Пример #1
0
        internal static IPermission[] SearchPermissions(this IRol me, bool forFilter, IFunction function, TypeDiscriminator typeDiscriminator, params IDiscriminator[] discriminators)
        {
            using (var res = Printer.CallResult <IPermission[]>())
            {
                discriminators = discriminators.RemoveNulls();
                using (Printer.Indent2("Inpupt Prameters"))
                {
                    Printer.WriteLine($"Rol: {me?.Name}");
                    Printer.WriteLine($"For filter: " + forFilter);
                    Printer.WriteLine($"Function: {function?.ToString() ?? "<null>"}");
                    Printer.WriteLine($"Type discriminator: {typeDiscriminator?.ToString() ?? "<null>"}");
                    Printer.Foreach($"Discriminators:", discriminators, dis => Printer.WriteLine($"{dis}"));
                }
                // Function validation
                if (!(function?.IsValid() ?? true))
                {
                    throw new ArgumentException($"The '{nameof(function)}' pararameter with value '{function}' has an invalid state", nameof(function));
                }

                // TypeDiscriminator validation
                if (!typeDiscriminator?.IsValid() ?? false)
                {
                    throw new InvalidStateException($"The '{typeDiscriminator}' discriminator has an invalid state");
                }

                // Discriminators validation
                var invalidDiscriminator = discriminators?.FirstOrDefault(d => !d.IsValid());

                if (invalidDiscriminator != null)
                {
                    throw new InvalidStateException($"The '{invalidDiscriminator}' discriminator has an invalid state");
                }

                // Get & print rol permissions
                var permissions = me.AllPermissions();
                using (Printer.Indent2("Permissions:"))
                    permissions.Print(PrintMode.Table);
                using (Printer.Indent2("Iterate permissions:"))
                    res.Value = permissions.Where(p => p.Match(forFilter, function, typeDiscriminator, discriminators)).ToArray();
                res.OnPrintResult = r => r.Print(PrintMode.Table);
                return(res.Value);
            }
        }
Пример #2
0
        internal static bool CheckDiscriminators(this IInternalRolCan me, bool forAll, TypeDiscriminator typeDiscriminator, params IDiscriminator[] discriminators)
        {
            using (var res = Printer.CallResult <bool>())
            {
                using (Printer.Indent2("Input parameters"))
                {
                    Printer.WriteLine($"Rol: {me?.Rol?.Name}");
                    Printer.WriteLine($"Functions: {string.Join(",", me.Functions.Select(f => f.Name)) ?? "<null>"}");
                    Printer.WriteLine($"For all: {forAll}");
                    Printer.WriteLine($"Type discriminator: {typeDiscriminator?.ToString() ?? "null"}");
                    Printer.Foreach($"Discriminators:", discriminators, dis => Printer.WriteLine($"{dis}"));
                }
                // If Rol is null, return false
                if (me.Rol == null)
                {
                    Printer.WriteLine($"Rol is NULL, return FALSE");
                    return(res.Value = false);
                }
                // If target discriminator is null, return true
                if (typeDiscriminator == null)
                {
                    Printer.WriteLine($"TypeDiscriminator is NULL, return TRUE");
                    return(res.Value = true);
                }
                bool Compute()
                {
                    //Printer.Foreach("Iterating functions:", me.Functions, fun => {
                    foreach (var fun in me.Functions)
                    {
                        Printer.WriteLine($"Function '{fun.Name}':");
                        var pers = SearchPermissions(me.Rol, false, fun, typeDiscriminator, discriminators);
                        if (!pers.Any())
                        {
                            return(false);
                        }
                        else
                        {
                            var grantPermissions  = pers.Where(p => p.Value).ToList();
                            var deniedPermissions = pers.Where(p => !p.Value).ToList();
                            Printer.WriteLine($"Found '{grantPermissions.Count}' grant permissions");
                            Printer.WriteLine($"Found '{deniedPermissions.Count}' denied permissions");
                            var r = false;
                            if (discriminators.IsNullOrEmpty())
                            {
                                r = grantPermissions.Count > 0 && deniedPermissions.Count == 0;
                            }
                            else
                            {
                                r = forAll
                                                                        ? discriminators.All(dis =>
                                {
                                    return(grantPermissions.Count > 0 && deniedPermissions.Count == 0);                                           // || grantPermissions.Count == 0;
                                })
                                                                        : discriminators.Any(dis =>
                                {
                                    //var pers = me.Rol.SearchPermissions(fun, dis);
                                    //return !pers.Any(p => !p.Value && p.Scopes.Any(s => dis.TypeId == s.Discriminator.TypeId)) && pers.Any(p => p.Value);
                                    return(!pers.Any(p => !p.Value && p.Match(false, fun, typeDiscriminator, discriminators)) && pers.Any(p => p.Value));
                                });
                            }
                            if (!r && me.ThrowExceptionIfCannot)
                            {
                                throw new UnauthorizedAccessException($"The rol '{me.Rol.Name}' cannot '{me.Functions.Aggregate("", (a, c) => a + c.Name + "·", a => a.Trim('·'))}' of type '{typeDiscriminator.Name}' with given discriminators '{discriminators.Aggregate("", (a, c) => $"{a}, {c.TypeName + "<" + c.Name + ">"}", a => a.Trim(',', ' ')) }'");
                            }
                            return(r);
                        }
                    }
                    return(false);
                }

                res.Value = Compute();
                if (!res.Value && me.ThrowExceptionIfCannot)
                {
                    throw new UnauthorizedAccessException($"The rol '{me.Rol.Name}' cannot '{me.Functions.Aggregate("", (a, c) => a + c.Name + "·", a => a.Trim('·'))}' of type '{typeDiscriminator.Name}' with given discriminators '{discriminators.Aggregate("", (a, c) => $"{a}, {c.TypeName + "<" + c.Name + ">"}", a => a.Trim(',', ' ')) }'");
                }
                return(res.Value);
            }
        }