/// <summary>
/// Initializes a new instance of the <see cref="UserAccessViewModel" /> class.
/// </summary>
/// <param name="accessRule">The access rule.</param>
public UserAccessViewModel(IAccessRule accessRule)
{
Id = accessRule.Id;
Identity = accessRule.Identity;
AccessLevel = accessRule.AccessLevel;
IsForRole = accessRule.IsForRole;
}
public static bool EvaluateRole(Func <string, bool> roleMatcher, Func <string, bool> userMatcher, string rule)
{
RoleParser parser = new RoleParser();
IAccessRule evaluator = parser.Parse(rule);
return(evaluator.Evaluate(roleMatcher, userMatcher));
}
/// <summary>
/// Initializes a new instance of the <see cref="UserAccessViewModel" /> class.
/// </summary>
/// <param name="accessRule">The access rule.</param>
public UserAccessViewModel(IAccessRule accessRule)
{
Id = accessRule.Id;
Identity = accessRule.Identity;
AccessLevel = accessRule.AccessLevel;
IsForRole = accessRule.IsForRole;
}
/// <summary>
/// Adds the rule.
/// </summary>
/// <param name="accessRule">The access rule.</param>
public virtual void AddRule(IAccessRule accessRule)
{
if (AccessRules == null)
{
AccessRules = new List <AccessRule>();
}
AccessRules.Add((AccessRule)accessRule);
}
public virtual void AddRule(IAccessRule accessRule)
{
if (AccessRules == null)
{
AccessRules = new List<AccessRule>();
}
AccessRules.Add((AccessRule)accessRule);
}
public void AppendAccessRule(IAccessRule rule)
{
Guard.AgainstArgumentNull(rule, "rule");
if (!Contains(rule))
{
_accessRules.Add(rule);
}
else
{
throw new ArgumentException(string.Format("Rule '{0}' is already added", rule.GetType()));
}
}
private IAccessRule WeighAndOr(IAccessRule parentRule)
{
IAccessRule currentRule = parentRule;
Or previousRule = null;
while (true)
{
IComparisonRule comparisonRule = currentRule as IComparisonRule;
if (comparisonRule == null)
{
break;
}
if (comparisonRule is Or)
{
previousRule = currentRule as Or;
currentRule = comparisonRule.RValue;
continue;
}
And andRule = comparisonRule as And;
while (andRule.RValue is And)
{
andRule = andRule.RValue as And;
}
Or bottomOr = andRule.RValue as Or;
if (bottomOr != null)
{
IAccessRule orLeft = bottomOr.LValue;
bottomOr.LValue = andRule;
andRule.RValue = orLeft;
if (previousRule == null)
{
parentRule = previousRule = bottomOr;
}
else
{
previousRule.RValue = bottomOr;
previousRule = bottomOr;
}
}
else
{
break;
}
currentRule = bottomOr.RValue;
}
return(parentRule);
}
public bool IsAuthorized(AuthorizationContext filterContext, string accessRule, string actionKey, string parentActionKey)
{
bool?result = null;
try
{
RoleParser parser = new RoleParser();
IAccessRule accessRuleObj = parser.Parse(accessRule);
result = accessRuleObj.Evaluate(
role => filterContext.HttpContext.User.IsInRole(role)
, userName => filterContext.HttpContext.User.Identity.Name.ToLowerInvariant() == userName.ToLowerInvariant()
);
}
catch
{
result = false;
}
return(result.HasValue? result.Value: false);
}
/// <summary>
/// Removes the rule.
/// </summary>
/// <param name="accessRule">The access rule.</param>
/// <exception cref="System.NotSupportedException"></exception>
void IAccessSecuredObject.RemoveRule(IAccessRule accessRule)
{
throw new NotSupportedException();
}
/// <summary>
/// Adds the rule.
/// </summary>
/// <param name="accessRule">The access rule.</param>
/// <exception cref="System.NotSupportedException"></exception>
void IAccessSecuredObject.AddRule(IAccessRule accessRule)
{
throw new NotSupportedException();
}
/// <summary>
/// Removes the rule.
/// </summary>
/// <param name="accessRule">The access rule.</param>
public virtual void RemoveRule(IAccessRule accessRule)
{
AccessRules.Remove((AccessRule)accessRule);
}
public virtual void RemoveRule(IAccessRule accessRule)
{
AccessRules.Remove((AccessRule)accessRule);
}
private IAccessRule dumpStack(Stack <string> stack)
{
Stack <IAccessRule> rules = new Stack <IAccessRule>();
while (stack.Count > 0)
{
string result = stack.Pop();
switch (result)
{
case "!":
{
IAccessRule lastRule = rules.Peek();
IComparisonRule comparisonRule = lastRule as IComparisonRule;
if (comparisonRule != null)
{
comparisonRule.LValue = new Not {
InnerRule = comparisonRule.LValue
};
}
else
{
rules.Pop();
rules.Push(new Not {
InnerRule = lastRule
});
}
break;
}
case ")":
{
rules.Push(new GroupRule());
break;
}
case "&":
{
IAccessRule rValue = rules.Pop();
rules.Push(new And {
RValue = rValue
});
break;
}
case "|":
{
IAccessRule rValue = rules.Pop();
And andRule = rValue as And;
if (rValue != null)
{
}
rules.Push(new Or {
RValue = rValue
});
break;
}
default:
{
IAccessRule currentRule = null;
if (result == "(")
{
if (rules.Count == 0)
{
throw new ArgumentException("Missing an closing paren.");
}
IAccessRule innerRule = WeighAndOr(rules.Pop());
if (rules.Count == 0)
{
throw new ArgumentException("Missing an closing paren.");
}
GroupRule groupRule = rules.Pop() as GroupRule;
groupRule.InnerRule = innerRule;
currentRule = groupRule;
}
else
{
currentRule = new Match {
Role = result
}
};
if (rules.Count > 0)
{
IComparisonRule rule = rules.Peek() as IComparisonRule;
if (rule != null)
{
rules.Pop();
rule.LValue = currentRule;
currentRule = rule;
}
}
rules.Push(currentRule);
break;
}
}
}
if (rules.Count > 1)
{
throw new ArgumentException("Missing an opening paren.");
}
IAccessRule finalRule = WeighAndOr(rules.Pop());
return(finalRule);
}
private bool Contains(IAccessRule rule)
{
return(_accessRules.SingleOrDefault(x => x.GetType() == rule.GetType()) != null);
}