public AccessControlService(
IAccessControlPolicyRepository accessControlPolicyRepository,
IConditionalExpressionService expressionService)
{
_accessControlPolicyRepository = accessControlPolicyRepository;
_expressionService = expressionService;
}
public AccessControlPolicyController(
IConditionalExpressionService conditionalExpressionService,
IAccessControlPolicyRepository accessControlPolicyRepository,
IAccessControlService accessControlService)
{
_conditionalExpressionService = conditionalExpressionService;
_accessControlPolicyRepository = accessControlPolicyRepository;
_accessControlService = accessControlService;
}
public PrivacyService(
IConditionalExpressionService expressionService,
IPrivacyDomainRepository privacyDomainRepository,
IPrivacyPolicyRepository privacyPolicyRepository)
{
_expressionService = expressionService;
_privacyDomainRepository = privacyDomainRepository;
_privacyPolicyRepository = privacyPolicyRepository;
}
public AccessControlPrivacyService(
IAccessControlPolicyRepository accessControlPolicyRepository,
IConditionalExpressionService expressionService,
IPrivacyDomainRepository privacyFunctionRepository,
IPrivacyPolicyRepository privacyPolicyRepository)
{
_accessControlPolicyRepository = accessControlPolicyRepository;
_expressionService = expressionService;
_privacyFunctionRepository = privacyFunctionRepository;
_privacyPolicyRepository = privacyPolicyRepository;
}
public static void Insert(string policyDb, IConditionalExpressionService expression)
{
var data = new List <AccessControlPolicy>();
IMongoClient _client = new MongoClient();
IMongoDatabase _database = _client.GetDatabase(policyDb);
var acPolicyCollection = _database.GetCollection <AccessControlPolicy>("AccessControlPolicy");
data.Add(new AccessControlPolicy
{
Action = "read",
CollectionName = "Department",
Description = "....",
IsAttributeResourceRequired = true,
PolicyId = "policy 1",
RuleCombining = "permit-overrides",
Target = expression.Parse(Targets[0]),
Rules = new AccessControlRule[] { new AccessControlRule {
Id = "rule 1", Effect = "Permit", Condition = expression.Parse(Rules[0])
} }
});
data.Add(new AccessControlPolicy
{
Action = "read",
CollectionName = "Department",
Description = "....",
IsAttributeResourceRequired = true,
PolicyId = "policy 1",
RuleCombining = "permit-overrides",
Target = expression.Parse(Targets[1]),
Rules = new AccessControlRule[] { new AccessControlRule {
Id = "rule 1", Effect = "Permit", Condition = expression.Parse(Rules[1])
} }
});
data.Add(new AccessControlPolicy
{
Action = "read",
CollectionName = "Department",
Description = "....",
IsAttributeResourceRequired = false,
PolicyId = "policy 1",
RuleCombining = "permit-overrides",
Target = expression.Parse(Targets[2]),
Rules = new AccessControlRule[] { new AccessControlRule {
Id = "rule 1", Effect = "Permit", Condition = expression.Parse(Rules[2])
} }
});
acPolicyCollection.InsertMany(data);
}
public PrivacyPolicyController(
ISecurityService securityService,
ISubjectRepository subjectRepository,
IResourceRepository resourceRepository,
IConditionalExpressionService conditionalExpressionService,
IPrivacyPolicyRepository privacyPolicyRepository,
IPrivacyService privacyService,
IPrivacyDomainRepository privacyDomainRepository)
{
_securityService = securityService;
_subjectRepository = subjectRepository;
_resourceRepository = resourceRepository;
_conditionalExpressionService = conditionalExpressionService;
_privacyPolicyRepository = privacyPolicyRepository;
_privacyService = privacyService;
_privacyDomainRepository = privacyDomainRepository;
}
public static void InsertPolicyForDemo(string userDb, IConditionalExpressionService expression)
{
var data = new List <User>();
IMongoClient _client = new MongoClient();
IMongoDatabase _database = _client.GetDatabase(userDb);
var userCollection = _database.GetCollection <User>("User");
data.Add(new User()
{
access_token = "0303ed2d-fb7d-4f34-8356-37d551cfe2ef",
active = true,
country = "USA",
univeristy = "Havard",
department = "OPERATIONS",
role = "doctor",
name = "Bob",
date_of_birth = "3/5/1992",
ssn = "509-70-2308",
address = "25, Dovetail, Place"
});
data.Add(new User()
{
access_token = "f229d5b-a6c5-4c72-a151-34e121690e19",
active = true,
country = "USA",
univeristy = "Oxford",
department = "OPERATIONS",
role = "intern",
name = "alice",
date_of_birth = "1/5/1991",
ssn = "515-56-7769",
address = "088, Straubel, Circle"
});
data.Add(new User()
{
access_token = "0303ed2d-fb7d-4f34-8356-37d551cfe2ef",
active = false,
country = "USA",
univeristy = "Havard",
department = "ACCOUNTING",
role = "doctor",
name = "john",
date_of_birth = "6/4/1951",
ssn = "475-31-1840",
address = "088, Straubel, Circle"
});
#region dummydata
data.Add(new User()
{
access_token = "372793ce-fa96-4f3e-9eba-efd2481763c4",
active = true,
country = "VN",
univeristy = "Oxford",
department = "OPERATIONS",
role = "intern",
name = "alex",
date_of_birth = "6/4/1951",
ssn = "475-31-1840",
address = "088, Straubel, Circle"
});
data.Add(new User()
{
access_token = "72d25ae9-5334-4f12-9fdf-2094a859215c",
active = true,
country = "Singapore",
univeristy = "Oxford",
department = "OPERATIONS",
role = "doctor",
name = "Nam",
date_of_birth = "6/4/1951",
ssn = "475-31-1840",
address = "088, Straubel, Circle"
});
data.Add(new User()
{
access_token = "28f7c733-20fb-469d-a12d-4d7ca93417ae",
active = true,
country = "USA",
univeristy = "Havard",
department = "OPERATIONS",
role = "doctor",
name = "john",
date_of_birth = "6/4/1951",
ssn = "475-31-1840",
address = "088, Straubel, Circle"
});
data.Add(new User()
{
access_token = "8d78d11f-5c64-4ac6-9788-3114984b0153",
active = true,
country = "England",
univeristy = "Havard",
department = "ACCOUNTING",
role = "intern",
name = "rey",
date_of_birth = "6/4/1951",
ssn = "475-31-1840",
address = "088, Straubel, Circle"
});
data.Add(new User()
{
access_token = "8d4391a4-a4a7-41d9-85e6-8d9f05408e2b",
active = true,
country = "Crotia",
univeristy = "Havard",
department = "ACCOUNTING",
role = "doctor",
name = "john",
date_of_birth = "6/4/1951",
ssn = "475-31-1840",
address = "088, Straubel, Circle"
});
data.Add(new User()
{
access_token = "b2a65bc2-a1f3-4958-8887-8cd6fe3a0bf7",
active = false,
country = "USA",
univeristy = "Havard",
department = "ACCOUNTING",
role = "doctor",
name = "john",
date_of_birth = "6/4/1951",
ssn = "475-31-1840",
address = "088, Straubel, Circle"
});
data.Add(new User()
{
access_token = "cd2d7f54-e4dd-4783-b8d8-e5effd855fe7",
active = false,
country = "USA",
univeristy = "Havard",
department = "ACCOUNTING",
role = "doctor",
name = "john",
date_of_birth = "6/4/1951",
ssn = "475-31-1840",
address = "088, Straubel, Circle"
});
#endregion
userCollection.InsertMany(data);
}
public static void InsertPolicyForDemo(string userDb, IConditionalExpressionService expression)
{
var data = new List <Department>();
IMongoClient _client = new MongoClient();
IMongoDatabase _database = _client.GetDatabase(userDb);
var userCollection = _database.GetCollection <Department>("Department");
data.Add(new Department()
{
dept_id = 10,
dept_no = "D10",
dept_name = "ACCOUNTING",
location = "NEW YORK",
leader = new Leader()
{
name = "John",
phone = "1221315456"
},
projects = new Project[2] {
new Project()
{
name = "ERP", language = "English"
},
new Project()
{
name = "ERP2", language = "Spanish"
}
},
date_created = "8/6/2010",
address = "958, Corscot, Lane"
});
data.Add(new Department()
{
dept_id = 15,
dept_no = "D15",
dept_name = "ACCOUNTING",
location = "Viet Nam",
leader = new Leader()
{
name = "Nguyen",
phone = "097826564985"
},
projects = new Project[2] {
new Project()
{
name = "MyCity", language = "English"
},
new Project()
{
name = "SAP", language = "Spanish"
}
},
date_created = "4/4/2002",
address = "9, Springview, Center"
});
data.Add(new Department()
{
dept_id = 40,
dept_no = "D40",
dept_name = "OPERATIONS",
location = "BOSTON",
leader = new Leader()
{
name = "Alice",
phone = "44441315456"
},
projects = new Project[2] {
new Project()
{
name = "CRM", language = "English"
},
new Project()
{
name = "CRM2", language = "Spanish"
}
},
date_created = "2/7/2010",
address = "9, Springview, Center"
});
data.Add(new Department()
{
dept_id = 20,
dept_no = "D20",
dept_name = "OPERATIONS",
location = "NEW YORK",
leader = new Leader()
{
name = "John",
phone = "1221315456"
},
projects = new Project[2] {
new Project()
{
name = "Banking", language = "English"
},
new Project()
{
name = "Banking2", language = "Spanish"
}
},
date_created = "1/1/2000",
address = "958, Corscot, Lane"
});
userCollection.InsertMany(data);
}
public static void InsertPrivacyDomainForDemo(string policyDb, IConditionalExpressionService expression)
{
var data = new List <PrivacyDomain>();
IMongoClient _client = new MongoClient();
IMongoDatabase _database = _client.GetDatabase(policyDb);
var privacyCollection = _database.GetCollection <PrivacyDomain>("PrivacyDomain");
data.Add(new PrivacyDomain()
{
DomainName = "DepartmentProjects",
Fields = new string[1] {
"Department.projects"
},
IsArrayFieldDomain = true,
Functions = new PriorityFunction[1] {
new PriorityFunction()
{
Name = "Policy3", Priority = 1
}
}
});
data.Add(new PrivacyDomain()
{
DomainName = "DefaultDomainPrivacy",
Fields = new string[0] {
},
IsArrayFieldDomain = false,
Functions = new PriorityFunction[2] {
new PriorityFunction()
{
Name = "Hide", Priority = 1
}, new PriorityFunction()
{
Name = "Show", Priority = 2
}
}
});
data.Add(new PrivacyDomain()
{
DomainName = "PhoneDomain",
Fields = new string[1] {
"Department.leader.phone"
},
IsArrayFieldDomain = false,
Functions = new PriorityFunction[2] {
new PriorityFunction()
{
Name = "FirstThreeDigits", Priority = 1
}, new PriorityFunction()
{
Name = "LastThreeDigits", Priority = 2
}
}
});
data.Add(new PrivacyDomain()
{
DomainName = "DateTimeDomain",
Fields = new string[1] {
"User.date_of_birth"
},
IsArrayFieldDomain = false,
Functions = new PriorityFunction[3] {
new PriorityFunction()
{
Name = "ShowDayAndMonth", Priority = 1
},
new PriorityFunction()
{
Name = "ShowMonthAndYear", Priority = 2
},
new PriorityFunction()
{
Name = "ShowYear", Priority = 3
}
}
});
data.Add(new PrivacyDomain()
{
DomainName = "SSNDomainPrivacy",
Fields = new string[1] {
"User.ssn"
},
IsArrayFieldDomain = false,
Functions = new PriorityFunction[3] {
new PriorityFunction()
{
Name = "AreaNumber", Priority = 1
},
new PriorityFunction()
{
Name = "GroupNumber", Priority = 2
},
new PriorityFunction()
{
Name = "SerialNumber", Priority = 3
}
}
});
data.Add(new PrivacyDomain()
{
DomainName = "AddressDomainPrivacy",
Fields = new string[2] {
"User.address", "Department.address"
},
IsArrayFieldDomain = false,
Functions = new PriorityFunction[3] {
new PriorityFunction()
{
Name = "ShowStreetNumber", Priority = 1
},
new PriorityFunction()
{
Name = "ShowStreetName", Priority = 2
},
new PriorityFunction()
{
Name = "ShowDistrictNumber", Priority = 3
}
}
});
privacyCollection.InsertMany(data);
}
public static void InsertFivePoliciesForTestingPerformance(string policyDb, IConditionalExpressionService expression)
{
string[] Targets = new string[]
{
"BooleanEqual ( Subject.active , 'true' )"
};
string[] Rules = new string[]
{
"IntegerGreaterThan ( Resource.number_developers , '15' ) AND IntegerGreaterThan ( Subject.age , '15' ) AND DateGreaterThan ( Resource.leader.info.date_of_birth , '1/1/1995' )"
};
var data = new List <AccessControlPolicy>();
IMongoClient _client = new MongoClient();
IMongoDatabase _database = _client.GetDatabase(policyDb);
var acPolicyCollection = _database.GetCollection <AccessControlPolicy>("AccessControlPolicy");
for (int i = 1; i <= 4; i++)
{
data.Add(new AccessControlPolicy
{
Action = "read",
CollectionName = "Department",
Description = "....",
IsAttributeResourceRequired = true,
PolicyId = "policy 1",
RuleCombining = "deny-overrides",
Target = expression.Parse(Targets[0]),
Rules = new AccessControlRule[] {
new AccessControlRule {
Id = "rule 1", Effect = "Deny", Condition = expression.Parse(Rules[0])
},
new AccessControlRule {
Id = "rule 2", Effect = "Deny", Condition = expression.Parse(Rules[0])
},
new AccessControlRule {
Id = "rule 3", Effect = "Deny", Condition = expression.Parse(Rules[0])
}
}
});
}
data.Add(new AccessControlPolicy
{
Action = "read",
CollectionName = "Department",
Description = "....",
IsAttributeResourceRequired = true,
PolicyId = "policy 1",
RuleCombining = "permit-overrides",
Target = expression.Parse(Targets[0]),
Rules = new AccessControlRule[] {
new AccessControlRule {
Id = "rule 1", Effect = "Permit", Condition = expression.Parse(Rules[0])
},
new AccessControlRule {
Id = "rule 2", Effect = "Permit", Condition = expression.Parse(Rules[0])
},
new AccessControlRule {
Id = "rule 3", Effect = "Permit", Condition = expression.Parse(Rules[0])
}
}
});
acPolicyCollection.InsertMany(data);
}
public static void InsertPolicyForDemo(string policyDb, IConditionalExpressionService expression)
{
string[] Targets = new string[]
{
"BooleanEqual ( Subject.active , 'true' )"
};
string[] Rules = new string[]
{
"StringEqual ( Subject.role , 'intern' ) Or StringEqual ( Subject.role , 'doctor' )",
"IntegerGreaterThan ( Resource.dept_id , '8' )"
};
var data = new List <AccessControlPolicy>();
IMongoClient _client = new MongoClient();
IMongoDatabase _database = _client.GetDatabase(policyDb);
var acPolicyCollection = _database.GetCollection <AccessControlPolicy>("AccessControlPolicy");
data.Add(new AccessControlPolicy
{
Action = "read",
CollectionName = "Department",
Description = "....",
IsAttributeResourceRequired = false,
PolicyId = "policy 1",
RuleCombining = "permit-overrides",
Target = expression.Parse(Targets[0]),
Rules = new AccessControlRule[] {
new AccessControlRule {
Id = "rule 1", Effect = "Permit", Condition = expression.Parse(Rules[0])
}
}
});
data.Add(new AccessControlPolicy
{
Action = "read",
CollectionName = "Department",
Description = "....",
IsAttributeResourceRequired = false,
PolicyId = "policy 2",
RuleCombining = "permit-overrides",
Target = expression.Parse(Targets[0]),
Rules = new AccessControlRule[] {
new AccessControlRule {
Id = "rule 2", Effect = "Permit", Condition = expression.Parse(Rules[1])
}
}
});
acPolicyCollection.InsertMany(data);
var ruleCombiningDB = _database.GetCollection <AccessControlPolicyCombining>("AccessControlPolicyCombiningConfiguration");
var rules = new List <AccessControlPolicyCombining>();
rules.Add(new AccessControlPolicyCombining()
{
Algorithm = "permit-overrides", PolicyIds = new string[2] {
"policy 1", "policy 2"
}
});
ruleCombiningDB.InsertMany(rules);
}
