public IQueryable <BigTuple <Guid> > AllGrantedTargets(ISecuritySubject subject, Expression <Func <Guid, bool> > privilegeFilter, int arity) { //Contract.Requires( subject != null ); //Contract.Requires( privilegeFilter != null ); //Contract.Ensures( //Contract.Result<IQueryable<BigTuple<Guid>>>() != null ); throw new NotImplementedException(); }
public IQueryable <BigTuple <Guid> > AllGrantedTargets(ISecuritySubject subject, Expression <Func <Guid, bool> > privilegeFilter, int arity) { var q = from e in AllPossibleTargetsWithAcls(arity) where e.Allow && e.SubjectId == subject.ID && privilegeFilter.Invoke(e.PrivilegeId) select e.TargetId; return(q.Expand()); }
public static IQueryable <TObject> AllGrantedObjects <TDomain, TObject>( this ISecurityService <TDomain> service, IQueryable <TObject> source, ISecuritySubject subject, SecurityPrivilege privilege) where TObject : class, ISecurityObject { return(from t in service.AllGrantedTargets(subject, privilege, 1) join o in source on t.X0 equals o.ID select o); }
public static IEnumerable <bool> HasPrivileges <TDomain>( this ISecurityService <TDomain> service, SecurityTarget target, ISecuritySubject subject, params SecurityPrivilege[] privileges) { if (privileges.NullOrEmpty()) { return(Enumerable.Empty <bool>()); } return(privileges.Select(service.Can(target, subject))); }
public IHtmlString ForSubject(ISecuritySubject subj, string fieldName, IJsControlledView gs, bool enabled = true) { var model = new SubjectGroupsListModel { FieldName = fieldName, Subject = subj, MemberOf = Html.ViewContext.HttpContext.Composition().Get <ISecurityMembershipService <TDomain> >().GetSubjectParents(subj).Resolve(), GroupSelector = gs }; return(enabled ? Html.Partial <Views.SubjectGroupsSelector.Selector>().WithModel(model) : Html.Partial <Views.SubjectGroupsSelector.SubjectGroups>().WithModel(model)); }
public static IQueryable <StaticQueryTuple <TObject1, TObject2> > AllGrantedPairs <TDomain, TObject1, TObject2>( this ISecurityService <TDomain> service, IQueryable <TObject1> source1, IQueryable <TObject2> source2, ISecuritySubject subject, SecurityPrivilege privilege) where TObject1 : class, ISecurityObject where TObject2 : class, ISecurityObject { return (from t in service.AllGrantedTargets(subject, privilege, 2) join o1 in source1 on t.X0 equals o1.ID join o2 in source2 on t.X1 equals o2.ID select new StaticQueryTuple <TObject1, TObject2> { Object1 = o1, Object2 = o2 }); }
public IEnumerable <UnresolvedSubject> GetSubjectChildren(ISecuritySubject subj, bool immediateOnly) { throw new NotImplementedException(); }
public void SetSubjectParents(ISecuritySubject subj, IEnumerable <ISecuritySubject> memberOf) { throw new NotImplementedException(); }
public static IQueryable <AuditEventView> RequirePermission <TDomain>(this IQueryable <AuditEventView> events, IEnumerable <AuditEventKind> allKinds, ISecurityService <TDomain> sec, SecurityPrivilege privilege, ISecuritySubject subject) { throw new Lpp.Utilities.CodeToBeUpdatedException(); //var evts = events.HomomorphismRestrictionWorkaround(); //return allKinds // .ToLookup( k => k.AppliesTo.ObjectKindsInOrder.Count() ) // .Aggregate( // Enumerable.Empty<AuditEventView>(), // TODO: EF4 doesn't support UNION on complex types or UNION with subsequent operations. // // Make this into IQueryable as soon as we move to EF4.5 // ( es, a ) => // { // var takeNminusOne = BigTupleExpression.Take<Guid>( a.Key ); // var initKindField = BigTuple<Guid>.InitializerExpression( a.Key+1, a.Key-1 ); // var takeN = BigTupleExpression.Take<Guid>( a.Key+1 ); // var kinds = a.Select( e => e.Id ); // var res = from e in evts // where kinds.Contains( e.KindId ) // join g in sec.AllGrantedTargets( subject, privilege, a.Key+1 ) // on initKindField.Invoke( takeNminusOne.Invoke( e.TargetId ), e.KindId ) equals takeN.Invoke( g ) // select e; // return es.Concat( res.Expand() ); // } // ) // .AsQueryable(); }
public static IQueryable <BigTuple <Guid> > AllGrantedTargets <TDomain>( this ISecurityService <TDomain> service, ISecuritySubject subject, Guid[] privilegeIds, int arity) { return(service.AllGrantedTargets(subject, pid => privilegeIds.Contains(pid), arity)); }
public void SetSubjectParents(ISecuritySubject subj, IEnumerable <ISecuritySubject> memberOf) { Dag.SetAdjacency(subj.ID, memberOf.Select(m => m.ID)); }
public static void Demand <TDomain>(this ISecurityService <TDomain> service, SecurityTarget t, ISecuritySubject subject, params SecurityPrivilege[] ps) { if (!ps.All(service.Can(t, subject))) { throw new UnauthorizedAccessException(); } }
public static void Demand <TDomain>(this ISecurityService <TDomain> service, ISecurityObject o, ISecuritySubject subject, params SecurityPrivilege[] ps) { service.Demand(Sec.Target(o), subject, ps); }
public static IQueryable <BigTuple <Guid> > AllGrantedTargets <TDomain>( this ISecurityService <TDomain> service, ISecuritySubject subject, SecurityPrivilege privilege, SecurityTargetKind kind) { return(service.AllGrantedTargets(subject, privilege, kind.ObjectKindsInOrder.Count())); }
public static Func <SecurityPrivilege, bool> Can <TDomain>(this ISecurityService <TDomain> service, SecurityTarget t, ISecuritySubject subject) { var acl = service.GetAcl(t).Where(e => e.SubjectId == subject.ID && e.Allow).ToLookup(e => e.PrivilegeId); return(p => acl[p.SID].Any()); }
public static IQueryable <BigTuple <Guid> > AllGrantedTargets <TDomain>( this ISecurityService <TDomain> service, ISecuritySubject subject, Expression <Func <Guid, bool> > privilegeFilter, SecurityTargetKind kind) { return(service.AllGrantedTargets(subject, privilegeFilter, kind.ObjectKindsInOrder.Count())); }
public static bool HasPrivilege <TDomain>( this ISecurityService <TDomain> service, ISecurityObject obj, ISecuritySubject subject, SecurityPrivilege privilege) { return(service.HasPrivilege(Sec.Target(obj), subject, privilege)); }
/// <summary> /// Determins if a subject has rights to a target. /// </summary> /// <typeparam name="TDomain"></typeparam> /// <param name="service"></param> /// <param name="target"></param> /// <param name="subject"></param> /// <param name="privilege">Rights of subject to specified target to determine</param> /// <returns></returns> public static bool HasPrivilege <TDomain>( this ISecurityService <TDomain> service, SecurityTarget target, ISecuritySubject subject, SecurityPrivilege privilege) { return(service.Can(target, subject)(privilege)); }
public IEnumerable <UnresolvedSubject> GetSubjectChildren(ISecuritySubject subj, bool immediateOnly = true) { return(Dag.GetAdjacentStarts(subj.ID, immediateOnly).Select(CreateSubj)); }
public static IQueryable <BigTuple <Guid> > AllGrantedTargets <TDomain>( this ISecurityService <TDomain> service, ISecuritySubject subject, SecurityPrivilege privilege, int arity) { return(service.AllGrantedTargets(subject, pid => pid == privilege.SID, arity)); }