Free cookie consent management tool by TermsFeed Policy Generator

source: branches/HeuristicLab.Hive-3.4/sources/HeuristicLab.Services.Hive/3.4/Manager/AuthorizationManager.cs @ 6463

Last change on this file since 6463 was 6463, checked in by cneumuel, 13 years ago

#1233

  • created user interface for experiment sharing
  • created UserManager which provides access to the users
  • inserted a lot of security and authorization checks serverside
  • minor fixes in experiment manager
File size: 2.3 KB
Line 
1#region License Information
2/* HeuristicLab
3 * Copyright (C) 2002-2011 Heuristic and Evolutionary Algorithms Laboratory (HEAL)
4 *
5 * This file is part of HeuristicLab.
6 *
7 * HeuristicLab is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * HeuristicLab is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with HeuristicLab. If not, see <http://www.gnu.org/licenses/>.
19 */
20#endregion
21
22using System;
23using System.Security;
24using HeuristicLab.Services.Hive.Common.DataTransfer;
25
26namespace HeuristicLab.Services.Hive {
27  public class AuthorizationManager : IAuthorizationManager {
28    public void Authorize(Guid userId) {
29      if (userId != ServiceLocator.Instance.UserManager.CurrentUserId)
30        throw new SecurityException("Current user is not authorized to access object");
31    }
32
33    public void AuthorizeForJob(Guid jobId, Permission requiredPermission) {
34      if (ServiceLocator.Instance.AuthenticationManager.IsInRole(HiveRoles.Slave)) return; // slave-users can access all jobs
35
36      Permission permission = ServiceLocator.Instance.HiveDao.GetPermissionForJob(jobId, ServiceLocator.Instance.UserManager.CurrentUserId);
37      if (permission == Permission.NotAllowed || (permission != requiredPermission && requiredPermission == Permission.Full))
38        throw new SecurityException("Current user is not authorized to access job");
39    }
40
41    public void AuthorizeForExperiment(Guid experimentId, Permission requiredPermission) {
42      Permission permission = ServiceLocator.Instance.HiveDao.GetPermissionForExperiment(experimentId, ServiceLocator.Instance.UserManager.CurrentUserId);
43      if (permission == Permission.NotAllowed || (permission != requiredPermission && requiredPermission == Permission.Full))
44        throw new SecurityException("Current user is not authorized to access experiment");
45    }
46  }
47}
Note: See TracBrowser for help on using the repository browser.