EnforceExAsync(params object[] requestValues) { var explains = new List <IEnumerable <string> >(); if (_enabled is false) { return(true, explains); } if (_enableCache is false) { return(await InternalEnforceAsync(requestValues, explains), explains); } if (requestValues.Any(requestValue => requestValue is not string)) { return(await InternalEnforceAsync(requestValues, explains), explains); } string key = string.Join("$$", requestValues); EnforceCache ??= new ReaderWriterEnforceCache(new ReaderWriterEnforceCacheOptions()); if (EnforceCache.TryGetResult(requestValues, key, out bool cachedResult)) { Logger?.LogEnforceCachedResult(requestValues, cachedResult); return(cachedResult, explains); } bool result = await InternalEnforceAsync(requestValues, explains); EnforceCache ??= new ReaderWriterEnforceCache(new ReaderWriterEnforceCacheOptions()); await EnforceCache.TrySetResultAsync(requestValues, key, result); return(result, explains); }
/// <summary> /// Decides whether a "subject" can access a "object" with the operation /// "action", input parameters are usually: (sub, obj, act). /// </summary> /// <param name="requestValues">The request needs to be mediated, usually an array of strings, /// can be class instances if ABAC is used.</param> /// <returns>Whether to allow the request.</returns> public bool Enforce(params object[] requestValues) { if (_enabled is false) { return(true); } if (_enableCache is false) { return(InternalEnforce(requestValues)); } if (requestValues.Any(requestValue => requestValue is not string)) { return(InternalEnforce(requestValues)); } string key = string.Join("$$", requestValues); EnforceCache ??= new ReaderWriterEnforceCache(new ReaderWriterEnforceCacheOptions()); if (EnforceCache.TryGetResult(requestValues, key, out bool cachedResult)) { #if !NET45 Logger?.LogEnforceCachedResult(requestValues, cachedResult); #endif return(cachedResult); } bool result = InternalEnforce(requestValues); EnforceCache ??= new ReaderWriterEnforceCache(new ReaderWriterEnforceCacheOptions()); EnforceCache.TrySetResult(requestValues, key, result); return(result); }
/// <summary> /// Sets the current model. /// </summary> /// <param name="model"></param> public void SetModel(Model.Model model) { this.model = model; ExpressionHandler = new ExpressionHandler(model); if (autoCleanEnforceCache) { EnforceCache?.Clear(); #if !NET45 Logger?.LogInformation("Enforcer Cache, Cleared all enforce cache."); #endif } }
/// <summary> /// Clears all policy. /// </summary> public void ClearPolicy() { model.ClearPolicy(); if (autoCleanEnforceCache) { EnforceCache?.Clear(); #if !NET45 Logger?.LogInformation("Enforcer Cache, Cleared all enforce cache."); #endif } #if !NET45 Logger?.LogInformation("Policy Management, Cleared all policy."); #endif }
private void NotifyPolicyChanged() { if (autoCleanEnforceCache) { EnforceCache?.Clear(); #if !NET45 Logger?.LogInformation("Enforcer Cache, Cleared all enforce cache."); #endif } if (autoNotifyWatcher) { watcher?.Update(); } }
/// <summary> /// Decides whether a "subject" can access a "object" with the operation /// "action", input parameters are usually: (sub, obj, act). /// </summary> /// <param name="requestValues">The request needs to be mediated, usually an array of strings, /// can be class instances if ABAC is used.</param> /// <returns>Whether to allow the request.</returns> public async Task <bool> EnforceWithMatcherAsync(string matcher, params object[] requestValues) { if (_enabled is false) { return(true); } if (string.IsNullOrEmpty(matcher)) { throw new ArgumentException($"'{nameof(matcher)}' cannot be null or empty.", nameof(matcher)); } if (requestValues is null) { throw new ArgumentNullException(nameof(requestValues)); } if (_enableCache is false) { return(await InternalEnforceAsync(requestValues, matcher)); } if (requestValues.Any(requestValue => requestValue is not string)) { return(await InternalEnforceAsync(requestValues, matcher)); } string key = string.Join("$$", requestValues); EnforceCache ??= new ReaderWriterEnforceCache(new ReaderWriterEnforceCacheOptions()); bool?tryGetCachedResult = await EnforceCache.TryGetResultAsync(requestValues, key); if (tryGetCachedResult.HasValue) { bool cachedResult = tryGetCachedResult.Value; #if !NET45 Logger?.LogEnforceCachedResult(requestValues, cachedResult); #endif return(cachedResult); } bool result = await InternalEnforceAsync(requestValues, matcher); EnforceCache ??= new ReaderWriterEnforceCache(new ReaderWriterEnforceCacheOptions()); await EnforceCache.TrySetResultAsync(requestValues, key, result); return(result); }
private async Task NotifyPolicyChangedAsync() { if (autoCleanEnforceCache && EnforceCache is not null) { await EnforceCache.ClearAsync(); #if !NET45 Logger?.LogInformation("Enforcer Cache, Cleared all enforce cache."); #endif } if (autoNotifyWatcher && watcher is not null) { await watcher.UpdateAsync(); } }
/// <summary> /// Decides whether a "subject" can access a "object" with the operation /// "action", input parameters are usually: (sub, obj, act). /// </summary> /// <param name="requestValues">The request needs to be mediated, usually an array of strings, /// can be class instances if ABAC is used.</param> /// <returns>Whether to allow the request.</returns> public async Task <bool> EnforceAsync(params object[] requestValues) { if (_enabled is false) { return(true); } if (_enableCache is false) { return(await InternalEnforceAsync(requestValues)); } if (requestValues.Any(requestValue => requestValue is not string)) { return(await InternalEnforceAsync(requestValues)); } string key = string.Join("$$", requestValues); EnforceCache ??= new ReaderWriterEnforceCache(new ReaderWriterEnforceCacheOptions()); bool?tryGetCachedResult = await EnforceCache.TryGetResultAsync(requestValues, key); if (tryGetCachedResult.HasValue) { bool cachedResult = tryGetCachedResult.Value; #if !NET45 Logger?.LogEnforceCachedResult(requestValues, cachedResult); #endif return(cachedResult); } bool result = await InternalEnforceAsync(requestValues); EnforceCache ??= new ReaderWriterEnforceCache(new ReaderWriterEnforceCacheOptions()); await EnforceCache.TrySetResultAsync(requestValues, key, result); return(result); }