTuple <Guid> > AllGrantedTargets <TDomain>(
this ISecurityService <TDomain> service, ISecuritySubject subject, SecurityPrivilege privilege, SecurityTargetKind kind)
{
return(service.AllGrantedTargets(subject, privilege, kind.ObjectKindsInOrder.Count()));
}
public static IQueryable <BigTuple <Guid> > AllGrantedTargets <TDomain>(
this ISecurityService <TDomain> service, ISecuritySubject subject, SecurityPrivilege privilege, int arity)
{
return(service.AllGrantedTargets(subject, pid => pid == privilege.SID, arity));
}
public static bool AppliesTo(this SecurityPrivilege priv, SecurityTargetKind targetKind)
{
//Contract.Requires( priv != null );
return(targetKind == null ? false :
targetKind.ApplicablePrivilegeSets.Any(priv.BelongsTo));
}