Commit for development environment setup

2023-06-19 16:12:33 -04:00
parent be72063a3c
commit bbce2ad0a6
2209 changed files with 1171775 additions and 625 deletions
--- a/PROMS/csla20cs-2.1.4-070223/csla20cs/OLDcsla20cs/Csla/Security/AuthorizationRules.cs
+++ b/PROMS/csla20cs-2.1.4-070223/csla20cs/OLDcsla20cs/Csla/Security/AuthorizationRules.cs
@@ -0,0 +1,324 @@
+using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.ComponentModel;
+
+namespace Csla.Security
+{
+
+  /// <summary>
+  /// Maintains a list of allowed and denied user roles
+  /// for each property.
+  /// </summary>
+  /// <remarks></remarks>
+  [Serializable()]
+  public class AuthorizationRules
+  {
+
+    private Type _businessObjectType;
+    private AuthorizationRulesManager _typeRules;
+    private AuthorizationRulesManager _instanceRules;
+
+    /// <summary>
+    /// Creates an instance of the object, initializing
+    /// it with the business object type.
+    /// </summary>
+    /// <param name="businessObjectType">
+    /// Type of the business object to which the rules
+    /// apply.
+    /// </param>
+    public AuthorizationRules(Type businessObjectType)
+    {
+      _businessObjectType = businessObjectType;
+    }
+
+    private AuthorizationRulesManager InstanceRules
+    {
+      get
+      {
+        if (_instanceRules == null)
+          _instanceRules = new AuthorizationRulesManager();
+        return _instanceRules;
+      }
+    }
+
+    private AuthorizationRulesManager TypeRules
+    {
+      get
+      {
+        if (_typeRules == null)
+          _typeRules = SharedAuthorizationRules.GetManager(_businessObjectType, true);
+        return _typeRules;
+      }
+    }
+
+    #region Add Per-Instance Roles
+
+    /// <summary>
+    /// Specify the roles allowed to read a given
+    /// property.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    /// <param name="roles">List of roles granted read access.</param>
+    /// <remarks>
+    /// This method may be called multiple times, with the roles in
+    /// each call being added to the end of the list of allowed roles.
+    /// In other words, each call is cumulative, adding more roles
+    /// to the list.
+    /// </remarks>
+    public void InstanceAllowRead(string propertyName, params string[] roles)
+    {
+      RolesForProperty currentRoles = InstanceRules.GetRolesForProperty(propertyName);
+      foreach (string item in roles)
+        currentRoles.ReadAllowed.Add(item);
+    }
+
+    /// <summary>
+    /// Specify the roles denied read access to 
+    /// a given property.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    /// <param name="roles">List of roles denied read access.</param>
+    /// <remarks>
+    /// This method may be called multiple times, with the roles in
+    /// each call being added to the end of the list of denied roles.
+    /// In other words, each call is cumulative, adding more roles
+    /// to the list.
+    /// </remarks>
+    public void InstanceDenyRead(string propertyName, params string[] roles)
+    {
+      RolesForProperty currentRoles = InstanceRules.GetRolesForProperty(propertyName);
+      foreach (string item in roles)
+        currentRoles.ReadDenied.Add(item);
+    }
+
+    /// <summary>
+    /// Specify the roles allowed to write a given
+    /// property.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    /// <param name="roles">List of roles granted write access.</param>
+    /// <remarks>
+    /// This method may be called multiple times, with the roles in
+    /// each call being added to the end of the list of allowed roles.
+    /// In other words, each call is cumulative, adding more roles
+    /// to the list.
+    /// </remarks>
+    public void InstanceAllowWrite(string propertyName, params string[] roles)
+    {
+      RolesForProperty currentRoles = InstanceRules.GetRolesForProperty(propertyName);
+      foreach (string item in roles)
+        currentRoles.WriteAllowed.Add(item);
+    }
+
+    /// <summary>
+    /// Specify the roles denied write access to 
+    /// a given property.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    /// <param name="roles">List of roles denied write access.</param>
+    /// <remarks>
+    /// This method may be called multiple times, with the roles in
+    /// each call being added to the end of the list of denied roles.
+    /// In other words, each call is cumulative, adding more roles
+    /// to the list.
+    /// </remarks>
+    public void InstanceDenyWrite(string propertyName, params string[] roles)
+    {
+      RolesForProperty currentRoles = InstanceRules.GetRolesForProperty(propertyName);
+      foreach (string item in roles)
+        currentRoles.WriteDenied.Add(item);
+    }
+
+    #endregion
+
+    #region Add Per-Type Roles
+
+    /// <summary>
+    /// Specify the roles allowed to read a given
+    /// property.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    /// <param name="roles">List of roles granted read access.</param>
+    /// <remarks>
+    /// This method may be called multiple times, with the roles in
+    /// each call being added to the end of the list of allowed roles.
+    /// In other words, each call is cumulative, adding more roles
+    /// to the list.
+    /// </remarks>
+    public void AllowRead(string propertyName, params string[] roles)
+    {
+      RolesForProperty currentRoles = TypeRules.GetRolesForProperty(propertyName);
+      foreach (string item in roles)
+        currentRoles.ReadAllowed.Add(item);
+    }
+
+    /// <summary>
+    /// Specify the roles denied read access to 
+    /// a given property.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    /// <param name="roles">List of roles denied read access.</param>
+    /// <remarks>
+    /// This method may be called multiple times, with the roles in
+    /// each call being added to the end of the list of denied roles.
+    /// In other words, each call is cumulative, adding more roles
+    /// to the list.
+    /// </remarks>
+    public void DenyRead(string propertyName, params string[] roles)
+    {
+      RolesForProperty currentRoles = TypeRules.GetRolesForProperty(propertyName);
+      foreach (string item in roles)
+        currentRoles.ReadDenied.Add(item);
+    }
+
+    /// <summary>
+    /// Specify the roles allowed to write a given
+    /// property.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    /// <param name="roles">List of roles granted write access.</param>
+    /// <remarks>
+    /// This method may be called multiple times, with the roles in
+    /// each call being added to the end of the list of allowed roles.
+    /// In other words, each call is cumulative, adding more roles
+    /// to the list.
+    /// </remarks>
+    public void AllowWrite(string propertyName, params string[] roles)
+    {
+      RolesForProperty currentRoles = TypeRules.GetRolesForProperty(propertyName);
+      foreach (string item in roles)
+        currentRoles.WriteAllowed.Add(item);
+    }
+
+    /// <summary>
+    /// Specify the roles denied write access to 
+    /// a given property.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    /// <param name="roles">List of roles denied write access.</param>
+    /// <remarks>
+    /// This method may be called multiple times, with the roles in
+    /// each call being added to the end of the list of denied roles.
+    /// In other words, each call is cumulative, adding more roles
+    /// to the list.
+    /// </remarks>
+    public void DenyWrite(string propertyName, params string[] roles)
+    {
+      RolesForProperty currentRoles = TypeRules.GetRolesForProperty(propertyName);
+      foreach (string item in roles)
+        currentRoles.WriteDenied.Add(item);
+    }
+
+    #endregion
+
+    #region Check Roles
+
+    /// <summary>
+    /// Indicates whether the property has a list
+    /// of roles granted read access.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    public bool HasReadAllowedRoles(string propertyName)
+    {
+      if (InstanceRules.GetRolesForProperty(propertyName).ReadAllowed.Count > 0)
+        return true;
+      return TypeRules.GetRolesForProperty(propertyName).ReadAllowed.Count > 0;
+    }
+
+    /// <summary>
+    /// Indicates whether the current user as defined by
+    /// <see cref="Csla.ApplicationContext.User" />
+    /// is explicitly allowed to read the property.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    public bool IsReadAllowed(string propertyName)
+    {
+      System.Security.Principal.IPrincipal user = ApplicationContext.User;
+      if (InstanceRules.GetRolesForProperty(propertyName).IsReadAllowed(user))
+        return true;
+      return TypeRules.GetRolesForProperty(propertyName).IsReadAllowed(user);
+    }
+
+    /// <summary>
+    /// Indicates whether the property has a list
+    /// of roles denied read access.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    public bool HasReadDeniedRoles(string propertyName)
+    {
+      if (InstanceRules.GetRolesForProperty(propertyName).ReadDenied.Count > 0)
+        return true;
+      return TypeRules.GetRolesForProperty(propertyName).ReadDenied.Count > 0;
+    }
+
+    /// <summary>
+    /// Indicates whether the current user as defined by
+    /// <see cref="Csla.ApplicationContext.User" />
+    /// is explicitly denied read access to the property.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    public bool IsReadDenied(string propertyName)
+    {
+      System.Security.Principal.IPrincipal user = ApplicationContext.User;
+      if (InstanceRules.GetRolesForProperty(propertyName).IsReadDenied(user))
+        return true;
+      return TypeRules.GetRolesForProperty(propertyName).IsReadDenied(user);
+    }
+
+    /// <summary>
+    /// Indicates whether the property has a list
+    /// of roles granted write access.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    public bool HasWriteAllowedRoles(string propertyName)
+    {
+      if (InstanceRules.GetRolesForProperty(propertyName).WriteAllowed.Count > 0)
+        return true;
+      return TypeRules.GetRolesForProperty(propertyName).WriteAllowed.Count > 0;
+    }
+
+    /// <summary>
+    /// Indicates whether the current user as defined by
+    /// <see cref="Csla.ApplicationContext.User" />
+    /// is explicitly allowed to set the property.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    public bool IsWriteAllowed(string propertyName)
+    {
+      System.Security.Principal.IPrincipal user = ApplicationContext.User;
+      if (InstanceRules.GetRolesForProperty(propertyName).IsWriteAllowed(user))
+        return true;
+      return TypeRules.GetRolesForProperty(propertyName).IsWriteAllowed(user);
+    }
+
+    /// <summary>
+    /// Indicates whether the property has a list
+    /// of roles denied write access.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    public bool HasWriteDeniedRoles(string propertyName)
+    {
+      if (InstanceRules.GetRolesForProperty(propertyName).WriteDenied.Count > 0)
+        return true;
+      return TypeRules.GetRolesForProperty(propertyName).WriteDenied.Count > 0;
+    }
+
+    /// <summary>
+    /// Indicates whether the current user as defined by
+    /// <see cref="Csla.ApplicationContext.User" />
+    /// is explicitly denied write access to the property.
+    /// </summary>
+    /// <param name="propertyName">Name of the property.</param>
+    public bool IsWriteDenied(string propertyName)
+    {
+      System.Security.Principal.IPrincipal user = ApplicationContext.User;
+      if (InstanceRules.GetRolesForProperty(propertyName).IsWriteDenied(user))
+        return true;
+      return TypeRules.GetRolesForProperty(propertyName).IsWriteDenied(user);
+    }
+
+    #endregion
+
+  }
+}