示例#1
0
        internal override bool HasPermission(DataRow input, DataTable dataTable, DataObjectStore store, Variable var)
        {
            string        updatingVariable = (var == null) ? null : var.MappingProperty;
            List <string> list;

            if (!string.IsNullOrWhiteSpace(updatingVariable))
            {
                IEnumerable <string> source = from c in base.Parameters
                                              where c.IsAccessingVariable(updatingVariable)
                                              select c.Name;
                string text = (source.Count <string>() > 0) ? source.First <string>() : updatingVariable;
                Collection <Parameter> collection = new Collection <Parameter>((from c in this.GetEffectiveParameters(input, dataTable, store)
                                                                                where c.Type != ParameterType.RunOnModified
                                                                                select c).ToList <Parameter>());
                if (!base.SingletonObject)
                {
                    Parameter item = new Parameter
                    {
                        Name      = base.IdentityName,
                        Reference = base.IdentityVariable,
                        Type      = ParameterType.Mandatory
                    };
                    if (!collection.Contains(item))
                    {
                        collection.Add(item);
                    }
                }
                list = (from c in collection
                        select c.Name).ToList <string>();
                if (!list.Contains(text, StringComparer.OrdinalIgnoreCase))
                {
                    list.Add(text);
                }
            }
            else
            {
                Collection <Parameter> collection2 = new Collection <Parameter>((from c in this.GetEffectiveParameters(input, dataTable, store)
                                                                                 where c.IsRunnable(input, dataTable)
                                                                                 select c).ToList <Parameter>());
                this.BuildParameters(input, store, collection2);
                list = (from c in collection2
                        select c.Name).ToList <string>();
            }
            return(this.CheckPermission(store, list, var));
        }
示例#2
0
 private bool CheckPredefinedPermission(string role, DataObjectStore store, Variable variable)
 {
     return(role.Equals("NA", StringComparison.OrdinalIgnoreCase) || this.RbacChecker.IsInRole(role, (variable.RbacDataObjectName != null) ? (store.GetDataObject(variable.RbacDataObjectName) as ADRawEntry) : null));
 }
示例#3
0
        internal override bool?FindAndCheckPermission(Func <Activity, bool> predicate, DataRow input, DataTable dataTable, DataObjectStore store, Variable updatingVariable)
        {
            IEnumerable <Activity> enumerable = new List <Activity>
            {
                this
            }.Where(predicate);
            bool?result = null;
            bool flag   = base.DataObjectName != null && base.DataObjectName == updatingVariable.DataObjectName;

            foreach (Activity activity in enumerable)
            {
                if (!flag)
                {
                    if (!base.Parameters.Any((Parameter p) => p.IsAccessingVariable(updatingVariable.Name)))
                    {
                        continue;
                    }
                }
                result = new bool?(activity.HasPermission(input, dataTable, store, updatingVariable));
            }
            return(result);
        }
示例#4
0
        private bool?CheckRbacForNotAccessPermission(DataRow input, DataTable dataTable, DataObjectStore store, Variable variable, IEnumerable <Workflow> sets)
        {
            bool?flag = null;
            Collection <Activity> activities = base.Activities;
            bool hasDataObject = !string.IsNullOrWhiteSpace(variable.DataObjectName);

            foreach (Activity activity in activities)
            {
                flag = flag.Or(activity.FindAndCheckPermission((Activity a) => (hasDataObject && a is GetCmdlet && (a as GetCmdlet).DataObjectName == variable.DataObjectName) || a.HasOutputVariable(variable.Name), input, dataTable, store, variable));
                if (flag.IsTrue())
                {
                    break;
                }
            }
            if (hasDataObject)
            {
                IVersionable versionable = store.GetDataObject(variable.DataObjectName) as IVersionable;
                if (versionable != null && versionable.ExchangeVersion != null)
                {
                    PropertyDefinition propertyDefinition = versionable.ObjectSchema[variable.MappingProperty];
                    if (propertyDefinition != null && !versionable.IsPropertyAccessible(propertyDefinition))
                    {
                        flag = new bool?(false);
                    }
                }
            }
            return(flag);
        }
示例#5
0
        private bool?CheckRbacForReadOnlyPermission(DataRow input, DataTable dataTable, DataObjectStore store, Variable variable, IEnumerable <Workflow> sets)
        {
            bool?flag = null;
            Collection <Activity> activities = sets.First <Workflow>().Activities;
            bool isSetCmdletDynamicParameter = !string.IsNullOrWhiteSpace(variable.DataObjectName) && !variable.IgnoreChangeTracking;

            foreach (Activity activity in activities)
            {
                flag = flag.Or(activity.FindAndCheckPermission((Activity a) => (isSetCmdletDynamicParameter && a is SetCmdlet && (a as SetCmdlet).DataObjectName == variable.DataObjectName) || (a is IReadOnlyChecker && a is CmdletActivity), input, dataTable, store, variable));
                if (flag.IsTrue())
                {
                    break;
                }
            }
            return(flag);
        }
示例#6
0
        private bool?CheckPermission(IEnumerable <Workflow> sets, DataRow input, DataTable dataTable, DataObjectStore store, Variable variable, IList <string> dependencies, MetaDataIncludeWorkflow.CheckPermissionDelegate checkPermissionDelegate)
        {
            bool?flag = null;

            if (dependencies != null && dependencies.Count > 0)
            {
                using (IEnumerator <string> enumerator = (from c in dependencies
                                                          where !string.IsNullOrWhiteSpace(c)
                                                          select c).GetEnumerator())
                {
                    while (enumerator.MoveNext())
                    {
                        string   name      = enumerator.Current;
                        Variable variable2 = dataTable.Columns[name].ExtendedProperties["Variable"] as Variable;
                        if (variable2 != null)
                        {
                            flag = flag.And(checkPermissionDelegate(input, dataTable, store, variable2, sets));
                            if (flag.IsFalse())
                            {
                                break;
                            }
                        }
                    }
                    return(flag);
                }
            }
            flag = checkPermissionDelegate(input, dataTable, store, variable, sets);
            return(flag);
        }
示例#7
0
        private bool?IsVariableSettable(DataRow input, DataTable dataTable, DataObjectStore store, Variable variable, Service service, List <string> dependencies)
        {
            bool flag   = this is GetObjectWorkflow;
            bool flag2  = this is GetObjectForNewWorkflow;
            bool?result = null;

            if (flag || flag2)
            {
                if (flag && variable.SetRoles != null)
                {
                    result = new bool?(this.CheckPredefinedPermission(variable.SetRoles, store, variable));
                }
                else if (flag2 && variable.NewRoles != null)
                {
                    result = new bool?(this.CheckPredefinedPermission(variable.NewRoles, store, variable));
                }
                else
                {
                    IEnumerable <Workflow> enumerable = null;
                    if (flag)
                    {
                        enumerable = from c in service.Workflows
                                     where c is SetObjectWorkflow
                                     select c;
                        if (variable.RbacDependenciesForSet != null)
                        {
                            dependencies.AddRange(variable.RbacDependenciesForSet);
                        }
                    }
                    else if (flag2)
                    {
                        enumerable = from c in service.Workflows
                                     where c is NewObjectWorkflow
                                     select c;
                        if (variable.RbacDependenciesForNew != null)
                        {
                            dependencies.AddRange(variable.RbacDependenciesForNew);
                        }
                    }
                    if (enumerable.Count <Workflow>() > 0)
                    {
                        result = this.CheckPermission(enumerable, input, dataTable, store, variable, dependencies, new MetaDataIncludeWorkflow.CheckPermissionDelegate(this.CheckRbacForReadOnlyPermission));
                    }
                }
            }
            return(result);
        }
示例#8
0
        private bool?IsVariableAccessible(DataRow input, DataTable dataTable, DataObjectStore store, Variable variable, List <string> dependencies)
        {
            bool?flag = null;

            return(this.CheckPermission(null, input, dataTable, store, variable, dependencies, new MetaDataIncludeWorkflow.CheckPermissionDelegate(this.CheckRbacForNotAccessPermission)));
        }