public bool Permit(IAcSession user, FunctionState function, IManagedObject data) { if (function == null) { throw new ArgumentNullException("function"); } // 如果非托管 if (!function.IsManaged) { return true; } if (!user.Identity.IsAuthenticated) { return false; } if (user.IsDeveloper()) { return true; } var functionIDs = user.AccountPrivilege.AuthorizedFunctionIDs; if (!functionIDs.Contains(function.Id)) { return false; } if (data != null) { // TODO:验证实体级权限。anycmd 1.0版本暂不支持,后续版本支持 } return true; }
public bool Permit(IAcSession user, FunctionState function, IManagedObject data) { if (function == null) { throw new ArgumentNullException("function"); } // 如果非托管 if (!function.IsManaged) { return(true); } if (!user.Identity.IsAuthenticated) { return(false); } if (user.IsDeveloper()) { return(true); } var functionIDs = user.AccountPrivilege.AuthorizedFunctionIDs; if (!functionIDs.Contains(function.Id)) { return(false); } if (data != null) { // TODO:验证实体级权限。anycmd 1.0版本暂不支持,后续版本支持 } return(true); }
private void OnObjectUnregistered(IManagedObject obj) { if (!(obj is T t)) { return; } _registeredObjects.Remove(t.ID); ObjectUnregistered?.Invoke(t); }
private void OnObjectRegistered(IManagedObject obj) { if (!(obj is T t)) { return; } t.ID = _nextID++; _registeredObjects[t.ID] = t; ObjectRegistered?.Invoke(t); }
public static bool Permit <TEntity, TInput>(this IAcSession user, string resourceCode, string functionCode, IManagedObject currentEntity) where TEntity : IManagedPropertyValues where TInput : IManagedPropertyValues { var securityService = user.AcDomain.RetrieveRequiredService <ISecurityService>(); CatalogState resource; if (!user.AcDomain.CatalogSet.TryGetCatalog(user.AcDomain.AppSystemSet.SelfAppSystem.Code + "." + resourceCode, out resource)) { throw new ValidationException("意外的资源码" + resourceCode); } FunctionState function; if (!user.AcDomain.FunctionSet.TryGetFunction(resource, functionCode, out function)) { return(true); } return(securityService.Permit(user, function, currentEntity)); }
public static bool Permit <T, TInput>(this IAcSession user, FunctionState function, IManagedObject currentEntity) where T : IManagedPropertyValues where TInput : IManagedPropertyValues { var securityService = user.AcDomain.RetrieveRequiredService <ISecurityService>(); return(securityService.Permit(user, function, currentEntity)); }
public static bool Permit <TEntity, TInput>(this IAcSession user, Guid functionId, IManagedObject currentEntity) where TEntity : IManagedPropertyValues where TInput : IManagedPropertyValues { var securityService = user.AcDomain.RetrieveRequiredService <ISecurityService>(); FunctionState function; if (!user.AcDomain.FunctionSet.TryGetFunction(functionId, out function)) { return(true); } return(securityService.Permit(user, function, currentEntity)); }
public static bool Permit <TEntity, TInput>(this IAcSession user, UiViewState view, IManagedObject currentEntity) where TEntity : IManagedPropertyValues where TInput : IManagedPropertyValues { var securityService = user.AcDomain.RetrieveRequiredService <ISecurityService>(); if (view == null) { throw new ArgumentNullException("view"); } if (view == UiViewState.Empty) { return(true); } FunctionState function; if (!user.AcDomain.FunctionSet.TryGetFunction(view.Id, out function)) { return(true); } return(securityService.Permit(user, function, currentEntity)); }
public IReadOnlyCollection <FunctionState> UserOperationsOnObject(IAcSession subject, IAcSession targetSession, IManagedObject obj) { AccountPrivilege accountPrivilege = targetSession.AccountPrivilege; var functions = new HashSet <FunctionState>(); foreach (var f in accountPrivilege.AuthorizedFunctions) { functions.Add(f); } // TODO:执行实体级策略筛选返回的功能列表 return(functions.ToList()); }
public IReadOnlyCollection <FunctionState> RoleOperationsOnObject(IAcSession subject, IAcSession targetSession, Guid roleId, IManagedObject obj) { RoleState role; if (!_acDomain.RoleSet.TryGetRole(roleId, out role)) { throw new ValidationException("给定标识的角色不存在" + roleId); } var functions = new HashSet <FunctionState>(); foreach (var item in _acDomain.RoleSet.GetDescendantRoles(role)) { foreach (var privilege in _acDomain.PrivilegeSet.Where(a => a.SubjectType == AcElementType.Role && a.SubjectInstanceId == roleId && a.ObjectType == AcElementType.Function)) { FunctionState f; if (_acDomain.FunctionSet.TryGetFunction(privilege.ObjectInstanceId, out f)) { functions.Add(f); } } } // TODO:执行实体级策略筛选返回的功能列表 return(functions.ToList()); }
public bool CheckAccess(IAcSession subject, IAcSession targetSession, Guid functionId, IManagedObject obj) { var securityService = _acDomain.RetrieveRequiredService <ISecurityService>(); FunctionState function; if (!_acDomain.FunctionSet.TryGetFunction(functionId, out function)) { throw new ValidationException("给定标识的功能不存在" + functionId); } IAcSession session = targetSession; if (session == null) { throw new ValidationException("给定标识的会话不存在"); } return(securityService.Permit(session, function, obj)); }
public IReadOnlyCollection<FunctionState> UserOperationsOnObject(IAcSession subject, IAcSession targetSession, IManagedObject obj) { AccountPrivilege accountPrivilege = targetSession.AccountPrivilege; var functions = new HashSet<FunctionState>(); foreach (var f in accountPrivilege.AuthorizedFunctions) { functions.Add(f); } // TODO:执行实体级策略筛选返回的功能列表 return functions.ToList(); }
public IReadOnlyCollection<FunctionState> RoleOperationsOnObject(IAcSession subject, IAcSession targetSession, Guid roleId, IManagedObject obj) { RoleState role; if (!_acDomain.RoleSet.TryGetRole(roleId, out role)) { throw new ValidationException("给定标识的角色不存在" + roleId); } var functions = new HashSet<FunctionState>(); foreach (var item in _acDomain.RoleSet.GetDescendantRoles(role)) { foreach (var privilege in _acDomain.PrivilegeSet.Where(a => a.SubjectType == AcElementType.Role && a.SubjectInstanceId == roleId && a.ObjectType == AcElementType.Function)) { FunctionState f; if (_acDomain.FunctionSet.TryGetFunction(privilege.ObjectInstanceId, out f)) { functions.Add(f); } } } // TODO:执行实体级策略筛选返回的功能列表 return functions.ToList(); }
public bool CheckAccess(IAcSession subject, IAcSession targetSession, Guid functionId, IManagedObject obj) { var securityService = _acDomain.RetrieveRequiredService<ISecurityService>(); FunctionState function; if (!_acDomain.FunctionSet.TryGetFunction(functionId, out function)) { throw new ValidationException("给定标识的功能不存在" + functionId); } IAcSession session = targetSession; if (session == null) { throw new ValidationException("给定标识的会话不存在"); } return securityService.Permit(session, function, obj); }
/// <summary> /// Unregister the <see cref="IManagedObject"/>. The object is then no longer managed by the <see cref="HoloFlowSceneManager"/> /// </summary> /// <param name="mObject"></param> public void UnregisterObject(IManagedObject mObject) { ManagedObjects.Remove(mObject); }
/// <summary> /// Registers a <see cref="IManagedObject"/> which should be managed by the <see cref="HoloFlowSceneManager"/> /// </summary> public void RegisterObject(IManagedObject mObject) { ManagedObjects.Add(mObject); }