Changeset 2100 for trunk/sources/HeuristicLab.Hive.Server.Core

Timestamp:

06/25/09 13:56:49 (15 years ago)

Author:

mbecirov

Message:

#586: Fixed authorization when no policy scope is defined.

Location:

trunk/sources/HeuristicLab.Hive.Server.Core/3.2/Authorization

Files:

• HivePermissionManager.cs (modified) (2 diffs)
• Policy.cs (modified) (1 diff)
• PolicyCollection.cs (modified) (2 diffs)

trunk/sources/HeuristicLab.Hive.Server.Core/3.2/Authorization/HivePermissionManager.cs

@@ -41 +41 @@
     /// <param name="entityID">Entity ID can be some resource or emtpy.</param>
     public void Authorize(string policyName, Guid sessionID, Guid entityID) {
+      #region Use authorization method with scopes
       //check if this policy has a permission with 'ANY' scope defined
       Permission p = policyCollection[policyName].GetPermissionByContext("Any");
-      
       //check if user has 'xxx.Any' permission
       if (p != null)
@@ -59 +59 @@
       //check if this policy has a permission with 'OWNER' scope defined
       p = policyCollection[policyName].GetPermissionByContext("User");
+      
       //check if user has 'xxx.Owner' permission
       if (p != null)
         if (CheckPermission(sessionID, p.Id, jobManager.GetJobById(entityID).Obj.UserId)) return;
-
+      #endregion
+      #region Use authorization method when no scopes are present
+      //when no permission context is available, use primary authentification
+      foreach (KeyValuePair<Permission, PermissionContext> item in policyCollection[policyName].Permissions)
+      {
+          if (CheckPermission(sessionID, item.Key.Id, Guid.Empty)) return;
+      }
+      #endregion
       //throw an exception when user access fails
-      //throw new PermissionException(policyName);
+      throw new PermissionException(policyName);
     }
 

trunk/sources/HeuristicLab.Hive.Server.Core/3.2/Authorization/Policy.cs

@@ -28 +28 @@
       return null;
     }
+
   }
 }

trunk/sources/HeuristicLab.Hive.Server.Core/3.2/Authorization/PolicyCollection.cs

@@ -3 +3 @@
 using System.Linq;
 using System.Text;
+using System.Collections;
 
 namespace HeuristicLab.Hive.Server.Core {
@@ -24 +25 @@
     }
 
-    System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() {
-      return this._policies.GetEnumerator();
+    #region IEnumerable Members
+
+    IEnumerator IEnumerable.GetEnumerator()
+    {
+        return this._policies.GetEnumerator();
     }
+
+    #endregion
   }
 }