Core.Common: added new secuirty objects
This commit is contained in:
parent
6202e65932
commit
3ee45f256b
75
common/ASC.Core.Common/Security/SecurityObject.cs
Normal file
75
common/ASC.Core.Common/Security/SecurityObject.cs
Normal file
@ -0,0 +1,75 @@
|
||||
// (c) Copyright Ascensio System SIA 2010-2022
|
||||
//
|
||||
// This program is a free software product.
|
||||
// You can redistribute it and/or modify it under the terms
|
||||
// of the GNU Affero General Public License (AGPL) version 3 as published by the Free Software
|
||||
// Foundation. In accordance with Section 7(a) of the GNU AGPL its Section 15 shall be amended
|
||||
// to the effect that Ascensio System SIA expressly excludes the warranty of non-infringement of
|
||||
// any third-party rights.
|
||||
//
|
||||
// This program is distributed WITHOUT ANY WARRANTY, without even the implied warranty
|
||||
// of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. For details, see
|
||||
// the GNU AGPL at: http://www.gnu.org/licenses/agpl-3.0.html
|
||||
//
|
||||
// You can contact Ascensio System SIA at Lubanas st. 125a-25, Riga, Latvia, EU, LV-1021.
|
||||
//
|
||||
// The interactive user interfaces in modified source and object code versions of the Program must
|
||||
// display Appropriate Legal Notices, as required under Section 5 of the GNU AGPL version 3.
|
||||
//
|
||||
// Pursuant to Section 7(b) of the License you must retain the original Product logo when
|
||||
// distributing the program. Pursuant to Section 7(e) we decline to grant you any rights under
|
||||
// trademark law for use of our trademarks.
|
||||
//
|
||||
// All the Product's GUI elements, including illustrations and icon sets, as well as technical writing
|
||||
// content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0
|
||||
// International. See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode
|
||||
|
||||
namespace ASC.Core.Common.Security;
|
||||
|
||||
public abstract class SecurityObject : ISecurityObject
|
||||
{
|
||||
public object SecurityId { get; protected set; }
|
||||
public Type ObjectType { get; protected set; }
|
||||
public string FullId { get; protected set; }
|
||||
public bool InheritSupported { get; protected set; }
|
||||
public bool ObjectRolesSupported { get; protected set; }
|
||||
|
||||
public virtual IEnumerable<IRole> GetObjectRoles(ISubject account, ISecurityObjectId objectId, SecurityCallContext callContext)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
public virtual ISecurityObjectId InheritFrom(ISecurityObjectId objectId)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
public bool IsMatchDefaultRules(ISubject subject, IAction action, IRoleProvider roleProvider)
|
||||
{
|
||||
var subjectRoles = roleProvider.GetRoles(subject);
|
||||
var targetRoles = GetTargetRoles(roleProvider);
|
||||
|
||||
foreach (var subjectRole in subjectRoles)
|
||||
{
|
||||
if (Security.Rules.TryGetValue(subjectRole.ID, out var value))
|
||||
{
|
||||
foreach (var targetRole in targetRoles)
|
||||
{
|
||||
if (value.TryGetValue(targetRole.ID, out var value1))
|
||||
{
|
||||
var act = new Rule(action.ID, GetRuleData());
|
||||
if (value1.Contains(act))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
protected abstract IEnumerable<IRole> GetTargetRoles(IRoleProvider roleProvider);
|
||||
protected abstract IRuleData GetRuleData();
|
||||
}
|
52
common/ASC.Core.Common/Security/UserGroupObject.cs
Normal file
52
common/ASC.Core.Common/Security/UserGroupObject.cs
Normal file
@ -0,0 +1,52 @@
|
||||
// (c) Copyright Ascensio System SIA 2010-2022
|
||||
//
|
||||
// This program is a free software product.
|
||||
// You can redistribute it and/or modify it under the terms
|
||||
// of the GNU Affero General Public License (AGPL) version 3 as published by the Free Software
|
||||
// Foundation. In accordance with Section 7(a) of the GNU AGPL its Section 15 shall be amended
|
||||
// to the effect that Ascensio System SIA expressly excludes the warranty of non-infringement of
|
||||
// any third-party rights.
|
||||
//
|
||||
// This program is distributed WITHOUT ANY WARRANTY, without even the implied warranty
|
||||
// of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. For details, see
|
||||
// the GNU AGPL at: http://www.gnu.org/licenses/agpl-3.0.html
|
||||
//
|
||||
// You can contact Ascensio System SIA at Lubanas st. 125a-25, Riga, Latvia, EU, LV-1021.
|
||||
//
|
||||
// The interactive user interfaces in modified source and object code versions of the Program must
|
||||
// display Appropriate Legal Notices, as required under Section 5 of the GNU AGPL version 3.
|
||||
//
|
||||
// Pursuant to Section 7(b) of the License you must retain the original Product logo when
|
||||
// distributing the program. Pursuant to Section 7(e) we decline to grant you any rights under
|
||||
// trademark law for use of our trademarks.
|
||||
//
|
||||
// All the Product's GUI elements, including illustrations and icon sets, as well as technical writing
|
||||
// content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0
|
||||
// International. See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode
|
||||
|
||||
namespace ASC.Core.Common.Security;
|
||||
|
||||
public class UserGroupObject : SecurityObject
|
||||
{
|
||||
private ISubject User { get; set; }
|
||||
private Guid GroupId { get; set; }
|
||||
|
||||
public UserGroupObject(ISubject user, Guid groupId)
|
||||
{
|
||||
SecurityId = user.ID;
|
||||
User = user;
|
||||
GroupId = groupId;
|
||||
ObjectType = typeof(UserGroupObject);
|
||||
FullId = $"{ObjectType.FullName}|{User.ID}|{GroupId}";
|
||||
}
|
||||
|
||||
protected override IEnumerable<IRole> GetTargetRoles(IRoleProvider roleProvider)
|
||||
{
|
||||
return roleProvider.GetRoles(User);
|
||||
}
|
||||
|
||||
protected override IRuleData GetRuleData()
|
||||
{
|
||||
return new Role(GroupId, "ruleData");
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user