public IQueryable <BigTuple <Guid> > AllGrantedTargets(ISecuritySubject subject, Expression <Func <Guid, bool> > privilegeFilter, int arity)
{
//Contract.Requires( subject != null );
//Contract.Requires( privilegeFilter != null );
//Contract.Ensures( //Contract.Result<IQueryable<BigTuple<Guid>>>() != null );
throw new NotImplementedException();
}
public IQueryable <BigTuple <Guid> > AllGrantedTargets(ISecuritySubject subject, Expression <Func <Guid, bool> > privilegeFilter, int arity)
{
var q = from e in AllPossibleTargetsWithAcls(arity)
where e.Allow && e.SubjectId == subject.ID && privilegeFilter.Invoke(e.PrivilegeId)
select e.TargetId;
return(q.Expand());
}
public static IQueryable <TObject> AllGrantedObjects <TDomain, TObject>(
this ISecurityService <TDomain> service, IQueryable <TObject> source, ISecuritySubject subject, SecurityPrivilege privilege)
where TObject : class, ISecurityObject
{
return(from t in service.AllGrantedTargets(subject, privilege, 1)
join o in source on t.X0 equals o.ID
select o);
}
public static IEnumerable <bool> HasPrivileges <TDomain>(
this ISecurityService <TDomain> service, SecurityTarget target, ISecuritySubject subject,
params SecurityPrivilege[] privileges)
{
if (privileges.NullOrEmpty())
{
return(Enumerable.Empty <bool>());
}
return(privileges.Select(service.Can(target, subject)));
}
public IHtmlString ForSubject(ISecuritySubject subj, string fieldName, IJsControlledView gs, bool enabled = true)
{
var model = new SubjectGroupsListModel
{
FieldName = fieldName,
Subject = subj,
MemberOf = Html.ViewContext.HttpContext.Composition().Get <ISecurityMembershipService <TDomain> >().GetSubjectParents(subj).Resolve(),
GroupSelector = gs
};
return(enabled ? Html.Partial <Views.SubjectGroupsSelector.Selector>().WithModel(model) : Html.Partial <Views.SubjectGroupsSelector.SubjectGroups>().WithModel(model));
}
public static IQueryable <StaticQueryTuple <TObject1, TObject2> > AllGrantedPairs <TDomain, TObject1, TObject2>(
this ISecurityService <TDomain> service, IQueryable <TObject1> source1, IQueryable <TObject2> source2,
ISecuritySubject subject, SecurityPrivilege privilege)
where TObject1 : class, ISecurityObject
where TObject2 : class, ISecurityObject
{
return
(from t in service.AllGrantedTargets(subject, privilege, 2)
join o1 in source1 on t.X0 equals o1.ID
join o2 in source2 on t.X1 equals o2.ID
select new StaticQueryTuple <TObject1, TObject2> {
Object1 = o1, Object2 = o2
});
}
public IEnumerable <UnresolvedSubject> GetSubjectChildren(ISecuritySubject subj, bool immediateOnly)
{
throw new NotImplementedException();
}
public void SetSubjectParents(ISecuritySubject subj, IEnumerable <ISecuritySubject> memberOf)
{
throw new NotImplementedException();
}
public static IQueryable <AuditEventView> RequirePermission <TDomain>(this IQueryable <AuditEventView> events,
IEnumerable <AuditEventKind> allKinds, ISecurityService <TDomain> sec, SecurityPrivilege privilege, ISecuritySubject subject)
{
throw new Lpp.Utilities.CodeToBeUpdatedException();
//var evts = events.HomomorphismRestrictionWorkaround();
//return allKinds
// .ToLookup( k => k.AppliesTo.ObjectKindsInOrder.Count() )
// .Aggregate(
// Enumerable.Empty<AuditEventView>(), // TODO: EF4 doesn't support UNION on complex types or UNION with subsequent operations.
// // Make this into IQueryable as soon as we move to EF4.5
// ( es, a ) =>
// {
// var takeNminusOne = BigTupleExpression.Take<Guid>( a.Key );
// var initKindField = BigTuple<Guid>.InitializerExpression( a.Key+1, a.Key-1 );
// var takeN = BigTupleExpression.Take<Guid>( a.Key+1 );
// var kinds = a.Select( e => e.Id );
// var res = from e in evts
// where kinds.Contains( e.KindId )
// join g in sec.AllGrantedTargets( subject, privilege, a.Key+1 )
// on initKindField.Invoke( takeNminusOne.Invoke( e.TargetId ), e.KindId ) equals takeN.Invoke( g )
// select e;
// return es.Concat( res.Expand() );
// }
// )
// .AsQueryable();
}
public static IQueryable <BigTuple <Guid> > AllGrantedTargets <TDomain>(
this ISecurityService <TDomain> service, ISecuritySubject subject, Guid[] privilegeIds, int arity)
{
return(service.AllGrantedTargets(subject, pid => privilegeIds.Contains(pid), arity));
}
public void SetSubjectParents(ISecuritySubject subj, IEnumerable <ISecuritySubject> memberOf)
{
Dag.SetAdjacency(subj.ID, memberOf.Select(m => m.ID));
}
public static void Demand <TDomain>(this ISecurityService <TDomain> service, SecurityTarget t, ISecuritySubject subject, params SecurityPrivilege[] ps)
{
if (!ps.All(service.Can(t, subject)))
{
throw new UnauthorizedAccessException();
}
}
public static void Demand <TDomain>(this ISecurityService <TDomain> service, ISecurityObject o, ISecuritySubject subject, params SecurityPrivilege[] ps)
{
service.Demand(Sec.Target(o), subject, ps);
}
public static IQueryable <BigTuple <Guid> > AllGrantedTargets <TDomain>(
this ISecurityService <TDomain> service, ISecuritySubject subject, SecurityPrivilege privilege, SecurityTargetKind kind)
{
return(service.AllGrantedTargets(subject, privilege, kind.ObjectKindsInOrder.Count()));
}
public static Func <SecurityPrivilege, bool> Can <TDomain>(this ISecurityService <TDomain> service, SecurityTarget t, ISecuritySubject subject)
{
var acl = service.GetAcl(t).Where(e => e.SubjectId == subject.ID && e.Allow).ToLookup(e => e.PrivilegeId);
return(p => acl[p.SID].Any());
}
public static IQueryable <BigTuple <Guid> > AllGrantedTargets <TDomain>(
this ISecurityService <TDomain> service, ISecuritySubject subject, Expression <Func <Guid, bool> > privilegeFilter, SecurityTargetKind kind)
{
return(service.AllGrantedTargets(subject, privilegeFilter, kind.ObjectKindsInOrder.Count()));
}
public static bool HasPrivilege <TDomain>(
this ISecurityService <TDomain> service, ISecurityObject obj, ISecuritySubject subject, SecurityPrivilege privilege)
{
return(service.HasPrivilege(Sec.Target(obj), subject, privilege));
}
/// <summary>
/// Determins if a subject has rights to a target.
/// </summary>
/// <typeparam name="TDomain"></typeparam>
/// <param name="service"></param>
/// <param name="target"></param>
/// <param name="subject"></param>
/// <param name="privilege">Rights of subject to specified target to determine</param>
/// <returns></returns>
public static bool HasPrivilege <TDomain>(
this ISecurityService <TDomain> service, SecurityTarget target, ISecuritySubject subject, SecurityPrivilege privilege)
{
return(service.Can(target, subject)(privilege));
}
public IEnumerable <UnresolvedSubject> GetSubjectChildren(ISecuritySubject subj, bool immediateOnly = true)
{
return(Dag.GetAdjacentStarts(subj.ID, immediateOnly).Select(CreateSubj));
}
public static IQueryable <BigTuple <Guid> > AllGrantedTargets <TDomain>(
this ISecurityService <TDomain> service, ISecuritySubject subject, SecurityPrivilege privilege, int arity)
{
return(service.AllGrantedTargets(subject, pid => pid == privilege.SID, arity));
}
