1 | using System;
|
---|
2 | using System.Collections.Generic;
|
---|
3 | using System.Linq;
|
---|
4 | using System.Text;
|
---|
5 | using System.Xml.XPath;
|
---|
6 | using HeuristicLab.Security.Contracts.BusinessObjects;
|
---|
7 | using System.Diagnostics;
|
---|
8 | using System.Xml;
|
---|
9 | using System.IO;
|
---|
10 | using System.Reflection;
|
---|
11 |
|
---|
12 | namespace HeuristicLab.Hive.Server.Core {
|
---|
13 |
|
---|
14 | public static class HivePermissions {
|
---|
15 | private const string PERMISSIONFILE = @"plugins\HivePermissionSet.xml";
|
---|
16 | private const string POLICIESFILE = @"plugins\HivePermissionPolicy.xml";
|
---|
17 |
|
---|
18 | public static class Jobmanagement {
|
---|
19 | [Flags]
|
---|
20 | public enum Assign {
|
---|
21 | ToAnyResource = 0x02,
|
---|
22 | ToProject = 0x04
|
---|
23 | }
|
---|
24 | [Flags]
|
---|
25 | public enum Abort {
|
---|
26 | /// <summary>Can abort any job.</summary>
|
---|
27 | Any = 0x02,
|
---|
28 | /// <summary>Can abort jobs from specific project only.</summary>
|
---|
29 | ProjectOnly = 0x04,
|
---|
30 | /// <summary>Can abort only owned jobs.</summary>
|
---|
31 | OwnedOnly = 0x08
|
---|
32 | }
|
---|
33 | [Flags]
|
---|
34 | public enum Create {
|
---|
35 | /// <summary>Can create a job everywhere.</summary>
|
---|
36 | Any = 0x02,
|
---|
37 | /// <summary>Can create a job in project context only.</summary>
|
---|
38 | ProjectOnly = 0x04,
|
---|
39 | /// <summary>Can create a job for owned resources only.</summary>
|
---|
40 | OwnedOnly = 0x08
|
---|
41 | }
|
---|
42 | [Flags]
|
---|
43 | public enum Read {
|
---|
44 | /// <summary>Can read any job.</summary>
|
---|
45 | Any = 0x02,
|
---|
46 | /// <summary>Can read a job in project context only.</summary>
|
---|
47 | ProjectOnly = 0x04,
|
---|
48 | /// <summary>Can read only owned job.</summary>
|
---|
49 | OwnedOnly = 0x08
|
---|
50 | }
|
---|
51 | [Flags]
|
---|
52 | public enum Delete {
|
---|
53 | /// <summary>Can delete any job.</summary>
|
---|
54 | Any = 0x02,
|
---|
55 | /// <summary>Can delete a job in project context only.</summary>
|
---|
56 | ProjectOnly = 0x04,
|
---|
57 | /// <summary>Can delete only owned job.</summary>
|
---|
58 | OwnedOnly = 0x08
|
---|
59 | }
|
---|
60 | }
|
---|
61 |
|
---|
62 | public static class Usermanagement {
|
---|
63 | [Flags]
|
---|
64 | public enum User {
|
---|
65 | Create = 0x02,
|
---|
66 | Read = 0x04,
|
---|
67 | Update = 0x08,
|
---|
68 | Delete = 0x16
|
---|
69 | }
|
---|
70 |
|
---|
71 | [Flags]
|
---|
72 | public enum UserGroup {
|
---|
73 | Create = 0x02,
|
---|
74 | Read = 0x04,
|
---|
75 | Update = 0x08,
|
---|
76 | Delete = 0x16
|
---|
77 | }
|
---|
78 |
|
---|
79 | [Flags]
|
---|
80 | public enum Client {
|
---|
81 | Create = 0x02,
|
---|
82 | Read = 0x04,
|
---|
83 | Update = 0x08,
|
---|
84 | Delete = 0x16
|
---|
85 | }
|
---|
86 |
|
---|
87 | [Flags]
|
---|
88 | public enum ClientGroup {
|
---|
89 | Create = 0x02,
|
---|
90 | Read = 0x04,
|
---|
91 | Update = 0x08,
|
---|
92 | Delete = 0x16
|
---|
93 | }
|
---|
94 | }
|
---|
95 |
|
---|
96 | public static class PermissionManagement {
|
---|
97 | [Flags]
|
---|
98 | public enum Permission {
|
---|
99 | Grant = 0x02,
|
---|
100 | Revoke = 0x04
|
---|
101 | }
|
---|
102 | }
|
---|
103 |
|
---|
104 | public static class ResourceManagement {
|
---|
105 | [Flags]
|
---|
106 | public enum Project {
|
---|
107 | Create = 0x02,
|
---|
108 | Read = 0x04,
|
---|
109 | Update = 0x08,
|
---|
110 | Delete = 0x16
|
---|
111 | }
|
---|
112 | }
|
---|
113 |
|
---|
114 | private static PermissionCollection pc;
|
---|
115 |
|
---|
116 | private static PolicyCollection pol;
|
---|
117 |
|
---|
118 | public static PermissionCollection GetPermissions() {
|
---|
119 | if (pc == null) {
|
---|
120 | pc = new PermissionCollection();
|
---|
121 | LoadFromXml(pc.Permissions, PERMISSIONFILE);
|
---|
122 | }
|
---|
123 | return pc;
|
---|
124 | }
|
---|
125 |
|
---|
126 | public static PolicyCollection GetPolicies() {
|
---|
127 | if (pol == null) {
|
---|
128 | pol = new PolicyCollection();
|
---|
129 | LoadFromXml(pol.Policies, POLICIESFILE);
|
---|
130 | }
|
---|
131 | return pol;
|
---|
132 | }
|
---|
133 |
|
---|
134 | public static string ConvertEnumType(object obj) {
|
---|
135 | string retVal = string.Empty;
|
---|
136 | Type t = obj.GetType();
|
---|
137 | string value = obj.ToString();
|
---|
138 | retVal = (t.FullName.Replace(t.Namespace + ".", "")).Replace("+", ".") + "." + value;
|
---|
139 | return retVal;
|
---|
140 | }
|
---|
141 |
|
---|
142 | /// <summary>
|
---|
143 | /// Permission
|
---|
144 | /// </summary>
|
---|
145 | /// <param name="perm"></param>
|
---|
146 | private static void LoadFromXml(IList<Permission> perm, string filename) {
|
---|
147 | Permission p = null;
|
---|
148 | XPathDocument doc;
|
---|
149 | string assemblyName = Assembly.GetAssembly(typeof(HivePermissions)).GetName().Name;
|
---|
150 | doc = new XPathDocument(filename);
|
---|
151 | XPathNavigator nav = doc.CreateNavigator();
|
---|
152 | nav.MoveToRoot();
|
---|
153 | do {
|
---|
154 | if (nav.NodeType == XPathNodeType.Element && nav.Name == "Permission") {
|
---|
155 | p = new Permission();
|
---|
156 | p.Name = nav.GetAttribute("name", "");
|
---|
157 | nav.MoveToFollowing(XPathNodeType.Element);
|
---|
158 | if (nav.Name == "ID")
|
---|
159 | p.Id = new Guid(nav.Value);
|
---|
160 | nav.MoveToFollowing(XPathNodeType.Element);
|
---|
161 | if (nav.Name == "Description")
|
---|
162 | p.Description = nav.Value;
|
---|
163 | nav.MoveToFollowing(XPathNodeType.Element);
|
---|
164 | if (nav.Name == "Plugin")
|
---|
165 | p.Plugin = nav.Value;
|
---|
166 | perm.Add(p);
|
---|
167 | }
|
---|
168 | } while (nav.MoveToFollowing(XPathNodeType.Element));
|
---|
169 | }
|
---|
170 | /*
|
---|
171 | public static XmlDocument GetEmbeddedXml(Type type, string fileName) {
|
---|
172 | Stream str = GetEmbeddedFile(type, fileName);
|
---|
173 | XmlTextReader tr = new XmlTextReader(str);
|
---|
174 | XmlDocument xml = new XmlDocument();
|
---|
175 | xml.Load(tr);
|
---|
176 | return xml;
|
---|
177 | }
|
---|
178 | */
|
---|
179 |
|
---|
180 | /// <summary>
|
---|
181 | /// Extracts an embedded file out of a given assembly.
|
---|
182 | /// </summary>
|
---|
183 | /// <param name="assemblyName">The namespace of you assembly.</param>
|
---|
184 | /// <param name="fileName">The name of the file to extract.</param>
|
---|
185 | /// <returns>A stream containing the file data.</returns>
|
---|
186 | public static Stream GetEmbeddedFile(string assemblyName, string fileName) {
|
---|
187 | try {
|
---|
188 | Assembly a = Assembly.Load(assemblyName);
|
---|
189 | Stream str = a.GetManifestResourceStream(assemblyName + "." + fileName);
|
---|
190 |
|
---|
191 | if (str == null)
|
---|
192 | throw new Exception("Could not locate embedded resource '" + fileName + "' in assembly '" + assemblyName + "'");
|
---|
193 | return str;
|
---|
194 | }
|
---|
195 | catch (Exception e) {
|
---|
196 | throw new Exception(assemblyName + ": " + e.Message);
|
---|
197 | }
|
---|
198 | }
|
---|
199 |
|
---|
200 |
|
---|
201 | /// <summary>
|
---|
202 | /// Policy
|
---|
203 | /// </summary>
|
---|
204 | /// <param name="pol"></param>
|
---|
205 | /// <param name="filename"></param>
|
---|
206 | private static void LoadFromXml(IList<Policy> policyList, string filename) {
|
---|
207 | PermissionCollection permissionCollection = GetPermissions();
|
---|
208 | string assemblyName = Assembly.GetAssembly(typeof(HivePermissions)).GetName().Name;
|
---|
209 | XPathDocument doc = new XPathDocument(filename);
|
---|
210 | XPathNavigator nav = doc.CreateNavigator();
|
---|
211 | nav.MoveToRoot();
|
---|
212 | //receive all policies -> Element <Policy name="xxx">...</Policy>
|
---|
213 | do {
|
---|
214 | if (nav.NodeType == XPathNodeType.Element && nav.Name == "Policy") {
|
---|
215 | string policyName = nav.GetAttribute("name", "");
|
---|
216 | Policy policy = new Policy(policyName);
|
---|
217 | nav.MoveToFollowing(XPathNodeType.Element);
|
---|
218 | //receive all permissions -> Element <Permission.../>
|
---|
219 | do {
|
---|
220 | if (nav.Name == "Permission" && nav.HasAttributes) {
|
---|
221 | PermissionContext ctx = new PermissionContext();
|
---|
222 | int prior = 0;
|
---|
223 | int.TryParse(nav.GetAttribute("priority", ""), out prior);
|
---|
224 | ctx.Priority = prior;
|
---|
225 | ctx.Elevation = nav.GetAttribute("context", "");
|
---|
226 | string permissionName = nav.GetAttribute("name", "");
|
---|
227 | if (!string.IsNullOrEmpty(permissionName)) {
|
---|
228 | Permission permission = permissionCollection[permissionName];
|
---|
229 | Debug.WriteLineIf(permission == null, "Permission '" + permissionName + "' not found in PermissionCollection!");
|
---|
230 | if (permission != null)
|
---|
231 | policy.AddPermission(permission, ctx);
|
---|
232 | }
|
---|
233 | }
|
---|
234 | } while (nav.MoveToNext());
|
---|
235 | policyList.Add(policy);
|
---|
236 | }
|
---|
237 | } while (nav.MoveToFollowing(XPathNodeType.Element));
|
---|
238 | }
|
---|
239 | }
|
---|
240 |
|
---|
241 | }
|
---|