/// <summary>
/// Removes a <paramref name="role"/> from this <see cref="RoleOwner"/>.
/// </summary>
/// <param name="role">The <see cref="Role"/>.</param>
public void Remove(Role role)
{
// validate arguments
if (role == null)
throw new ArgumentNullException("role");
roles.Remove(role.Id);
}
/// <summary>
/// Adds a <paramref name="role"/> to this <see cref="RoleOwner"/>.
/// </summary>
/// <param name="role">The <see cref="Role"/>.</param>
public void Add(Role role)
{
// validate arguments
if (role == null)
throw new ArgumentNullException("role");
roles.Add(role.Id, role);
}
/// <summary>
/// Adds a <paramref name="role"/> to the <paramref name="owner"/>.
/// </summary>
/// <param name="context">The <see cref="IMansionContext"/>.</param>
/// <param name="owner">The <see cref="RoleOwner"/>.</param>
/// <param name="role">The <see cref="Role"/>.</param>
public void AssignRole(IMansionContext context, RoleOwner owner, Role role)
{
// validate arguments
if (context == null)
throw new ArgumentNullException("context");
if (owner == null)
throw new ArgumentNullException("owner");
if (role == null)
throw new ArgumentNullException("role");
// get the repository
var repository = context.Repository;
// retrieve the required nodes
var ownerNode = RetrieveRoleOwnerNode(context, owner, repository);
var roleNode = RetrieveRoleNode(context, role, repository);
// update the role owner
repository.UpdateNode(context, ownerNode, new PropertyBag
{
{"assignedRoleGuids", string.Join(",", new[] {ownerNode.Get(context, "assignedRoleGuids", string.Empty), roleNode.Get<string>(context, "guid")})}
});
}
/// <summary>
/// Creates the new <paramref name="permission"/> on the <paramref name="role"/>.
/// </summary>
/// <param name="context">The <see cref="IMansionContext"/>.</param>
/// <param name="role">The <see cref="Role"/>.</param>
/// <param name="permission">The <see cref="Permission"/>.</param>
public void CreatePermission(IMansionContext context, Role role, Permission permission)
{
// validate arguments
if (context == null)
throw new ArgumentNullException("context");
if (role == null)
throw new ArgumentNullException("role");
if (permission == null)
throw new ArgumentNullException("permission");
// get the repository
var repository = context.Repository;
// retrieve the role
var roleNode = RetrieveRoleNode(context, role, repository);
// store the permission
var permissionPrefix = permission.Operation.Resource.Id + "_" + permission.Operation.Id + "_";
repository.UpdateNode(context, roleNode, new PropertyBag
{
{permissionPrefix + "granted", permission.Granted},
{permissionPrefix + "priority", permission.Priority},
});
}
/// <summary>
/// Maps a <paramref name="roleNode"/> to <see cref="Role"/>.
/// </summary>
/// <param name="context"></param>
/// <param name="roleNode"></param>
/// <returns></returns>
private Role MapRole(IMansionContext context, Node roleNode)
{
// create the role
var role = new Role(roleNode.PermanentId);
// find all the properties ending with _granted
foreach (var property in roleNode.Where(x => x.Key.EndsWith(GrantedPostfix, StringComparison.OrdinalIgnoreCase)))
{
// get the resourceId and operationId
var permissionParts = property.Key.Substring(0, property.Key.Length - GrantedPostfix.Length).Split(new[] {'_'}, StringSplitOptions.RemoveEmptyEntries);
if (permissionParts.Length != 2)
throw new InvalidOperationException(string.Format("Invalid permission '{0}' found in role '{1}'", property.Key, roleNode.Pointer.PathString));
var resourceId = permissionParts[0];
var operationId = permissionParts[1];
var permissionPrefix = resourceId + "_" + operationId + "_";
// create the operation
var operation = ProtectedOperation.Create(context, resourceId, operationId);
// create the permission
var permission = new Permission
{
Granted = roleNode.Get(context, permissionPrefix + "granted", false),
Operation = operation,
Priority = roleNode.Get(context, permissionPrefix + "priority", 5)
};
// add the permission to the role
role.Add(permission);
}
// return the role
return role;
}
/// <summary>
/// Retrieves the role node.
/// </summary>
/// <param name="context"></param>
/// <param name="role"></param>
/// <param name="repository"></param>
/// <returns></returns>
private static Node RetrieveRoleNode(IMansionContext context, Role role, IRepository repository)
{
var node = repository.RetrieveSingleNode(context, new PropertyBag
{
{"baseType", "Role"},
{"guid", role.Id},
{"bypassAuthorization", true},
{StorageOnlyQueryComponent.PropertyKey, true}
});
if (node == null)
throw new InvalidOperationException(string.Format("Could not find role with ID {0} in repository, please sync tables", role.Id));
return node;
}
/// <summary>
/// Removes a <paramref name="role"/> from the <paramref name="owner"/>.
/// </summary>
/// <param name="context">The <see cref="IMansionContext"/>.</param>
/// <param name="owner">The <see cref="RoleOwner"/>.</param>
/// <param name="role">The <see cref="Role"/>.</param>
public void RemoveRole(IMansionContext context, RoleOwner owner, Role role)
{
// validate arguments
if (context == null)
throw new ArgumentNullException("context");
if (owner == null)
throw new ArgumentNullException("owner");
if (role == null)
throw new ArgumentNullException("role");
// get the repository
var repository = context.Repository;
// retrieve the required nodes
var ownerNode = RetrieveRoleOwnerNode(context, owner, repository);
var roleNode = RetrieveRoleNode(context, role, repository);
// build the userGuids array
var assignedRoleList = (ownerNode.Get(context, "assignedRoleGuids", string.Empty).Split(new[] {','}, StringSplitOptions.RemoveEmptyEntries)).ToList();
assignedRoleList.Remove(roleNode.Get<string>(context, "guid"));
// update the user group
repository.UpdateNode(context, ownerNode, new PropertyBag
{
{"assignedRoleGuids", string.Join(",", assignedRoleList)}
});
}
/// <summary>
/// Deletes the <paramref name="permission"/> from the <paramref name="role"/>.
/// </summary>
/// <param name="context">The <see cref="IMansionContext"/>.</param>
/// <param name="role">The <see cref="Role"/>.</param>
/// <param name="permission">The <see cref="Permission"/>.</param>
public void DeletePermission(IMansionContext context, Role role, Permission permission)
{
// validate arguments
if (context == null)
throw new ArgumentNullException("context");
if (role == null)
throw new ArgumentNullException("role");
throw new System.NotImplementedException();
}