/// <summary>Выполняет проверку разрешения на операцию в базе данных</summary> /// <param name="permissionRequest">Запрос разрешения на операцию</param> /// <returns>True, если операция разрешена, иначе false</returns> protected bool IsGrantedCore(ServerPermissionRequest permissionRequest) { if (permissionRequest.ObjectType == null) throw new InvalidOperationException(ServerSecurityLogLocalizer.Active.GetLocalizedString(ServerSecurityLogMessagesId.CannotObtainType)); Type targetType = GetTypeToProcess(permissionRequest.ObjectType, permissionRequest.TargetObject); if (targetType == null) return true; DatabaseTypePermission permission = GetTypePermission(targetType); if (permission == null) return false; switch (permissionRequest.Operation) { case SecurityOperations.Navigate: case SecurityOperations.Read: return permission.CanSelect; case SecurityOperations.Create: return permission.CanInsert; case SecurityOperations.Write: return permission.CanUpdate; case SecurityOperations.Delete: return permission.CanDelete; } return false; }
/// <contentfrom cref="IPermissionRequestProcessor.IsGranted" /> public bool IsGranted(IPermissionRequest permissionRequest) { // Инициализация систем безопасности if (securities == null) { securities = providers.Select( provider => provider.CreateSelectDataSecurity()).ToArray(); } // Преобразование клиентского запроса if (permissionRequest is ClientPermissionRequest) { ClientPermissionRequest clientPermissionRequest = (ClientPermissionRequest)permissionRequest; object targetObject = !string.IsNullOrEmpty(clientPermissionRequest.TargetObjectHandle) ? nonSecuredObjectSpace.GetObjectByHandle(clientPermissionRequest.TargetObjectHandle) : null; permissionRequest = new ServerPermissionRequest(clientPermissionRequest.ObjectType, targetObject, clientPermissionRequest.MemberName, clientPermissionRequest.Operation, new SecurityExpressionEvaluator(nonSecuredObjectSpace)); } // Проверка серверного запроса if (permissionRequest is ServerPermissionRequest) { foreach (ISelectDataSecurity security in securities) if (!security.IsGranted(permissionRequest)) return false; } return true; }