private static string MakeMessage(string userName, ObjectName objectName, Privileges privileges)
{
if (privileges == Privileges.None)
return String.Format("User '{0}' has not enough privileges to operate on the object '{1}'.", userName, objectName);
return String.Format("User '{0}' has not the privilege '{1}' on the object '{2}'.", userName, privileges, objectName);
}
public MissingPrivilegesException(string userName, ObjectName objectName, Privileges privileges, string message)
: base(SecurityErrorCodes.MissingPrivileges, message)
{
UserName = userName;
ObjectName = objectName;
Privileges = privileges;
}
public ResourceAccessSecurityAssert(ObjectName resourceName, DbObjectType resourceType, Privileges privileges)
{
ResourceName = resourceName;
ResourceType = resourceType;
Privileges = privileges;
Arguments = new InvokeArgument[0];
}
public void AddUser(string userName, string repositoryName, Privileges permission)
{
try
{
using (var stream = this[repositoryName])
{
if(stream.Length == 0)
{
stream.Dispose();
File.Delete(Path(_filePath, repositoryName));
return;
}
var repository = XElement.Load(stream);
var group =
repository.Elements(GroupType).First(
g => g.Attribute("perm").Value == permission.ToString());
if (group.Elements().Any(u => u.Attribute("name").Value == userName))
return;
group.Add(User(userName));
stream.SetLength(0);
repository.Save(stream);
stream.Flush();
}
}
catch (IOException)
{
Thread.Sleep(Window);
AddUser(userName, repositoryName, permission);
}
}
public override bool HasPrivileges(DbObjectType objectType, ObjectName objectName, Privileges privileges)
{
if (IsSecureAccess)
return true;
return base.HasPrivileges(objectType, objectName, privileges);
}
public Prepared(string grantee, Privileges privileges, string[] columns, ObjectName objectName, bool grantOption)
{
Grantee = grantee;
Privileges = privileges;
Columns = columns;
ObjectName = objectName;
GrantOption = grantOption;
}
public GrantPrivilegesStatement(string grantee, Privileges privilege, bool withGrant, ObjectName objName, IEnumerable<string> columns)
{
Grantee = grantee;
Privilege = privilege;
Columns = columns;
ObjectName = objName;
WithGrant = withGrant;
}
internal PrivilegeSetting(string privilege, PrivilegeState state)
{
Privileges p;
if (!Enum.TryParse(privilege, out p))
{
p = Privileges.UnknownPrivilege;
}
Privilege = p;
State = state;
}
public void SetPrivileges(DbObjectType objectType, ObjectName objectName, string grantee, Privileges privileges)
{
var key = new Key(objectType, objectName, grantee);
if (cache == null)
{
cache = new Dictionary <Key, Privileges>();
}
cache[key] = privileges;
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Request.GetUser().Admin)
{
Response.StatusCode = 401;
return;
}
if (!IsPostBack) RootBox.Text = new Config().Root;
if (Request.Form["hidden"] != null) Privileges.Parse(Request.Form["hidden"]).Save();
Data = new Privileges().ToString();
}
public static Privileges GetPrivileges <TEnum>()
{
FieldInfo[] fields = typeof(TEnum).GetFields();
if (fields.Length == 1)
{
return(null);
}
Privileges privilege = new Privileges();
FieldInfo[] fieldInfoArray = fields;
for (int i = 0; i < fieldInfoArray.Length; i++)
{
object[] customAttributes = fieldInfoArray[i].GetCustomAttributes(typeof(PrivilegeAttribute), true);
if (customAttributes.Length != 0)
{
GroupActionItem groupActionItem = new GroupActionItem();
ActionItem actionItem = new ActionItem();
List <string> strs = new List <string>();
List <PrivilegeAttribute> privilegeAttributes = new List <PrivilegeAttribute>();
List <Controllers> controllers = new List <Controllers>();
object[] objArray = customAttributes;
for (int j = 0; j < objArray.Length; j++)
{
object obj = objArray[j];
Controllers controller = new Controllers();
PrivilegeAttribute privilegeAttribute = obj as PrivilegeAttribute;
controller.ControllerName = privilegeAttribute.Controller;
List <string> actionNames = controller.ActionNames;
string action = privilegeAttribute.Action;
char[] chrArray = new char[] { ',' };
actionNames.AddRange(action.Split(chrArray));
controllers.Add(controller);
privilegeAttributes.Add(privilegeAttribute);
}
PrivilegeAttribute privilegeAttribute1 = privilegeAttributes.FirstOrDefault((PrivilegeAttribute a) => !string.IsNullOrEmpty(a.GroupName));
groupActionItem.GroupName = privilegeAttribute1.GroupName;
actionItem.PrivilegeId = privilegeAttribute1.Pid;
actionItem.Name = privilegeAttribute1.Name;
actionItem.Url = privilegeAttribute1.Url;
actionItem.Controllers.AddRange(controllers);
GroupActionItem groupActionItem1 = privilege.Privilege.FirstOrDefault((GroupActionItem a) => a.GroupName == groupActionItem.GroupName);
if (groupActionItem1 != null)
{
groupActionItem1.Items.Add(actionItem);
}
else
{
groupActionItem.Items.Add(actionItem);
privilege.Privilege.Add(groupActionItem);
}
}
}
return(privilege);
}
public void LoadPrivileges(IPlayerExtendedInfo player, Action <Privileges> callback)
{
Privileges priv = new Privileges("");
Client.Query(string.Format("SELECT * FROM users WHERE uniqueid = '{0}' LIMIT 1", player.AuthId))
.On(row: (row) => {
priv = new Privileges(row.GetValue("access") as string);
}, end: () => {
callback(priv);
});
}
private void SetPrivilegesInCache(string userName, DbObjectType objectType, ObjectName objectName, bool withOption, bool withPublic,
Privileges privileges)
{
var key = new GrantCacheKey(userName, objectType, objectName.FullName, withOption, withPublic);
if (grantsCache == null)
{
grantsCache = new Dictionary <GrantCacheKey, Privileges>();
}
grantsCache[key] = privileges;
}
public Provided_Functionalities(Privileges privilege = Privileges.Others)
{
InitializeComponent();
this._privilege = privilege;
if (privilege == Privileges.Others)
{
addProjectToolStripMenuItem.Enabled = false;
updateProjectToolStripMenuItem.Enabled = false;
updateDepartmentToolStripMenuItem.Enabled = false;
addDepartmentToolStripMenuItem.Enabled = false;
}
}
public AddNewStop_Go(Privileges privilege, int ID)
{
InitializeComponent();
_privilege = privilege;
_ID = ID;
controlobj = new Controller();
DataTable dt = controlobj.GetAdministrators();
toAdmin_cmbBox.DataSource = dt;
toAdmin_cmbBox.DisplayMember = "name";
toAdmin_cmbBox.ValueMember = "id";
}
internal static void OnAssignPrivileges(Player player, Privileges privileges)
{
player.Privileges = privileges;
var args = new AssignPrivilegesEventArgs(player);
OnAssignPrivileges(args);
player.OnPlayerAssignPrivileges(args);
PlayerInfo pi = new PlayerInfo(player);
SharpMod.Database.GetActiveBan(pi, ResolvedBans);
}
// Token: 0x06000014 RID: 20 RVA: 0x0000236C File Offset: 0x0000056C
private static int MainInternal(string[] args)
{
string userName = Environment.UserName;
DagMgmtService.Tracer.TraceDebug <string>(0L, "Running as {0}", userName);
int num = Privileges.RemoveAllExcept(DagMgmtService.requiredPrivileges);
if (num != 0)
{
return(num);
}
Globals.InitializeSinglePerfCounterInstance();
bool flag = !DagMgmtService.IsRunningAsService();
bool flag2 = false;
bool flag3 = false;
foreach (string text in args)
{
if (DagMgmtService.IsArgumentEqual(text, "-wait"))
{
flag3 = true;
}
else
{
DagMgmtService.ReportError("Invalid option specified :{0}\n", new object[]
{
text
});
flag2 = true;
}
}
if (flag2)
{
DagMgmtService.Tracer.TraceError(0L, "Invalid argument specified. Exiting process.");
return(1);
}
if (flag)
{
DagMgmtService.Tracer.TraceDebug <string, DateTime>(0L, "{0} Service starting in console mode at {1}", DagMgmtService.serviceName, DateTime.UtcNow);
Console.WriteLine("Starting {0}, running in console mode.", Assembly.GetExecutingAssembly().GetName().Name);
if (flag3)
{
Console.WriteLine("Press <ENTER> to continue.");
Console.ReadLine();
}
ExServiceBase.RunAsConsole(new DagMgmtService(flag));
}
else
{
ServiceBase.Run(new DagMgmtService(flag));
}
return(0);
}
private void NewUser_TI_Click(object sender, EventArgs e)
{
UserPasswordAddForm form = new UserPasswordAddForm(true);
if (form.ShowDialog(this) == DialogResult.OK)
{
User nuevo = _usuarios.NewItem();
nuevo.Licences = Privileges.CreatePerms(nuevo);
nuevo.Name = form.Nombre;
nuevo.PlainPwd = form.Pass;
}
}
private static void ResolvedPrivileges(PlayerInfo pi, Privileges priv)
{
Player player = Player.FindByUserId(pi.UserId);
// Player isn't in the server any more, just stop it.
if (player == null)
{
return;
}
OnAssignPrivileges(player, priv == null ? player.Privileges : priv);
}
private Privileges JoinPrivileges(Privileges privilege1, Dictionary <string, Dictionary <AccessRights, RolePrivilege> > privileges2)
{
Privileges privilage2Modified = privileges2.Select(x =>
new KeyValuePair <string, AccessDepthRight>(
x.Key,
x.Value.Select(y =>
new KeyValuePair <AccessRights, PrivilegeDepth>(y.Key, y.Value.PrivilegeDepth))
.ToDictionary(v => v.Key, v => v.Value)))
.ToDictionary(v => v.Key, v => v.Value);
return(JoinPrivileges(privilege1, privilage2Modified));
}
public void TestMethod1()
{
Privileges privilegetest1 = new Privileges();
privilegetest1.valuesToList();
if (!privilegetest1.getList.Contains("checkBox3"))
{
var e = new Exception("test");
e.Data.Add("List1", privilegetest1.getList);
throw e;
}
}
public Stop_and_Go(Privileges privilege, int ID)
{
InitializeComponent();
controllerObj = new Controller();
_privilege = privilege;
_ID = ID;
compose_btn.Enabled = false;
if (_privilege == Privileges.Operators)
{
compose_btn.Enabled = true;
}
//Stop has category 0 Go 1
}
private bool TryGetPrivilegesFromCache(string userName, DbObjectType objectType, ObjectName objectName, bool withOption, bool withPublic,
out Privileges privileges)
{
if (grantsCache == null)
{
privileges = Privileges.None;
return(false);
}
var key = new GrantCacheKey(userName, objectType, objectName.FullName, withOption, withPublic);
return(grantsCache.TryGetValue(key, out privileges));
}
public bool TryGetPrivileges(DbObjectType objectType, ObjectName objectName, string grantee,
out Privileges privileges)
{
if (cache == null)
{
privileges = Privileges.None;
return(false);
}
var key = new Key(objectType, objectName, grantee);
return(cache.TryGetValue(key, out privileges));
}
public override string ToString()
{
StringBuilder sb = new StringBuilder("GrantRevokePrivilegeRequest(");
sb.Append("RequestType: ");
sb.Append(RequestType);
sb.Append(",Privileges: ");
sb.Append(Privileges == null ? "<null>" : Privileges.ToString());
sb.Append(",RevokeGrantOption: ");
sb.Append(RevokeGrantOption);
sb.Append(")");
return(sb.ToString());
}
public AnnotatedAclEntry ResolveAclEntry(UnresolvedAclEntry e, SecurityTargetKind targetKind)
{
return(new AnnotatedAclEntry
{
Entry = new AclEntry
{
Privilege = Privileges.FirstOrDefault(p => p.SID == e.PrivilegeId),
Subject = _memoizer.Memoize(new { e.SubjectId }, sid => SubjectProviders.Select(p => p.Find(sid.SubjectId)).FirstOrDefault(s => s != null)),
Kind = e.Allow ? AclEntryKind.Allow : AclEntryKind.Deny
},
InheritedFrom = e.IsInherited ? ResolveTarget(e.SourceTarget, targetKind) : null
});
}
/// <summary>
/// Constructs a new grant for an user on the given
/// object, including the privileges of the grant.
/// </summary>
/// <param name="privileges">The access privileges granted to the user on the
/// given object.</param>
/// <param name="objectName">The fully qualified name of the object on which
/// to grant the given access privileges to the user.</param>
/// <param name="objectType">The <see cref="DbObjectType">type of the object</see>.</param>
/// <param name="granterName">The name of the user that granted.</param>
/// <param name="withOption"></param>
public Grant(Privileges privileges, ObjectName objectName, DbObjectType objectType, string granterName, bool withOption)
{
if (String.IsNullOrEmpty(granterName))
throw new ArgumentNullException("granterName");
if (objectName == null)
throw new ArgumentNullException("objectName");
Privileges = privileges;
ObjectName = objectName;
ObjectType = objectType;
GranterName = granterName;
WithOption = withOption;
}
public GrantPrivilegesStatement(string grantee, Privileges privilege, bool withGrant, ObjectName objName, IEnumerable<string> columns)
{
if (String.IsNullOrEmpty(grantee))
throw new ArgumentNullException("grantee");
if (objName == null)
throw new ArgumentNullException("objName");
Grantee = grantee;
Privilege = privilege;
Columns = columns;
ObjectName = objName;
WithGrant = withGrant;
}
public AddNewProplem(Privileges privilege, int ID)
{
InitializeComponent();
controllerObj = new Controller();
_privilege = privilege;
_ID = ID;
category_cmbBox.Items.Add("Electric");
category_cmbBox.Items.Add("Mechanical");
category_cmbBox.Items.Add("Maintainance");
type_cmbBox.Items.Add("Utility");
type_cmbBox.Items.Add("Production");
}
private void Initialize(ExecutionScope scope, Privileges privileges, int iMinimumSimilarity, MatchCommand mcConfirmationCommand, string strFailedRequirementsMessage) {
this.ExecutionScope = scope;
this.RequiredPrivileges = privileges;
this.MinimumMatchSimilarity = iMinimumSimilarity;
this.ConfirmationCommand = mcConfirmationCommand;
if (strFailedRequirementsMessage.Length < 100) {
this.FailedRequirementsMessage = strFailedRequirementsMessage;
}
else {
this.FailedRequirementsMessage = strFailedRequirementsMessage.Substring(0, 100);
}
}
public RevokePrivilegesStatement(string grantee, Privileges privileges, bool grantOption, ObjectName objectName, IEnumerable<string> columns)
{
if (String.IsNullOrEmpty(grantee))
throw new ArgumentNullException("grantee");
if (objectName == null)
throw new ArgumentNullException("objectName");
Grantee = grantee;
Privileges = privileges;
ObjectName = objectName;
Columns = columns;
GrantOption = grantOption;
}
public operator_main(Privileges privilege, int ID)
{
InitializeComponent();
controllerObj = new Controller();
_privilege = privilege;
_ID = ID;
safety_gauges_btn.Enabled = false;
final_tracker_btn.Enabled = false;
if (controllerObj.getIS_Chief(_ID) == 1)
{
safety_gauges_btn.Enabled = true;
final_tracker_btn.Enabled = true;
}
}
public CommandAttribute(string command, string description, bool isPublic, Privileges privileges, int requiredArgs = -1, bool scheduled = false, string filter = null, string onArgsPushed = null)
{
Command = command;
Description = description;
RequiredArgs = requiredArgs;
IsPublic = isPublic;
PrivilegesRequired = privileges;
Filter = filter;
Scheduled = scheduled;
// Available only on scheduled commands where you can pass multi-line args, so you will able to check argument
// (Really hate that i can't pass Delegate or atleast MethodInfo here)
OnArgsPushed = onArgsPushed;
}
private Privileges AssignPrivilegesValue(Entity entityPermission)
{
Privileges privileges = new Privileges();
privileges.Read = entityPermission.GetAttributeValue <bool>("adx_read");
privileges.Create = entityPermission.GetAttributeValue <bool>("adx_create");
privileges.Update = entityPermission.GetAttributeValue <bool>("adx_write");
privileges.Delete = entityPermission.GetAttributeValue <bool>("adx_delete");
privileges.Append = entityPermission.GetAttributeValue <bool>("adx_append");
privileges.AppendTo = entityPermission.GetAttributeValue <bool>("adx_appendto");
privileges.UpdateScope = (Scope)entityPermission.GetAttributeValue <OptionSetValue>("adx_scope").Value;
privileges.DeleteScope = (Scope)entityPermission.GetAttributeValue <OptionSetValue>("adx_scope").Value;
return(privileges);
}
public DirectoryWorkerBaseViewModel()
: base()
{
IsAdminSalary = Privileges.HasAccess(UserPrivileges.Salary_AdminSalary);
IsDeadSpiritVisibility = Privileges.HasAccess(UserPrivileges.WorkersVisibility_DeadSpirit);
AddCompanyAndPostCommand = new RelayCommand(AddCompanyAndPost);
EditCompanyAndPostCommand = new RelayCommand(EditCompanyAndPost, IsSelectedCompanyAndPost);
RemoveCompanyAndPostCommand = new RelayCommand(RemoveCompanyAndPost, IsSelectedCompanyAndPost);
AddPhotoCommand = new RelayCommand(AddPhoto);
RemovePhotoCommand = new RelayCommand(RemovePhoto);
SelectedIndexCurrentCompanyAndPost = -1;
}
/// <summary>
/// Creates the Warden service which monitors processes on the computer.
/// </summary>
/// <param name="options"></param>
public static void Initialize(WardenOptions options)
{
if (!Privileges.IsUserAnAdministrator())
{
throw new WardenManageException(Resources.Exception_No_Admin);
}
WardenImpersonator.Initialize();
Stop();
Options = options ?? throw new WardenManageException(Resources.Exception_No_Options);
try
{
ShutdownUtils.RegisterEvents();
_wmiOptions = new ConnectionOptions
{
Authentication = AuthenticationLevel.Default,
EnablePrivileges = true,
Impersonation = ImpersonationLevel.Impersonate,
Timeout = TimeSpan.MaxValue
};
_connectionScope = new ManagementScope($@"\\{Environment.MachineName}\root\cimv2", _wmiOptions);
_connectionScope.Connect();
var creationThreadStarted = new ManualResetEvent(false);
CreationThread = new Thread(StartCreationListener)
{
IsBackground = true
};
CreationThread.Start(creationThreadStarted);
var destructionThreadStarted = new ManualResetEvent(false);
DestructionThread = new Thread(StartDestructionListener)
{
IsBackground = true
};
DestructionThread.Start(destructionThreadStarted);
creationThreadStarted.WaitOne();
destructionThreadStarted.WaitOne();
Initialized = true;
Logger?.Info("Initialized");
}
catch (Exception ex)
{
throw new WardenException(ex.Message, ex);
}
}
/// <summary>
/// Constructs a new grant for the given user on the given
/// object, including the privileges of the grant.
/// </summary>
/// <param name="userName">The name of the user holding the grant.</param>
/// <param name="privileges">The access privileges granted to the user on the
/// given object.</param>
/// <param name="objectName">The fully qualified name of the object on which
/// to grant the given access privileges to the user.</param>
/// <param name="objectType">The <see cref="DbObjectType">type of the object</see>.</param>
/// <param name="granterName">The name of the user that granted.</param>
public UserGrant(string userName, Privileges privileges, ObjectName objectName, DbObjectType objectType, string granterName)
{
if (String.IsNullOrEmpty(userName))
throw new ArgumentNullException("userName");
if (String.IsNullOrEmpty(granterName))
throw new ArgumentNullException("granterName");
if (objectName == null)
throw new ArgumentNullException("objectName");
UserName = userName;
Privileges = privileges;
ObjectName = objectName;
ObjectType = objectType;
GranterName = granterName;
}
public bool Has(Privileges flags)
{
bool hasPrivileges = false;
CPrivileges cpriv = new CPrivileges((UInt32)flags);
cpriv.SetLowestPrivileges(this);
if ((cpriv.PrivilegesFlags & (UInt32)flags) == (UInt32)flags)
{
hasPrivileges = true;
}
return(hasPrivileges);
}
public virtual Boolean IsAuthorizedFor(String accountId, String area, String controller, String action)
{
String privilege = (area + "/" + controller + "/" + action).ToLower();
if (!Required.ContainsKey(privilege))
{
return(true);
}
if (!Privileges.ContainsKey(accountId ?? ""))
{
return(false);
}
return(Privileges[accountId].Contains(Required[privilege]));
}
private void Initialize(ExecutionScope scope, Privileges privileges, int iMinimumSimilarity, MatchCommand mcConfirmationCommand, string strFailedRequirementsMessage)
{
this.ExecutionScope = scope;
this.RequiredPrivileges = privileges;
this.MinimumMatchSimilarity = iMinimumSimilarity;
this.ConfirmationCommand = mcConfirmationCommand;
if (strFailedRequirementsMessage.Length < 100)
{
this.FailedRequirementsMessage = strFailedRequirementsMessage;
}
else
{
this.FailedRequirementsMessage = strFailedRequirementsMessage.Substring(0, 100);
}
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options => options.AddPolicy("AllowAll", p => p.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials()));
services.AddLibraryContext(Configuration.GetConnectionString("DefaultConnection"));
services.AddDataProcessingServices();
services
.AddEFDataStorage()
.AddAutoMapper();
services
.AddAuthentication(o =>
{
o.DefaultScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
o.DefaultAuthenticateScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
})
.AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, o =>
{
o.Authority = Configuration["Tokens:Authority"];
o.ApiName = "api1";
o.SupportedTokens = SupportedTokens.Both;
o.RequireHttpsMetadata = false;
});
services.AddAuthorization(options => {
foreach (var policy in Privileges.GetPrivilegePolicies())
{
options.AddPolicy(policy.Key, policy.Value);
}
});
services.AddMvc();
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryPersistedGrants()
.AddInMemoryApiResources(IdentityServerConfig.GetApiResources())
.AddInMemoryClients(IdentityServerConfig.GetClients())
.AddAspNetIdentity <User>()
.AddProfileService <UserProfileService>();
}
public Proplems(Privileges privilege, int ID)
{
InitializeComponent();
controllerObj = new Controller();
_privilege = privilege;
_ID = ID;
addProplem_btn.Enabled = false;
departement_cmbBox.Enabled = false;
if (privilege == Privileges.Admin)
{
addProplem_btn.Enabled = true;
}
if (privilege == Privileges.Manager)
{
departement_cmbBox.Enabled = true;
}
}
public Operators(Privileges privilege, int ID)
{
InitializeComponent();
controllerObj = new Controller();
_privilege = privilege;
_ID = ID;
addOP_btn.Enabled = false;
departement_cmbBox.Enabled = false;
if (privilege == Privileges.Manager)
{
addOP_btn.Enabled = true;
departement_cmbBox.Enabled = true;
}
departement_cmbBox.DataSource = controllerObj.GetDeparments();
departement_cmbBox.DisplayMember = "name";
departement_cmbBox.ValueMember = "id";
}
public bool HasAccess(Privileges privilege)
{
bool granted = false;
if (LoggedUser == null || privilege == Privileges.NullPrivilegeRestricted)
{
granted = false;
}
else if (privilege == Privileges.NullPrivilegeAllowed)
{
granted = true;
}
else
{
granted = (from r in LoggedUser.Roles where RoleHasPermission(r, privilege) select r).Count() > 0;
}
return granted;
}
public virtual bool HasPrivileges(DbObjectType objectType, ObjectName objectName, Privileges privileges)
{
AssertInContext();
if (Session.Access().UserHasPrivilege(Name, objectType, objectName, privileges))
return true;
var obj = Session.Access().GetObject(objectType, objectName);
if (obj != null &&
String.Equals(Name, obj.ObjectInfo.Owner))
return true;
if (objectName.Parent != null)
return HasPrivileges(DbObjectType.Schema, objectName.Parent, privileges);
return false;
}
/// <summary>
/// Constructs a new grant for an user on the given
/// object, including the privileges of the grant.
/// </summary>
/// <param name="privileges">The access privileges granted to the user on the
/// given object.</param>
/// <param name="objectName">The fully qualified name of the object on which
/// to grant the given access privileges to the user.</param>
/// <param name="objectType">The <see cref="DbObjectType">type of the object</see>.</param>
/// <param name="granterName">The name of the user that granted.</param>
/// <param name="withOption"></param>
public Grant(Privileges privileges, ObjectName objectName, DbObjectType objectType, string granterName, bool withOption)
{
if (String.IsNullOrEmpty(granterName))
{
throw new ArgumentNullException("granterName");
}
if (objectName == null)
{
throw new ArgumentNullException("objectName");
}
Privileges = privileges;
ObjectName = objectName;
ObjectType = objectType;
GranterName = granterName;
WithOption = withOption;
}
public void SelectPrivString(Privileges privileges, string expected)
{
var sql = String.Format("SELECT i_privilege_string(" + ((int)privileges) + ")");
var query = (SqlQueryExpression)SqlExpression.Parse(sql);
var cursor = AdminQuery.Select(query);
Assert.IsNotNull(cursor);
Row row = null;
Assert.DoesNotThrow(() => row = cursor.Fetch(FetchDirection.Next, -1));
Assert.IsNotNull(row);
var value = row.GetValue(0);
Assert.IsFalse(Field.IsNullField(value));
Assert.AreEqual(expected, value.Value.ToString());
}
private bool RoleHasPermission(Role r, Privileges privilege)
{
return SecurityUtil.ExistOnCurrentWorkstation(privilege) &&
(from p in r.Permissions where p.Name == privilege.ToString() select p).Count() > 0;
}
public static bool UserHasTablePrivilege(this IQueryContext context, ObjectName tableName, Privileges privileges)
{
return context.UserHasPrivilege(DbObjectType.Table, tableName, privileges);
}
public override bool HasPrivileges(DbObjectType objectType, ObjectName objectName, Privileges privileges)
{
if (IsSystem ||
IsInRole(SystemRoles.SecureAccessRole))
return true;
if (base.HasPrivileges(objectType, objectName, privileges))
return true;
var roles = Roles;
if (roles == null || roles.Length == 0)
return false;
return roles.Any(role => role.HasPrivileges(objectType, objectName, privileges));
}
public override bool HasGrantOption(DbObjectType objectType, ObjectName objectName, Privileges privileges)
{
if (IsSystem)
return true;
if (base.HasGrantOption(objectType, objectName, privileges))
return true;
var roles = Roles;
if (roles == null || roles.Length == 0)
return false;
return roles.Any(role => role.HasGrantOption(objectType, objectName, privileges));
}
public static bool UserHasSchemaPrivilege(this IQueryContext context, string schemaName, Privileges privileges)
{
if (context.UserHasPrivilege(DbObjectType.Schema, new ObjectName(schemaName), privileges))
return true;
return context.UserHasSecureAccess();
}
/// <summary>
/// Initializes a new instance of the <see cref="PrivilegesValue"/> class.
/// </summary>
/// <param name="permission">The permission.</param>
public PrivilegesValue(Privileges permission)
{
this.Permission = permission;
}
public RevokePrivilegesStatement(string grantee, Privileges privileges, bool grantOption, ObjectName objectName)
: this(grantee, privileges, grantOption, objectName, null)
{
}
public RevokePrivilegesStatement(string grantee, Privileges privileges, ObjectName objectName, IEnumerable<string> columns)
: this(grantee, privileges, false, objectName, columns)
{
}
public static void GrantToUserOnTable(this IQueryContext context, ObjectName tableName, string grantee, Privileges privileges)
{
context.GrantToUserOn(DbObjectType.Table, tableName, grantee, privileges);
}
private static XElement Group(Privileges privileges)
{
var group = new XElement(GroupType);
group.SetAttributeValue("perm", privileges.ToString());
return group;
}
public static bool UserHasPrivilege(this IQueryContext context, DbObjectType objectType, ObjectName objectName, Privileges privileges)
{
var user = context.User();
if (user.IsSystem)
return true;
if (context.UserBelongsToSecureGroup())
return true;
var userName = user.Name;
var grant = context.ForSystemUser().PrivilegeManager().GetUserPrivileges(userName, objectType, objectName, false);
return (grant & privileges) != 0;
}
public static void GrantToUserOnSchema(this IQueryContext context, string schemaName, string grantee, Privileges privileges, bool withOption = false)
{
context.GrantToUserOn(DbObjectType.Schema, new ObjectName(schemaName), grantee, privileges, withOption);
}
/// <summary>
/// Determines if the permission contains the specified permission.
/// </summary>
/// <param name="permission">The permission.</param>
/// <returns></returns>
public bool AllowedTo(Privileges permission)
{
return this.Permission.Has(permission);
}
