protected virtual AccessResult GetPermission(DbItemAccess access, AccessRight accessRight)
    {
      if (accessRight == AccessRight.ItemRead)
      {
        return this.GetAccessResult(access, i => i.CanRead);
      }

      if (accessRight == AccessRight.ItemWrite)
      {
        return this.GetAccessResult(access, i => i.CanWrite);
      }

      if (accessRight == AccessRight.ItemRename)
      {
        return this.GetAccessResult(access, i => i.CanRename);
      }

      if (accessRight == AccessRight.ItemCreate)
      {
        return this.GetAccessResult(access, i => i.CanCreate);
      }

      if (accessRight == AccessRight.ItemDelete)
      {
        return this.GetAccessResult(access, i => i.CanDelete);
      }

      if (accessRight == AccessRight.ItemAdmin)
      {
        return this.GetAccessResult(access, i => i.CanAdmin);
      }

      return this.GetDefaultAccessResult();
    }
예제 #2
0
    protected virtual void FillAccessRules(AccessRuleCollection rules, DbItemAccess itemAccess, AccessRight accessRight, Func<DbItemAccess, bool?> canAct)
    {
      var canActRest = canAct(itemAccess);
      if (canActRest == null)
      {
        return;
      }

      var permission = (bool)canActRest ? SecurityPermission.AllowAccess : SecurityPermission.DenyAccess;
      rules.Add(AccessRule.Create(Context.User, accessRight, PropagationType.Entity, permission));
    }
예제 #3
0
    public void ShouldNotSetAccessRightsByDefault()
    {
      // arrange
      var itemAccess = new DbItemAccess();

      // act & assert
      itemAccess.CanRead.Should().Be(null);
      itemAccess.CanWrite.Should().Be(null);
      itemAccess.CanRename.Should().Be(null);
      itemAccess.CanCreate.Should().Be(null);
      itemAccess.CanDelete.Should().Be(null);
      itemAccess.CanAdmin.Should().Be(null);
    }
예제 #4
0
    public void ShouldSetAllAccessRightsToTrueByDefault()
    {
      // arrange
      var itemAccess = new DbItemAccess();

      // act & assert
      itemAccess.CanRead.Should().BeTrue();
      itemAccess.CanWrite.Should().BeTrue();
      itemAccess.CanRename.Should().BeTrue();
      itemAccess.CanCreate.Should().BeTrue();
      itemAccess.CanDelete.Should().BeTrue();
      itemAccess.CanAdmin.Should().BeTrue();
    }
    protected virtual AccessResult GetAccessResult(DbItemAccess access, Func<DbItemAccess, bool> func)
    {
      var permission = func(access) ? AccessPermission.Allow : AccessPermission.Deny;

      return new AccessResult(permission, new AccessExplanation(permission.ToString()));
    }