private void AddEntityPermission(Authority authority, ActivityGrant grant, EntityGroupPermission entPerm) { // Entity group permission. Go through each entity in groups var filter = grant.Filter; foreach (var entGroupRes in entPerm.GroupResources) { foreach (var entRes in entGroupRes.Entities) { var entType = entRes.EntityType; var newRecPerms = new UserRecordPermission(entPerm.AccessType, entRes.MemberMask); //Find/create entity permission set for the entity type UserEntityPermissionSet permSet = authority.GetEntityPermissionSet(entType, create: true); var log = " Source permission " + entPerm.Name + ":"; // Go through each permission and try to merge var compatiblePerm = permSet.ConditionalPermissions.FirstOrDefault(p => p.CanMerge(grant)); if (compatiblePerm == null) { //create new cumulative permission var permId = "P" + permSet.ConditionalPermissions.Count; //artificial Id var newPerm = new CumulativeRecordPermission(permId, entType, newRecPerms, grant); permSet.ConditionalPermissions.Add(newPerm); log += " - added as " + permId; } else { //merge compatiblePerm.RecordPermission.Merge(newRecPerms); compatiblePerm.SourceGrants.Add(grant); //add grant log += " - merged into " + compatiblePerm.Id; } permSet.LogBuilder.AppendLine(log); } //foreach entRes } //foreach entGroupRes }
public CumulativeRecordPermission(string id, Type entityType, UserRecordPermission initialPermissions, ActivityGrant grant) { Id = id; EntityType = entityType; RecordPermission = initialPermissions; SourceGrants.Add(grant); if(grant.Filter != null) { FilterPredicate = grant.Filter.EntityFilter.GetPredicate(entityType); QueryPredicate = grant.Filter.QueryFilter.GetPredicate(entityType); } HasFilter = (FilterPredicate != null); }
public bool CanMerge(ActivityGrant fromGrant) { if(this.SourceGrants.Contains(fromGrant)) return true; //Grant is already there var otherFilter = fromGrant.Filter; FilterPredicate otherEntPred = (otherFilter == null) ? null : fromGrant.Filter.EntityFilter.GetPredicate(this.EntityType); FilterPredicate otherLinqPred = (otherFilter == null) ? null : fromGrant.Filter.QueryFilter.GetPredicate(this.EntityType); if(this.FilterPredicate != otherEntPred || this.QueryPredicate != otherLinqPred) return false; // if filters do not match, then false //Check dynamic grant compatibility. Only dynamic grants matter if(fromGrant is DynamicActivityGrant) { return this.DynamicGrants.Contains(fromGrant); // true if dynamic grant is already in permission's grant list } return true; }
public bool CanMerge(ActivityGrant fromGrant) { if (this.SourceGrants.Contains(fromGrant)) { return(true); //Grant is already there } var otherFilter = fromGrant.Filter; FilterPredicate otherEntPred = (otherFilter == null) ? null : fromGrant.Filter.EntityFilter.GetPredicate(this.EntityType); FilterPredicate otherLinqPred = (otherFilter == null) ? null : fromGrant.Filter.QueryFilter.GetPredicate(this.EntityType); if (this.FilterPredicate != otherEntPred || this.QueryPredicate != otherLinqPred) { return(false); // if filters do not match, then false } //Check dynamic grant compatibility. Only dynamic grants matter if (fromGrant is DynamicActivityGrant) { return(this.DynamicGrants.Contains(fromGrant)); // true if dynamic grant is already in permission's grant list } return(true); }
public CumulativeRecordPermission(string id, Type entityType, UserRecordPermission initialPermissions, ActivityGrant grant) { Id = id; EntityType = entityType; RecordPermission = initialPermissions; SourceGrants.Add(grant); if (grant.Filter != null) { FilterPredicate = grant.Filter.EntityFilter.GetPredicate(entityType); QueryPredicate = grant.Filter.QueryFilter.GetPredicate(entityType); } HasFilter = (FilterPredicate != null); }
public GrantedPermission(Permission permission, ActivityGrant grant) { Permission = permission; Grant = grant; }
private void AddEntityPermission(Authority authority, ActivityGrant grant, EntityGroupPermission entPerm) { // Entity group permission. Go through each entity in groups var filter = grant.Filter; foreach(var entGroupRes in entPerm.GroupResources) { foreach(var entRes in entGroupRes.Entities) { var entType = entRes.EntityType; var newRecPerms = new UserRecordPermission(entPerm.AccessType, entRes.MemberMask); //Find/create entity permission set for the entity type UserEntityPermissionSet permSet = authority.GetEntityPermissionSet(entType, create: true); var log = " Source permission " + entPerm.Name + ":"; // Go through each permission and try to merge var compatiblePerm = permSet.ConditionalPermissions.FirstOrDefault(p => p.CanMerge(grant)); if(compatiblePerm == null) { //create new cumulative permission var permId = "P" + permSet.ConditionalPermissions.Count; //artificial Id var newPerm = new CumulativeRecordPermission(permId, entType, newRecPerms, grant); permSet.ConditionalPermissions.Add(newPerm); log += " - added as " + permId; } else { //merge compatiblePerm.RecordPermission.Merge(newRecPerms); compatiblePerm.SourceGrants.Add(grant); //add grant log += " - merged into " + compatiblePerm.Id; } permSet.LogBuilder.AppendLine(log); } //foreach entRes }//foreach entGroupRes }