internal override bool HasPermission(DataRow input, DataTable dataTable, DataObjectStore store, Variable var)
{
string updatingVariable = (var == null) ? null : var.MappingProperty;
List <string> list;
if (!string.IsNullOrWhiteSpace(updatingVariable))
{
IEnumerable <string> source = from c in base.Parameters
where c.IsAccessingVariable(updatingVariable)
select c.Name;
string text = (source.Count <string>() > 0) ? source.First <string>() : updatingVariable;
Collection <Parameter> collection = new Collection <Parameter>((from c in this.GetEffectiveParameters(input, dataTable, store)
where c.Type != ParameterType.RunOnModified
select c).ToList <Parameter>());
if (!base.SingletonObject)
{
Parameter item = new Parameter
{
Name = base.IdentityName,
Reference = base.IdentityVariable,
Type = ParameterType.Mandatory
};
if (!collection.Contains(item))
{
collection.Add(item);
}
}
list = (from c in collection
select c.Name).ToList <string>();
if (!list.Contains(text, StringComparer.OrdinalIgnoreCase))
{
list.Add(text);
}
}
else
{
Collection <Parameter> collection2 = new Collection <Parameter>((from c in this.GetEffectiveParameters(input, dataTable, store)
where c.IsRunnable(input, dataTable)
select c).ToList <Parameter>());
this.BuildParameters(input, store, collection2);
list = (from c in collection2
select c.Name).ToList <string>();
}
return(this.CheckPermission(store, list, var));
}
private bool CheckPredefinedPermission(string role, DataObjectStore store, Variable variable)
{
return(role.Equals("NA", StringComparison.OrdinalIgnoreCase) || this.RbacChecker.IsInRole(role, (variable.RbacDataObjectName != null) ? (store.GetDataObject(variable.RbacDataObjectName) as ADRawEntry) : null));
}
internal override bool?FindAndCheckPermission(Func <Activity, bool> predicate, DataRow input, DataTable dataTable, DataObjectStore store, Variable updatingVariable)
{
IEnumerable <Activity> enumerable = new List <Activity>
{
this
}.Where(predicate);
bool?result = null;
bool flag = base.DataObjectName != null && base.DataObjectName == updatingVariable.DataObjectName;
foreach (Activity activity in enumerable)
{
if (!flag)
{
if (!base.Parameters.Any((Parameter p) => p.IsAccessingVariable(updatingVariable.Name)))
{
continue;
}
}
result = new bool?(activity.HasPermission(input, dataTable, store, updatingVariable));
}
return(result);
}
private bool?CheckRbacForNotAccessPermission(DataRow input, DataTable dataTable, DataObjectStore store, Variable variable, IEnumerable <Workflow> sets)
{
bool?flag = null;
Collection <Activity> activities = base.Activities;
bool hasDataObject = !string.IsNullOrWhiteSpace(variable.DataObjectName);
foreach (Activity activity in activities)
{
flag = flag.Or(activity.FindAndCheckPermission((Activity a) => (hasDataObject && a is GetCmdlet && (a as GetCmdlet).DataObjectName == variable.DataObjectName) || a.HasOutputVariable(variable.Name), input, dataTable, store, variable));
if (flag.IsTrue())
{
break;
}
}
if (hasDataObject)
{
IVersionable versionable = store.GetDataObject(variable.DataObjectName) as IVersionable;
if (versionable != null && versionable.ExchangeVersion != null)
{
PropertyDefinition propertyDefinition = versionable.ObjectSchema[variable.MappingProperty];
if (propertyDefinition != null && !versionable.IsPropertyAccessible(propertyDefinition))
{
flag = new bool?(false);
}
}
}
return(flag);
}
private bool?CheckRbacForReadOnlyPermission(DataRow input, DataTable dataTable, DataObjectStore store, Variable variable, IEnumerable <Workflow> sets)
{
bool?flag = null;
Collection <Activity> activities = sets.First <Workflow>().Activities;
bool isSetCmdletDynamicParameter = !string.IsNullOrWhiteSpace(variable.DataObjectName) && !variable.IgnoreChangeTracking;
foreach (Activity activity in activities)
{
flag = flag.Or(activity.FindAndCheckPermission((Activity a) => (isSetCmdletDynamicParameter && a is SetCmdlet && (a as SetCmdlet).DataObjectName == variable.DataObjectName) || (a is IReadOnlyChecker && a is CmdletActivity), input, dataTable, store, variable));
if (flag.IsTrue())
{
break;
}
}
return(flag);
}
private bool?CheckPermission(IEnumerable <Workflow> sets, DataRow input, DataTable dataTable, DataObjectStore store, Variable variable, IList <string> dependencies, MetaDataIncludeWorkflow.CheckPermissionDelegate checkPermissionDelegate)
{
bool?flag = null;
if (dependencies != null && dependencies.Count > 0)
{
using (IEnumerator <string> enumerator = (from c in dependencies
where !string.IsNullOrWhiteSpace(c)
select c).GetEnumerator())
{
while (enumerator.MoveNext())
{
string name = enumerator.Current;
Variable variable2 = dataTable.Columns[name].ExtendedProperties["Variable"] as Variable;
if (variable2 != null)
{
flag = flag.And(checkPermissionDelegate(input, dataTable, store, variable2, sets));
if (flag.IsFalse())
{
break;
}
}
}
return(flag);
}
}
flag = checkPermissionDelegate(input, dataTable, store, variable, sets);
return(flag);
}
private bool?IsVariableSettable(DataRow input, DataTable dataTable, DataObjectStore store, Variable variable, Service service, List <string> dependencies)
{
bool flag = this is GetObjectWorkflow;
bool flag2 = this is GetObjectForNewWorkflow;
bool?result = null;
if (flag || flag2)
{
if (flag && variable.SetRoles != null)
{
result = new bool?(this.CheckPredefinedPermission(variable.SetRoles, store, variable));
}
else if (flag2 && variable.NewRoles != null)
{
result = new bool?(this.CheckPredefinedPermission(variable.NewRoles, store, variable));
}
else
{
IEnumerable <Workflow> enumerable = null;
if (flag)
{
enumerable = from c in service.Workflows
where c is SetObjectWorkflow
select c;
if (variable.RbacDependenciesForSet != null)
{
dependencies.AddRange(variable.RbacDependenciesForSet);
}
}
else if (flag2)
{
enumerable = from c in service.Workflows
where c is NewObjectWorkflow
select c;
if (variable.RbacDependenciesForNew != null)
{
dependencies.AddRange(variable.RbacDependenciesForNew);
}
}
if (enumerable.Count <Workflow>() > 0)
{
result = this.CheckPermission(enumerable, input, dataTable, store, variable, dependencies, new MetaDataIncludeWorkflow.CheckPermissionDelegate(this.CheckRbacForReadOnlyPermission));
}
}
}
return(result);
}
private bool?IsVariableAccessible(DataRow input, DataTable dataTable, DataObjectStore store, Variable variable, List <string> dependencies)
{
bool?flag = null;
return(this.CheckPermission(null, input, dataTable, store, variable, dependencies, new MetaDataIncludeWorkflow.CheckPermissionDelegate(this.CheckRbacForNotAccessPermission)));
}