/// <summary> /// Create a new <see cref="CounterEntityAccessControlChecker"/>. /// </summary> /// <param name="checker"> /// The <see cref="IEntityAccessControlChecker"/> to actually perform the check. This cannot be null. /// </param> /// <exception cref="ArgumentNullException"> /// No argument can be null. /// </exception> public CounterEntityAccessControlChecker(IEntityAccessControlChecker checker) : this(checker, new SingleInstancePerformanceCounterCategory(AccessControlPerformanceCounters.CategoryName), new MultiInstancePerformanceCounterCategory(AccessControlPermissionPerformanceCounters.CategoryName)) { // Do nothing }
/// <summary> /// Constructor. /// </summary> /// <param name="checker">The inner checker.</param> public SafetyEntityAccessControlChecker(IEntityAccessControlChecker checker) { if (checker == null) { throw new ArgumentNullException("checker"); } Checker = checker; }
public void Test_EnableReadRule(string description, IEntityAccessControlChecker entityAccessControlChecker) { AccessRule accessRule; EntityType entityType; UserAccount userAccount; IEntity entity1; IDictionary <long, bool> result; using (var ctx = DatabaseContext.GetContext(true, preventPostSaveActionsPropagating: true)) { entityType = Entity.Create <EntityType>(); entityType.Inherits.Add(UserResource.UserResource_Type); entityType.Save(); userAccount = Entity.Create <UserAccount>(); accessRule = Entity.Create <AccessRule>(); accessRule.AccessRuleEnabled = false; accessRule.PermissionAccess.Add(Permissions.Read.Entity.As <Permission>()); accessRule.ControlAccess = entityType.As <SecurableEntity>(); accessRule.AccessRuleReport = TestQueries.Entities().ToReport(); accessRule.Save(); userAccount.AllowAccess.Add(accessRule); userAccount.Save(); entity1 = Entity.Create(entityType); entity1.Save(); ctx.CommitTransaction(); } // Ensure no access result = entityAccessControlChecker.CheckAccess( new[] { new EntityRef(entity1) }, new[] { Permissions.Read }, userAccount); Assert.That(result, Has.Count.EqualTo(1)); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entity1.Id) .And.Property("Value").False, "Disabled check"); using (var ctx = DatabaseContext.GetContext(true, preventPostSaveActionsPropagating: true)) { accessRule.AccessRuleEnabled = true; accessRule.Save(); ctx.CommitTransaction(); } // Ensure access result = entityAccessControlChecker.CheckAccess( new[] { new EntityRef(entity1) }, new[] { Permissions.Read }, userAccount); Assert.That(result, Has.Count.EqualTo(1)); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entity1.Id) .And.Property("Value").True, "Enabled check"); }
/// <summary> /// Create a new <see cref="CachingPerRuleSetEntityAccessControlChecker" />. /// </summary> /// <param name="entityAccessControlChecker">The <see cref="IEntityAccessControlChecker" /> used to actually perform checks. /// This cannot be null.</param> /// <param name="userRuleSetProvider">The user rule set provider.</param> /// <param name="cacheName">(Optional) Cache name. If supplied, this cannot be null, empty or whitespace.</param> /// <exception cref="System.ArgumentNullException">userRuleSetProvider</exception> /// <exception cref="ArgumentNullException"><paramref name="entityAccessControlChecker" /> cannot be null. <paramref name="cacheName" /> cannot be null, empty or whitespace.</exception> internal CachingPerRuleSetEntityAccessControlChecker(IEntityAccessControlChecker entityAccessControlChecker, IUserRuleSetProvider userRuleSetProvider, string cacheName = "Access control") : base(entityAccessControlChecker, cacheName) { if (userRuleSetProvider == null) { throw new ArgumentNullException("userRuleSetProvider"); } UserRuleSetProvider = userRuleSetProvider; }
/// <summary> /// Create a new <see cref="EntityAccessControlService"/> wrapping the given <see cref="entityAccessControlChecker"/>. /// </summary> /// <param name="entityAccessControlChecker"> /// The <see cref="IEntityAccessControlChecker"/> to use. This cannot be null. /// </param> /// <param name="traceLevelFactory"> /// The optional factory for reading the trace level from configuration. /// </param> /// <exception cref="ArgumentNullException"> /// <paramref name="entityAccessControlChecker"/> cannot be null. /// </exception> internal EntityAccessControlService(IEntityAccessControlChecker entityAccessControlChecker, Func <int> traceLevelFactory = null) { if (entityAccessControlChecker == null) { throw new ArgumentNullException("entityAccessControlChecker"); } EntityAccessControlChecker = entityAccessControlChecker; TraceLevelFactory = traceLevelFactory ?? GetTraceLevelSetting; }
/// <summary> /// Create a new <see cref="LoggingEntityAccessControlChecker"/>. /// </summary> /// <param name="entityAccessControlChecker"> /// The <see cref="IEntityAccessControlChecker"/> to actually perform the check. This cannot be null. /// </param> /// <param name="trace"> /// The <see cref="IEntityAccessControlCheckTrace"/> object used to trace events. This cannot be null. /// </param> /// <exception cref="ArgumentNullException"> /// No argument can be null. /// </exception> public LoggingEntityAccessControlChecker(IEntityAccessControlChecker entityAccessControlChecker, IEntityAccessControlCheckTrace trace) { if (entityAccessControlChecker == null) { throw new ArgumentNullException("entityAccessControlChecker"); } if (trace == null) { throw new ArgumentNullException("trace"); } Checker = entityAccessControlChecker; Trace = trace; }
/// <summary> /// Constructor. /// </summary> /// <param name="firstChecker">The first checker.</param> /// <param name="secondChecker">The second checker.</param> /// <param name="typeCheckerUseFirstCheckerOnly">if set to <c>true</c> [can create use first checker only].</param> /// <exception cref="System.ArgumentNullException"> /// firstChecker /// or /// secondChecker /// </exception> public UnionEntityAccessControlChecker(IEntityAccessControlChecker firstChecker, IEntityAccessControlChecker secondChecker, bool typeCheckerUseFirstCheckerOnly) { if (firstChecker == null) { throw new ArgumentNullException("firstChecker"); } if (secondChecker == null) { throw new ArgumentNullException("secondChecker"); } FirstChecker = firstChecker; SecondChecker = secondChecker; TypeCheckerUseFirstCheckerOnly = typeCheckerUseFirstCheckerOnly; }
/// <summary> /// Create a new <see cref="SecuresFlagEntityAccessControlChecker"/> using /// the given <paramref name="checker"/>. /// </summary> /// <param name="checker"> /// The <see cref="IEntityAccessControlChecker"/> that checks access /// to specific entities. This cannot be null. /// </param> /// <param name="entityMemberRequestFactory"> /// The <see cref="IEntityMemberRequestFactory"/> that generates entity member requests /// to determine which related entities to check security on. This cannot be null. /// </param> /// <param name="typeRepository"> /// A <see cref="IEntityTypeRepository"/>. This cannot be null. /// </param> /// <exception cref="ArgumentNullException"> /// No argument can be null. /// </exception> internal SecuresFlagEntityAccessControlChecker(IEntityAccessControlChecker checker, IEntityMemberRequestFactory entityMemberRequestFactory, IEntityTypeRepository typeRepository) { if (checker == null) { throw new ArgumentNullException(nameof(checker)); } if (typeRepository == null) { throw new ArgumentNullException(nameof(typeRepository)); } if (entityMemberRequestFactory == null) { throw new ArgumentNullException(nameof(entityMemberRequestFactory)); } Checker = checker; TypeRepository = typeRepository; EntityMemberRequestFactory = entityMemberRequestFactory; }
/// <summary> /// Create a new <see cref="CachingEntityAccessControlChecker"/>. /// </summary> /// <param name="entityAccessControlChecker"> /// The <see cref="IEntityAccessControlChecker"/> used to actually perform checks. /// This cannot be null. /// </param> /// <param name="cacheName"> /// (Optional) Cache name. If supplied, this cannot be null, empty or whitespace. /// </param> /// <exception cref="ArgumentNullException"> /// <paramref name="entityAccessControlChecker"/> cannot be null. <paramref name="cacheName"/> cannot be null, empty or whitespace. /// </exception> internal CachingEntityAccessControlCheckerBase(IEntityAccessControlChecker entityAccessControlChecker, string cacheName = "Access control") { if (entityAccessControlChecker == null) { throw new ArgumentNullException("entityAccessControlChecker"); } if (string.IsNullOrWhiteSpace(cacheName)) { throw new ArgumentNullException("cacheName"); } Checker = entityAccessControlChecker; CacheFactory cacheFactory = new CacheFactory { CacheName = cacheName, Lru = true }; Cache = cacheFactory.Create <TKey, bool>(cacheName); _cacheInvalidator = new SecurityCacheInvalidatorBase <TKey, bool>(Cache, cacheName); CacheName = cacheName; }
/// <summary> /// Create a new <see cref="CounterEntityAccessControlChecker"/>. /// </summary> /// <param name="checker"> /// The <see cref="IEntityAccessControlChecker"/> to actually perform the check. This cannot be null. /// </param> /// <param name="accessControlCounters"> /// The <see cref="ISingleInstancePerformanceCounterCategory"/> used to update/set access control performance counters. /// </param> /// <param name="accessControlPermissionCounters"> /// The <see cref="IMultiInstancePerformanceCounterCategory"/> used to update/set access control permission performance counters. /// </param> /// <exception cref="ArgumentNullException"> /// No argument can be null. /// </exception> internal CounterEntityAccessControlChecker( IEntityAccessControlChecker checker, ISingleInstancePerformanceCounterCategory accessControlCounters, IMultiInstancePerformanceCounterCategory accessControlPermissionCounters) { if (checker == null) { throw new ArgumentNullException("checker"); } if (accessControlCounters == null) { throw new ArgumentNullException("accessControlCounters"); } if (accessControlPermissionCounters == null) { throw new ArgumentNullException("accessControlPermissionCounters"); } Checker = checker; AccessControlCounters = accessControlCounters; AccessControlPermissionCounters = accessControlPermissionCounters; }
/// <summary> /// Create a new <see cref="LoggingEntityAccessControlChecker"/>. /// </summary> /// <param name="entityAccessControlChecker"> /// The <see cref="IEntityAccessControlChecker"/> to actually perform the check. This cannot be null. /// </param> /// <exception cref="ArgumentNullException"> /// No argument can be null. /// </exception> public LoggingEntityAccessControlChecker(IEntityAccessControlChecker entityAccessControlChecker) : this(entityAccessControlChecker, new StringEntityAccessControlCheckTrace()) { // Do nothing }
/// <summary> /// Create a new <see cref="CachingEntityAccessControlChecker"/>. /// </summary> /// <param name="entityAccessControlChecker"> /// The <see cref="IEntityAccessControlChecker"/> used to actually perform checks. /// This cannot be null. /// </param> /// <param name="cacheName"> /// (Optional) Cache name. If supplied, this cannot be null, empty or whitespace. /// </param> /// <exception cref="ArgumentNullException"> /// <paramref name="entityAccessControlChecker"/> cannot be null. <paramref name="cacheName"/> cannot be null, empty or whitespace. /// </exception> internal CachingEntityAccessControlChecker(IEntityAccessControlChecker entityAccessControlChecker, string cacheName = "Access control") : base(entityAccessControlChecker, cacheName) { }