using System;
using System.Collections.Generic;
using System.Text;
using ScrewTurn.Wiki.AclEngine;
using ScrewTurn.Wiki.PluginFramework;
namespace ScrewTurn.Wiki {
///
/// Utility class for reading permissions and authorizations.
///
public static class AuthReader {
///
/// Gets the settings storage provider.
///
private static ISettingsStorageProviderV30 SettingsProvider {
get { return Collectors.SettingsProvider; }
}
///
/// Gets all the actions for global resources that are granted to a group.
///
/// The user group.
/// The granted actions.
public static string[] RetrieveGrantsForGlobals(UserGroup group) {
if(group == null) throw new ArgumentNullException("group");
return RetrieveGrantsForGlobals(AuthTools.PrepareGroup(group.Name));
}
///
/// Gets all the actions for global resources that are granted to a user.
///
/// The user.
/// The granted actions.
public static string[] RetrieveGrantsForGlobals(UserInfo user) {
if(user == null) throw new ArgumentNullException("user");
return RetrieveGrantsForGlobals(AuthTools.PrepareUsername(user.Username));
}
///
/// Gets all the actions for global resources that are granted to a subject.
///
/// The subject.
/// The granted actions.
private static string[] RetrieveGrantsForGlobals(string subject) {
AclEntry[] entries = SettingsProvider.AclManager.RetrieveEntriesForSubject(subject);
List result = new List(entries.Length);
foreach(AclEntry entry in entries) {
if(entry.Value == Value.Grant && entry.Resource == Actions.ForGlobals.ResourceMasterPrefix) {
result.Add(entry.Action);
}
}
return result.ToArray();
}
///
/// Gets all the actions for global resources that are denied to a group.
///
/// The user group.
/// The denied actions.
public static string[] RetrieveDenialsForGlobals(UserGroup group) {
if(group == null) throw new ArgumentNullException("group");
return RetrieveDenialsForGlobals(AuthTools.PrepareGroup(group.Name));
}
///
/// Gets all the actions for global resources that are denied to a user.
///
/// The user.
/// The denied actions.
public static string[] RetrieveDenialsForGlobals(UserInfo user) {
if(user == null) throw new ArgumentNullException("user");
return RetrieveDenialsForGlobals(AuthTools.PrepareUsername(user.Username));
}
///
/// Gets all the actions for global resources that are denied to a subject.
///
/// The subject.
/// The denied actions.
private static string[] RetrieveDenialsForGlobals(string subject) {
AclEntry[] entries = SettingsProvider.AclManager.RetrieveEntriesForSubject(subject);
List result = new List(entries.Length);
foreach(AclEntry entry in entries) {
if(entry.Value == Value.Deny && entry.Resource == Actions.ForGlobals.ResourceMasterPrefix) {
result.Add(entry.Action);
}
}
return result.ToArray();
}
///
/// Retrieves the subjects that have ACL entries set for a namespace.
///
/// The namespace (null for the root).
/// The subjects.
public static SubjectInfo[] RetrieveSubjectsForNamespace(NamespaceInfo nspace) {
string resourceName = Actions.ForNamespaces.ResourceMasterPrefix;
if(nspace != null) resourceName += nspace.Name;
AclEntry[] entries = SettingsProvider.AclManager.RetrieveEntriesForResource(resourceName);
List result = new List(entries.Length);
for(int i = 0; i < entries.Length; i++) {
SubjectType type = AuthTools.IsGroup(entries[i].Subject) ? SubjectType.Group : SubjectType.User;
// Remove the subject qualifier ('U.' or 'G.')
string name = entries[i].Subject.Substring(2);
if(result.Find(delegate(SubjectInfo x) { return x.Name == name && x.Type == type; }) == null) {
result.Add(new SubjectInfo(name, type));
}
}
return result.ToArray();
}
///
/// Gets all the actions for a namespace that are granted to a group.
///
/// The user group.
/// The namespace (null for the root).
/// The granted actions.
public static string[] RetrieveGrantsForNamespace(UserGroup group, NamespaceInfo nspace) {
if(group == null) throw new ArgumentNullException("group");
return RetrieveGrantsForNamespace(AuthTools.PrepareGroup(group.Name), nspace);
}
///
/// Gets all the actions for a namespace that are granted to a user.
///
/// The user.
/// The namespace (null for the root).
/// The granted actions.
public static string[] RetrieveGrantsForNamespace(UserInfo user, NamespaceInfo nspace) {
if(user == null) throw new ArgumentNullException("user");
return RetrieveGrantsForNamespace(AuthTools.PrepareUsername(user.Username), nspace);
}
///
/// Gets all the actions for a namespace that are granted to a subject.
///
/// The subject.
/// The namespace (null for the root).
/// The granted actions.
private static string[] RetrieveGrantsForNamespace(string subject, NamespaceInfo nspace) {
string resourceName = Actions.ForNamespaces.ResourceMasterPrefix;
if(nspace != null) resourceName += nspace.Name;
AclEntry[] entries = SettingsProvider.AclManager.RetrieveEntriesForSubject(subject);
List result = new List(entries.Length);
foreach(AclEntry entry in entries) {
if(entry.Value == Value.Grant && entry.Resource == resourceName) {
result.Add(entry.Action);
}
}
return result.ToArray();
}
///
/// Gets all the actions for a namespace that are denied to a group.
///
/// The user group.
/// The namespace (null for the root).
/// The denied actions.
public static string[] RetrieveDenialsForNamespace(UserGroup group, NamespaceInfo nspace) {
if(group == null) throw new ArgumentNullException("group");
return RetrieveDenialsForNamespace(AuthTools.PrepareGroup(group.Name), nspace);
}
///
/// Gets all the actions for a namespace that are denied to a user.
///
/// The user.
/// The namespace (null for the root).
/// The denied actions.
public static string[] RetrieveDenialsForNamespace(UserInfo user, NamespaceInfo nspace) {
if(user == null) throw new ArgumentNullException("user");
return RetrieveDenialsForNamespace(AuthTools.PrepareUsername(user.Username), nspace);
}
///
/// Gets all the actions for a namespace that are denied to a subject.
///
/// The subject.
/// The namespace (null for the root).
/// The denied actions.
private static string[] RetrieveDenialsForNamespace(string subject, NamespaceInfo nspace) {
string resourceName = Actions.ForNamespaces.ResourceMasterPrefix;
if(nspace != null) resourceName += nspace.Name;
AclEntry[] entries = SettingsProvider.AclManager.RetrieveEntriesForSubject(subject);
List result = new List(entries.Length);
foreach(AclEntry entry in entries) {
if(entry.Value == Value.Deny && entry.Resource == resourceName) {
result.Add(entry.Action);
}
}
return result.ToArray();
}
///
/// Retrieves the subjects that have ACL entries set for a page.
///
/// The page.
/// The subjects.
public static SubjectInfo[] RetrieveSubjectsForPage(PageInfo page) {
if(page == null) throw new ArgumentNullException("page");
AclEntry[] entries = SettingsProvider.AclManager.RetrieveEntriesForResource(Actions.ForPages.ResourceMasterPrefix + page.FullName);
List result = new List(entries.Length);
for(int i = 0; i < entries.Length; i++) {
SubjectType type = AuthTools.IsGroup(entries[i].Subject) ? SubjectType.Group : SubjectType.User;
// Remove the subject qualifier ('U.' or 'G.')
string name = entries[i].Subject.Substring(2);
if(result.Find(delegate(SubjectInfo x) { return x.Name == name && x.Type == type; }) == null) {
result.Add(new SubjectInfo(name, type));
}
}
return result.ToArray();
}
///
/// Gets all the actions for a page that are granted to a group.
///
/// The user group.
/// The page.
/// The granted actions.
public static string[] RetrieveGrantsForPage(UserGroup group, PageInfo page) {
if(group == null) throw new ArgumentNullException("group");
return RetrieveGrantsForPage(AuthTools.PrepareGroup(group.Name), page);
}
///
/// Gets all the actions for a page that are granted to a user.
///
/// The user.
/// The page.
/// The granted actions.
public static string[] RetrieveGrantsForPage(UserInfo user, PageInfo page) {
if(user == null) throw new ArgumentNullException("user");
return RetrieveGrantsForPage(AuthTools.PrepareUsername(user.Username), page);
}
///
/// Gets all the actions for a page that are granted to a subject.
///
/// The subject.
/// The page.
/// The granted actions.
private static string[] RetrieveGrantsForPage(string subject, PageInfo page) {
if(page == null) throw new ArgumentNullException("page");
string resourceName = Actions.ForPages.ResourceMasterPrefix + page.FullName;
AclEntry[] entries = SettingsProvider.AclManager.RetrieveEntriesForSubject(subject);
List result = new List(entries.Length);
foreach(AclEntry entry in entries) {
if(entry.Value == Value.Grant && entry.Resource == resourceName) {
result.Add(entry.Action);
}
}
return result.ToArray();
}
///
/// Gets all the actions for a page that are denied to a group.
///
/// The user group.
/// The page.
/// The granted actions.
public static string[] RetrieveDenialsForPage(UserGroup group, PageInfo page) {
if(group == null) throw new ArgumentNullException("group");
return RetrieveDenialsForPage(AuthTools.PrepareGroup(group.Name), page);
}
///
/// Gets all the actions for a page that are denied to a user.
///
/// The user.
/// The page.
/// The granted actions.
public static string[] RetrieveDenialsForPage(UserInfo user, PageInfo page) {
if(user == null) throw new ArgumentNullException("user");
return RetrieveDenialsForPage(AuthTools.PrepareUsername(user.Username), page);
}
///
/// Gets all the actions for a page that are denied to a subject.
///
/// The subject.
/// The page.
/// The granted actions.
private static string[] RetrieveDenialsForPage(string subject, PageInfo page) {
if(page == null) throw new ArgumentNullException("page");
string resourceName = Actions.ForPages.ResourceMasterPrefix + page.FullName;
AclEntry[] entries = SettingsProvider.AclManager.RetrieveEntriesForSubject(subject);
List result = new List(entries.Length);
foreach(AclEntry entry in entries) {
if(entry.Value == Value.Deny && entry.Resource == resourceName) {
result.Add(entry.Action);
}
}
return result.ToArray();
}
///
/// Retrieves the subjects that have ACL entries set for a directory.
///
/// The provider.
/// The directory.
/// The subjects.
public static SubjectInfo[] RetrieveSubjectsForDirectory(IFilesStorageProviderV30 provider, string directory) {
if(provider == null) throw new ArgumentNullException("provider");
if(directory == null) throw new ArgumentNullException("directory");
if(directory.Length == 0) throw new ArgumentException("Directory cannot be empty", "directory");
AclEntry[] entries = SettingsProvider.AclManager.RetrieveEntriesForResource(Actions.ForDirectories.ResourceMasterPrefix + AuthTools.GetDirectoryName(provider, directory));
List result = new List(entries.Length);
for(int i = 0; i < entries.Length; i++) {
SubjectType type = AuthTools.IsGroup(entries[i].Subject) ? SubjectType.Group : SubjectType.User;
// Remove the subject qualifier ('U.' or 'G.')
string name = entries[i].Subject.Substring(2);
if(result.Find(delegate(SubjectInfo x) { return x.Name == name && x.Type == type; }) == null) {
result.Add(new SubjectInfo(name, type));
}
}
return result.ToArray();
}
///
/// Gets all the actions for a directory that are granted to a group.
///
/// The user group.
/// The provider.
/// The directory.
/// The granted actions.
public static string[] RetrieveGrantsForDirectory(UserGroup group, IFilesStorageProviderV30 provider, string directory) {
if(group == null) throw new ArgumentNullException("group");
return RetrieveGrantsForDirectory(AuthTools.PrepareGroup(group.Name), provider, directory);
}
///
/// Gets all the actions for a directory that are granted to a user.
///
/// The user.
/// The provider.
/// The directory.
/// The granted actions.
public static string[] RetrieveGrantsForDirectory(UserInfo user, IFilesStorageProviderV30 provider, string directory) {
if(user == null) throw new ArgumentNullException("user");
return RetrieveGrantsForDirectory(AuthTools.PrepareUsername(user.Username), provider, directory);
}
///
/// Gets all the actions for a directory that are granted to a subject.
///
/// The subject.
/// The provider.
/// The directory.
/// The granted actions.
private static string[] RetrieveGrantsForDirectory(string subject, IFilesStorageProviderV30 provider, string directory) {
if(provider == null) throw new ArgumentNullException("provider");
if(directory == null) throw new ArgumentNullException("directory");
if(directory.Length == 0) throw new ArgumentException("Directory cannot be empty", "directory");
string resourceName = Actions.ForDirectories.ResourceMasterPrefix + AuthTools.GetDirectoryName(provider, directory);
AclEntry[] entries = SettingsProvider.AclManager.RetrieveEntriesForSubject(subject);
List result = new List(entries.Length);
foreach(AclEntry entry in entries) {
if(entry.Value == Value.Grant && entry.Resource == resourceName) {
result.Add(entry.Action);
}
}
return result.ToArray();
}
///
/// Gets all the actions for a directory that are denied to a group.
///
/// The user group.
/// The provider.
/// The directory.
/// The denied actions.
public static string[] RetrieveDenialsForDirectory(UserGroup group, IFilesStorageProviderV30 provider, string directory) {
if(group == null) throw new ArgumentNullException("group");
return RetrieveDenialsForDirectory(AuthTools.PrepareGroup(group.Name), provider, directory);
}
///
/// Gets all the actions for a directory that are denied to a user.
///
/// The user.
/// The provider.
/// The directory.
/// The denied actions.
public static string[] RetrieveDenialsForDirectory(UserInfo user, IFilesStorageProviderV30 provider, string directory) {
if(user == null) throw new ArgumentNullException("user");
return RetrieveDenialsForDirectory(AuthTools.PrepareUsername(user.Username), provider, directory);
}
///
/// Gets all the actions for a directory that are denied to a subject.
///
/// The subject.
/// The provider.
/// The directory.
/// The denied actions.
private static string[] RetrieveDenialsForDirectory(string subject, IFilesStorageProviderV30 provider, string directory) {
if(provider == null) throw new ArgumentNullException("provider");
if(directory == null) throw new ArgumentNullException("directory");
if(directory.Length == 0) throw new ArgumentException("Directory cannot be empty", "directory");
string resourceName = Actions.ForDirectories.ResourceMasterPrefix + AuthTools.GetDirectoryName(provider, directory);
AclEntry[] entries = SettingsProvider.AclManager.RetrieveEntriesForSubject(subject);
List result = new List(entries.Length);
foreach(AclEntry entry in entries) {
if(entry.Value == Value.Deny && entry.Resource == resourceName) {
result.Add(entry.Action);
}
}
return result.ToArray();
}
}
}