public Task <int> UpdatePrivilege(IPrivilege entity)
{
var p = Map(entity);
p.RemoveUpdateColumn("AppCode");
return(base.UpdateAsync(p));
}
public async Task <int> SavePrivilege(IPrivilege entity, int type)
{
using (var scope = this._repo.BeginConnectionScope())
{
if (type == 1) // 新增
{
if (!entity.PrivilegeCode.StartsWith(entity.AppCode))
{
entity.PrivilegeCode = entity.AppCode + "_" + entity.PrivilegeCode;
}
// 校验
bool result = await this._repo.CheckCode(entity.PrivilegeCode);
if (!result)
{
return(-1);
}
await this._repo.AddPrivilege(entity);
return(1);
}
else
{
return(await this._repo.UpdatePrivilege(entity));
}
}
}
internal StateResult AppendPrivilege(IPrivilege privilege)
{
object locklist = new object();
lock (locklist)
this.m_privilege.Add(privilege);
return(StateResult.Success);
}
private static Privilege Map(IPrivilege source)
{
Privilege p = new Privilege
{
PrivilegeCode = source.PrivilegeCode,
PrivilegeName = source.PrivilegeName,
PrivilegeType = source.PrivilegeType,
AppCode = source.AppCode,
ParentCode = source.ParentCode,
Mark = source.Mark,
LastModifyTime = source.LastModifyTime,
LastModifyUserId = source.LastModifyUserId,
LastModifyUserName = source.LastModifyUserName,
Remark = source.Remark,
Resource = source.Resource,
Sequence = source.Sequence
};
return(p);
}
public StateResult RemovePrivilegeFromRole(IPrivilege privilege, IRole role)
{
throw new NotImplementedException();
}
public StateResult AppendPrivilegeToRole(IPrivilege privilege, string role)
{
return(this.AppendPrivilegeToRole(privilege.Name, role));
}
protected IPrivilegeResult CreateResult <V>(IList <V> objRefs, ISecurityScope[] securityScopes, List <IObjRef> missingObjRefs,
IAuthorization authorization, IMap <PrivilegeKey, IPrivilege> privilegeResultOfNewEntities) where V : IObjRef
{
PrivilegeKey privilegeKey = null;
IPrivilege[] result = new IPrivilege[objRefs.Count];
String userSID = authorization.SID;
for (int index = objRefs.Count; index-- > 0;)
{
IObjRef objRef = objRefs[index];
if (objRef == null)
{
continue;
}
if (privilegeKey == null)
{
privilegeKey = new PrivilegeKey();
}
bool useCache = true;
privilegeKey.EntityType = objRef.RealType;
privilegeKey.IdIndex = objRef.IdNameIndex;
privilegeKey.Id = objRef.Id;
privilegeKey.userSID = userSID;
if (privilegeKey.Id == null)
{
useCache = false;
// use the ObjRef instance as the id
privilegeKey.Id = objRef;
}
IPrivilege mergedPrivilegeItem = null;
for (int a = securityScopes.Length; a-- > 0;)
{
privilegeKey.SecurityScope = securityScopes[a].Name;
IPrivilege existingPrivilegeItem = useCache ? privilegeCache.Get(privilegeKey)
: privilegeResultOfNewEntities != null?privilegeResultOfNewEntities.Get(privilegeKey) : null;
if (existingPrivilegeItem == null)
{
mergedPrivilegeItem = null;
break;
}
if (mergedPrivilegeItem == null)
{
// Take first existing privilege as a start
mergedPrivilegeItem = existingPrivilegeItem;
}
else
{
// Merge all other existing privileges by boolean OR
throw new NotSupportedException("Not yet implemented");
}
}
if (mergedPrivilegeItem == null)
{
if (missingObjRefs != null)
{
missingObjRefs.Add(objRef);
continue;
}
mergedPrivilegeItem = DenyAllPrivilege.INSTANCE;
}
result[index] = mergedPrivilegeItem;
}
return(new PrivilegeResult(authorization.SID, result));
}
public IPrivilegeResult GetPrivilegesByObjRef <V>(IList <V> objRefs, params ISecurityScope[] securityScopes) where V : IObjRef
{
ISecurityContext context = SecurityContextHolder.Context;
IAuthorization authorization = context != null ? context.Authorization : null;
if (authorization == null)
{
throw new SecurityException("User must be authenticated to be able to check for privileges");
}
if (securityScopes.Length == 0)
{
throw new ArgumentException("No " + typeof(ISecurityScope).Name + " provided to check privileges against");
}
List <IObjRef> missingObjRefs = new List <IObjRef>();
lock (writeLock)
{
IPrivilegeResult result = CreateResult(objRefs, securityScopes, missingObjRefs, authorization, null);
if (missingObjRefs.Count == 0)
{
return(result);
}
}
if (PrivilegeService == null)
{
throw new SecurityException("No bean of type " + typeof(IPrivilegeService).FullName
+ " could be injected. Privilege functionality is deactivated. The current operation is not supported");
}
String userSID = authorization.SID;
IList <IPrivilegeOfService> privilegeResults = PrivilegeService.GetPrivileges(missingObjRefs.ToArray(), securityScopes);
lock (writeLock)
{
HashMap <PrivilegeKey, IPrivilege> privilegeResultOfNewEntities = null;
for (int a = 0, size = privilegeResults.Count; a < size; a++)
{
IPrivilegeOfService privilegeResult = privilegeResults[a];
IObjRef reference = privilegeResult.Reference;
PrivilegeKey privilegeKey = new PrivilegeKey(reference.RealType, reference.IdNameIndex, reference.Id, userSID);
bool useCache = true;
if (privilegeKey.Id == null)
{
useCache = false;
privilegeKey.Id = reference;
}
privilegeKey.SecurityScope = InterningFeature.Intern(privilegeResult.SecurityScope.Name);
IPrivilege privilege = CreatePrivilegeFromServiceResult(reference, privilegeResult);
if (useCache)
{
privilegeCache.Put(privilegeKey, privilege);
}
else
{
if (privilegeResultOfNewEntities == null)
{
privilegeResultOfNewEntities = new HashMap <PrivilegeKey, IPrivilege>();
}
privilegeResultOfNewEntities.Put(privilegeKey, privilege);
}
}
return(CreateResult(objRefs, securityScopes, null, authorization, privilegeResultOfNewEntities));
}
}
public Task <long> AddPrivilege(IPrivilege entity)
{
var p = Map(entity);
return(base.InsertAsync(p));
}
public CacheValueAndPrivilege(RootCacheValue cacheValue, IPrivilege privilege)
{
this.cacheValue = cacheValue;
this.privilege = privilege;
}
public static IPropertyPrivilege CreateFrom(IPrivilege privilegeAsTemplate)
{
return(Create(privilegeAsTemplate.CreateAllowed, privilegeAsTemplate.ReadAllowed, privilegeAsTemplate.UpdateAllowed,
privilegeAsTemplate.DeleteAllowed));
}