Show / Hide Table of Contents

Class Permission

Represents a general permission abstraction - where permission type represents the path/name of the permission in User's rights and .ctor takes specific parameters to check while authorizing user. Permission-derived class represents a certain permission type, whereas its instance is a check for particular desired level. To authorize certain actions, one creates an instance of Permission-derived class passing in its .ctor required access levels, then calls a Check() method that returns true if action is authorized.

This scheme provides a great deal of flexibility, i.e. for very complex security cases developers may inherit leaf-level permissions from intermediate ones that have logic tied to session-level variables, this way user's access may vary by permission/session state, i.e. a user may have "Patient.Master" level 4 access in database "A", while having acess denied to the same named permission in database "B". User's database, or system instance is a flag in user-session context

Inheritance
System.Object
System.Attribute
Permission
AdHocPermission
TypedPermission
Inherited Members
System.Attribute.Equals(System.Object)
System.Attribute.GetCustomAttribute(System.Reflection.Assembly, System.Type)
System.Attribute.GetCustomAttribute(System.Reflection.Assembly, System.Type, System.Boolean)
System.Attribute.GetCustomAttribute(System.Reflection.MemberInfo, System.Type)
System.Attribute.GetCustomAttribute(System.Reflection.MemberInfo, System.Type, System.Boolean)
System.Attribute.GetCustomAttribute(System.Reflection.Module, System.Type)
System.Attribute.GetCustomAttribute(System.Reflection.Module, System.Type, System.Boolean)
System.Attribute.GetCustomAttribute(System.Reflection.ParameterInfo, System.Type)
System.Attribute.GetCustomAttribute(System.Reflection.ParameterInfo, System.Type, System.Boolean)
System.Attribute.GetCustomAttributes(System.Reflection.Assembly)
System.Attribute.GetCustomAttributes(System.Reflection.Assembly, System.Boolean)
System.Attribute.GetCustomAttributes(System.Reflection.Assembly, System.Type)
System.Attribute.GetCustomAttributes(System.Reflection.Assembly, System.Type, System.Boolean)
System.Attribute.GetCustomAttributes(System.Reflection.MemberInfo)
System.Attribute.GetCustomAttributes(System.Reflection.MemberInfo, System.Boolean)
System.Attribute.GetCustomAttributes(System.Reflection.MemberInfo, System.Type)
System.Attribute.GetCustomAttributes(System.Reflection.MemberInfo, System.Type, System.Boolean)
System.Attribute.GetCustomAttributes(System.Reflection.Module)
System.Attribute.GetCustomAttributes(System.Reflection.Module, System.Boolean)
System.Attribute.GetCustomAttributes(System.Reflection.Module, System.Type)
System.Attribute.GetCustomAttributes(System.Reflection.Module, System.Type, System.Boolean)
System.Attribute.GetCustomAttributes(System.Reflection.ParameterInfo)
System.Attribute.GetCustomAttributes(System.Reflection.ParameterInfo, System.Boolean)
System.Attribute.GetCustomAttributes(System.Reflection.ParameterInfo, System.Type)
System.Attribute.GetCustomAttributes(System.Reflection.ParameterInfo, System.Type, System.Boolean)
System.Attribute.GetHashCode()
System.Attribute.IsDefaultAttribute()
System.Attribute.IsDefined(System.Reflection.Assembly, System.Type)
System.Attribute.IsDefined(System.Reflection.Assembly, System.Type, System.Boolean)
System.Attribute.IsDefined(System.Reflection.MemberInfo, System.Type)
System.Attribute.IsDefined(System.Reflection.MemberInfo, System.Type, System.Boolean)
System.Attribute.IsDefined(System.Reflection.Module, System.Type)
System.Attribute.IsDefined(System.Reflection.Module, System.Type, System.Boolean)
System.Attribute.IsDefined(System.Reflection.ParameterInfo, System.Type)
System.Attribute.IsDefined(System.Reflection.ParameterInfo, System.Type, System.Boolean)
System.Attribute.Match(System.Object)
System.Attribute.TypeId
System.Object.Equals(System.Object, System.Object)
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
Namespace: NFX.Security
Assembly: NFX.dll
Syntax
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Constructor | AttributeTargets.Field | AttributeTargets.Interface | AttributeTargets.Method | AttributeTargets.Property, Inherited = true, AllowMultiple = true)]
public abstract class Permission : Attribute

Constructors

Permission(Int32)

Creates the check instance against the minimum access level for this permission

Declaration
protected Permission(int level)
Parameters
Type Name Description
System.Int32 level

Fields

CONFIG_PERMISSION_SECTION

Declaration
public const string CONFIG_PERMISSION_SECTION = "permission"
Field Value
Type Description
System.String

CONFIG_PERMISSIONS_SECTION

Declaration
public const string CONFIG_PERMISSIONS_SECTION = "permissions"
Field Value
Type Description
System.String

Properties

Description

Returns the permission description - base implementation returns permission name

Declaration
public virtual string Description { get; }
Property Value
Type Description
System.String

FullPath

Returns full permission path - a concatenation of its path and name

Declaration
public string FullPath { get; }
Property Value
Type Description
System.String

Level

Specifies the minimum access level for the permission check to pass

Declaration
public int Level { get; }
Property Value
Type Description
System.Int32

Name

Returns the permission name - the last segment of the path

Declaration
public abstract string Name { get; }
Property Value
Type Description
System.String

Path

Returns a top-rooted path to this permission (without name)

Declaration
public abstract string Path { get; }
Property Value
Type Description
System.String

Methods

AuthorizeAction(MemberInfo, ISession, GetSessionFunc)

Checks the action represented by MemberInfo by checking the permission-derived attributes and returns false if any of authorization attributes do not pass

Declaration
public static bool AuthorizeAction(MemberInfo actionInfo, ISession session = null, GetSessionFunc getSessionFunc = null)
Parameters
Type Name Description
System.Reflection.MemberInfo actionInfo
ISession session
GetSessionFunc getSessionFunc
Returns
Type Description
System.Boolean

AuthorizeAndGuardAction(IEnumerable<Permission>, String, ISession, GetSessionFunc)

Guards the action represented by enumerable of permissions by checking all permissions and throwing exception if any of authorization attributes do not pass

Declaration
public static void AuthorizeAndGuardAction(IEnumerable<Permission> permissions, string actionName, ISession session = null, GetSessionFunc getSessionFunc = null)
Parameters
Type Name Description
System.Collections.Generic.IEnumerable<Permission> permissions
System.String actionName
ISession session
GetSessionFunc getSessionFunc

AuthorizeAndGuardAction(MemberInfo, ISession, GetSessionFunc)

Guards the action represented by MemberInfo by checking the permission-derived attributes and throwing exception if any of authorization attributes do not pass

Declaration
public static void AuthorizeAndGuardAction(MemberInfo actionInfo, ISession session = null, GetSessionFunc getSessionFunc = null)
Parameters
Type Name Description
System.Reflection.MemberInfo actionInfo
ISession session
GetSessionFunc getSessionFunc

Check(ISession)

Checks the permission for requested action as specified in particular permission .ctor. The check is performed in the scope of supplied session, or if no session was supplied then current execution context session is assumed

Declaration
public virtual bool Check(ISession sessionInstance = null)
Parameters
Type Name Description
ISession sessionInstance
Returns
Type Description
System.Boolean

True when action is authorized, false otherwise

Check(User)

Shortcut method that creates a temp/mock BaseSession object thus checking permission in mock BaseSession context

Declaration
public bool Check(User user)
Parameters
Type Name Description
User user
Returns
Type Description
System.Boolean

DoCheckAccessLevel(ISession, AccessLevel)

Override to perform access level checks per user's AccessLevel instance. True if accessLevel satisfies permission requirements. The default implementation checks the access.Level

Declaration
protected virtual bool DoCheckAccessLevel(ISession session, AccessLevel access)
Parameters
Type Name Description
ISession session
AccessLevel access
Returns
Type Description
System.Boolean

FindAuthorizationFailingPermission(MemberInfo, ISession, GetSessionFunc)

Checks the action represented by MemberInfo by checking the permission-derived attributes and returns false if any of authorization attributes do not pass

Declaration
public static Permission FindAuthorizationFailingPermission(MemberInfo actionInfo, ISession session = null, GetSessionFunc getSessionFunc = null)
Parameters
Type Name Description
System.Reflection.MemberInfo actionInfo
ISession session
GetSessionFunc getSessionFunc
Returns
Type Description
Permission

MultipleFromConf(IConfigSectionNode, String, String)

Makes multiple permissions from conf node

Declaration
public static IEnumerable<Permission> MultipleFromConf(IConfigSectionNode node, string shortNodeName = null, string typePattern = null)
Parameters
Type Name Description
IConfigSectionNode node
System.String shortNodeName
System.String typePattern
Returns
Type Description
System.Collections.Generic.IEnumerable<Permission>

ToString()

Declaration
public override string ToString()
Returns
Type Description
System.String
Overrides
System.Object.ToString()

Extension Methods

MiscUtils.NonNull<T>(T, Func<Exception>, String)
ObjectValueConversion.AsString(Object, String, ConvertErrorHandling)
ObjectValueConversion.AsNonNullOrEmptyString(Object)
ObjectValueConversion.AsLaconicConfig(Object, ConfigSectionNode, String, ConvertErrorHandling)
ObjectValueConversion.AsJSONConfig(Object, ConfigSectionNode, String, ConvertErrorHandling)
ObjectValueConversion.AsXMLConfig(Object, ConfigSectionNode, ConvertErrorHandling)
ObjectValueConversion.AsChar(Object, Char, ConvertErrorHandling)
ObjectValueConversion.AsNullableChar(Object, Nullable<Char>, ConvertErrorHandling)
ObjectValueConversion.AsByte(Object, Byte, ConvertErrorHandling)
ObjectValueConversion.AsNullableByte(Object, Nullable<Byte>, ConvertErrorHandling)
ObjectValueConversion.AsSByte(Object, SByte, ConvertErrorHandling)
ObjectValueConversion.AsNullableSByte(Object, Nullable<SByte>, ConvertErrorHandling)
ObjectValueConversion.AsShort(Object, Int16, ConvertErrorHandling)
ObjectValueConversion.AsNullableShort(Object, Nullable<Int16>, ConvertErrorHandling)
ObjectValueConversion.AsUShort(Object, UInt16, ConvertErrorHandling)
ObjectValueConversion.AsNullableUShort(Object, Nullable<UInt16>, ConvertErrorHandling)
ObjectValueConversion.AsInt(Object, Int32, ConvertErrorHandling)
ObjectValueConversion.AsNullableInt(Object, Nullable<Int32>, ConvertErrorHandling)
ObjectValueConversion.AsUInt(Object, UInt32, ConvertErrorHandling)
ObjectValueConversion.AsNullableUInt(Object, Nullable<UInt32>, ConvertErrorHandling)
ObjectValueConversion.AsLong(Object, Int64, ConvertErrorHandling)
ObjectValueConversion.AsNullableLong(Object, Nullable<Int64>, ConvertErrorHandling)
ObjectValueConversion.AsULong(Object, UInt64, ConvertErrorHandling)
ObjectValueConversion.AsNullableULong(Object, Nullable<UInt64>, ConvertErrorHandling)
ObjectValueConversion.AsDouble(Object, Double, ConvertErrorHandling)
ObjectValueConversion.AsNullableDouble(Object, Nullable<Double>, ConvertErrorHandling)
ObjectValueConversion.AsFloat(Object, Single, ConvertErrorHandling)
ObjectValueConversion.AsNullableFloat(Object, Nullable<Single>, ConvertErrorHandling)
ObjectValueConversion.AsDecimal(Object, Decimal, ConvertErrorHandling)
ObjectValueConversion.AsNullableDecimal(Object, Nullable<Decimal>, ConvertErrorHandling)
ObjectValueConversion.AsBool(Object, Boolean, ConvertErrorHandling)
ObjectValueConversion.AsNullableBool(Object, Nullable<Boolean>, ConvertErrorHandling)
ObjectValueConversion.AsGUID(Object, Guid, ConvertErrorHandling)
ObjectValueConversion.AsNullableGUID(Object, Nullable<Guid>, ConvertErrorHandling)
ObjectValueConversion.AsDateTime(Object)
ObjectValueConversion.AsDateTime(Object, DateTime, ConvertErrorHandling)
ObjectValueConversion.AsNullableDateTime(Object, Nullable<DateTime>, ConvertErrorHandling)
ObjectValueConversion.AsGDID(Object)
ObjectValueConversion.AsGDID(Object, GDID, ConvertErrorHandling)
ObjectValueConversion.AsNullableGDID(Object, Nullable<GDID>, ConvertErrorHandling)
ObjectValueConversion.AsGDIDSymbol(Object)
ObjectValueConversion.AsGDIDSymbol(Object, GDIDSymbol, ConvertErrorHandling)
ObjectValueConversion.AsNullableGDIDSymbol(Object, Nullable<GDIDSymbol>, ConvertErrorHandling)
ObjectValueConversion.AsTimeSpan(Object)
ObjectValueConversion.AsTimeSpan(Object, TimeSpan, ConvertErrorHandling)
ObjectValueConversion.AsNullableTimeSpan(Object, Nullable<TimeSpan>, ConvertErrorHandling)
ObjectValueConversion.AsEnum<TEnum>(Object, TEnum, ConvertErrorHandling)
ObjectValueConversion.AsNullableEnum<TEnum>(Object, Nullable<TEnum>, ConvertErrorHandling)
ObjectValueConversion.AsUri(Object, Uri, ConvertErrorHandling)
JSONExtensions.ToJSON(Object, JSONWritingOptions)
JSONExtensions.ToJSON(Object, TextWriter, JSONWritingOptions)
JSONExtensions.ToJSON(Object, Stream, JSONWritingOptions, Encoding)
ErlObject.ToErlObject(Object)
ErlObject.ToErlObject(Object, ErlTypeOrder, Boolean)
Back to top Copyright © 2006-2018 Agnicore Inc
Generated by DocFX