internal DateTime AllowAccess(string portName, string moduleName, string username)
{
AssertionExpression resourceAccessAssertion = new AssertionExpression(
new AtomicAssertion(
localAuthority,
new AtomicClaim(
new ResourceAccessFact(
new StringPrincipal("port:" + portName),
new StringPrincipal("mod:" + moduleName),
new PrincipalVariable("$grp"),
new IntegerVariable("$from"),
new IntegerVariable("$to"),
new IntegerVariable("$day"),
new VerbVariable("$amode"),
new IntegerVariable("prio")))));
AssertionExpression groupMembershipAssertion = new AssertionExpression(
new AtomicAssertion(
localAuthority,
new AtomicClaim(
new UserGroupMembershipFact(
new StringPrincipal("usr:"******"$grp")))));
DateTime currTime = DateTime.Now;
int currMinute = currTime.Hour * 100 | currTime.Minute;
Expression minutesMoreThanFrom = new ConstraintExpression(new LessThanOrEqualConstraint(new IntegerVariable("$from"), new IntegerHolder(currMinute)));
Expression minutesLessThanTo = new ConstraintExpression(new LessThanOrEqualConstraint(new IntegerHolder(currMinute), new IntegerVariable("$to")));
Expression minutesInRange = new AndExpression(minutesMoreThanFrom, minutesLessThanTo);
int currDayOfWeek = (int)currTime.DayOfWeek;
Expression noDayOfWeekRestriction = new NotExpression(new ConstraintExpression(new InequalityConstraint(new IntegerVariable("$day"), new IntegerHolder(-1))));
Expression dayOfWeekMatches = new NotExpression(new ConstraintExpression(new InequalityConstraint(new IntegerVariable("$day"), new IntegerHolder(currDayOfWeek))));
Expression dayOfWeekAllowed = new OrExpression(noDayOfWeekRestriction, dayOfWeekMatches);
Query query = new Query(
new AndExpression(
resourceAccessAssertion,
groupMembershipAssertion,
minutesInRange,
dayOfWeekAllowed));
QueryContext context = new QueryContext(localAuthority, policyAssertions, query,
DateTime.UtcNow, new PrincipalIdentifier[] { }, new Uri[] { }, 0, false);
ReadOnlyCollection <Answer> answers = new Microsoft.Secpal.Authorization.QueryEngine().ExecuteQuery(context);
//logger.Log("\nquery: " + query + "\n");
//logger.Log("answers: {0}", answers.Count.ToString());
//foreach (Answer answer in answers)
// logger.Log(answer.Substitution.ToString());
return((answers.Count > 0) ? DateTime.MaxValue : DateTime.MinValue);
}
internal DateTime AllowAccess(string portName, string moduleName, string username)
{
AssertionExpression resourceAccessAssertion = new AssertionExpression(
new AtomicAssertion(
localAuthority,
new AtomicClaim(
new ResourceAccessFact(
new StringPrincipal("port:" + portName),
new StringPrincipal("mod:" + moduleName),
new PrincipalVariable("$grp"),
new IntegerVariable("$from"),
new IntegerVariable("$to"),
new IntegerVariable("$day"),
new VerbVariable("$amode"),
new IntegerVariable("prio")))));
AssertionExpression groupMembershipAssertion = new AssertionExpression(
new AtomicAssertion(
localAuthority,
new AtomicClaim(
new UserGroupMembershipFact(
new StringPrincipal("usr:"******"$grp")))));
DateTime currTime = DateTime.Now;
int currMinute = currTime.Hour * 100 | currTime.Minute;
Expression minutesMoreThanFrom = new ConstraintExpression(new LessThanOrEqualConstraint(new IntegerVariable("$from"), new IntegerHolder(currMinute)));
Expression minutesLessThanTo = new ConstraintExpression(new LessThanOrEqualConstraint(new IntegerHolder(currMinute), new IntegerVariable("$to")));
Expression minutesInRange = new AndExpression(minutesMoreThanFrom, minutesLessThanTo);
int currDayOfWeek = (int) currTime.DayOfWeek;
Expression noDayOfWeekRestriction = new NotExpression(new ConstraintExpression(new InequalityConstraint(new IntegerVariable("$day"), new IntegerHolder(-1))));
Expression dayOfWeekMatches = new NotExpression(new ConstraintExpression(new InequalityConstraint(new IntegerVariable("$day"), new IntegerHolder(currDayOfWeek))));
Expression dayOfWeekAllowed = new OrExpression(noDayOfWeekRestriction, dayOfWeekMatches);
Query query = new Query(
new AndExpression(
resourceAccessAssertion,
groupMembershipAssertion,
minutesInRange,
dayOfWeekAllowed));
QueryContext context = new QueryContext(localAuthority, policyAssertions, query,
DateTime.UtcNow, new PrincipalIdentifier[] { }, new Uri[] { }, 0, false);
ReadOnlyCollection<Answer> answers = new Microsoft.Secpal.Authorization.QueryEngine().ExecuteQuery(context);
//logger.Log("\nquery: " + query + "\n");
//logger.Log("answers: {0}", answers.Count.ToString());
//foreach (Answer answer in answers)
// logger.Log(answer.Substitution.ToString());
return (answers.Count > 0) ? DateTime.MaxValue : DateTime.MinValue;
}
