Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / xsp / System / Web / Configuration / AuthorizationRule.cs / 1305376 / AuthorizationRule.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- namespace System.Web.Configuration { using System; using System.Xml; using System.Configuration; using System.Collections.Specialized; using System.Collections; using System.Globalization; using System.IO; using System.Text; using System.Security.Principal; using System.Web.Util; using System.ComponentModel; using System.Security.Permissions; public sealed class AuthorizationRule : ConfigurationElement { private static readonly TypeConverter s_PropConverter = new CommaDelimitedStringCollectionConverter(); private static ConfigurationPropertyCollection _properties; private static readonly ConfigurationProperty _propVerbs = new ConfigurationProperty("verbs", typeof(CommaDelimitedStringCollection), null, s_PropConverter, null, ConfigurationPropertyOptions.None); private static readonly ConfigurationProperty _propUsers = new ConfigurationProperty("users", typeof(CommaDelimitedStringCollection), null, s_PropConverter, null, ConfigurationPropertyOptions.None); private static readonly ConfigurationProperty _propRoles = new ConfigurationProperty("roles", typeof(CommaDelimitedStringCollection), null, s_PropConverter, null, ConfigurationPropertyOptions.None); private AuthorizationRuleAction _Action = AuthorizationRuleAction.Allow; internal string _ActionString = AuthorizationRuleAction.Allow.ToString(); private string _ElementName = "allow"; private CommaDelimitedStringCollection _Roles = null; private CommaDelimitedStringCollection _Verbs = null; private CommaDelimitedStringCollection _Users = null; private StringCollection _RolesExpanded; private StringCollection _UsersExpanded; private char[] _delimiters = { ',' }; private string machineName = null; private const String _strAnonUserTag = "?"; private const String _strAllUsersTag = "*"; private bool _AllUsersSpecified = false; private bool _AnonUserSpecified = false; private bool DataReady = false; private bool _Everyone = false; internal bool Everyone { get { return _Everyone; } } private bool _ActionModified = false; static AuthorizationRule() { // Property initialization _properties = new ConfigurationPropertyCollection(); // If updating, check out CloneMutableExposedObjects _properties.Add(_propVerbs); _properties.Add(_propUsers); _properties.Add(_propRoles); } internal AuthorizationRule() { } public AuthorizationRule(AuthorizationRuleAction action) : this() { Action = action; } protected override ConfigurationPropertyCollection Properties { get { return _properties; } } protected override void Unmerge(ConfigurationElement sourceElement, ConfigurationElement parentElement, ConfigurationSaveMode saveMode) { AuthorizationRule parentProviders = parentElement as AuthorizationRule; AuthorizationRule sourceProviders = sourceElement as AuthorizationRule; if (parentProviders != null) { parentProviders.UpdateUsersRolesVerbs(); } if (sourceProviders != null) { sourceProviders.UpdateUsersRolesVerbs(); } base.Unmerge(sourceElement, parentElement, saveMode); } protected override void Reset(ConfigurationElement parentElement) { AuthorizationRule parentProviders = parentElement as AuthorizationRule; if (parentProviders != null) { parentProviders.UpdateUsersRolesVerbs(); } base.Reset(parentElement); EvaluateData(); } internal void AddRole(string role) { if (!String.IsNullOrEmpty(role)) { role = role.ToLower(CultureInfo.InvariantCulture); } Roles.Add(role); RolesExpanded.Add(ExpandName(role)); } internal void AddUser(string user) { if (!String.IsNullOrEmpty(user)) { user = user.ToLower(CultureInfo.InvariantCulture); } Users.Add(user); UsersExpanded.Add(ExpandName(user)); } private void UpdateUsersRolesVerbs() { CommaDelimitedStringCollection roles; CommaDelimitedStringCollection users; CommaDelimitedStringCollection verbs; roles = (CommaDelimitedStringCollection)Roles; users = (CommaDelimitedStringCollection)Users; verbs = (CommaDelimitedStringCollection)Verbs; if (roles.IsModified) { _RolesExpanded = null; // throw away old collection and force a new one to be created base[_propRoles] = roles; // Update property bag } if (users.IsModified) { _UsersExpanded = null; // throw away old collection and force a new one to be created base[_propUsers] = users; // Update property bag } if (verbs.IsModified) { base[_propVerbs] = verbs; // Update property bag } } protected override bool IsModified() { UpdateUsersRolesVerbs(); return _ActionModified || base.IsModified() || (((CommaDelimitedStringCollection)Users).IsModified) || (((CommaDelimitedStringCollection)Roles).IsModified) || (((CommaDelimitedStringCollection)Verbs).IsModified); } protected override void ResetModified() { _ActionModified = false; base.ResetModified(); } public override bool Equals(object obj) { AuthorizationRule o = obj as AuthorizationRule; bool bRet = false; if (o != null) { UpdateUsersRolesVerbs(); bRet = (o.Verbs.ToString() == Verbs.ToString() && o.Roles.ToString() == Roles.ToString() && o.Users.ToString() == Users.ToString() && o.Action == Action); } return bRet; } public override int GetHashCode() { string __verbs = Verbs.ToString(); string __roles = Roles.ToString(); string __users = Users.ToString(); if (__verbs == null) { __verbs = String.Empty; } if (__roles == null) { __roles = String.Empty; } if (__users == null) { __users = String.Empty; } int hHashCode = HashCodeCombiner.CombineHashCodes(__verbs.GetHashCode(), __roles.GetHashCode(), __users.GetHashCode(), (int)Action); return hHashCode; } protected override void SetReadOnly() { ((CommaDelimitedStringCollection)Users).SetReadOnly(); ((CommaDelimitedStringCollection)Roles).SetReadOnly(); ((CommaDelimitedStringCollection)Verbs).SetReadOnly(); base.SetReadOnly(); } ////// // // No Configuration properties are set on this property because its supposed to be hidden to tools. // public AuthorizationRuleAction Action { get { return _Action; } set { _ElementName = value.ToString().ToLower(CultureInfo.InvariantCulture); _Action = value; _ActionString = _Action.ToString(); _ActionModified = true; } } ///Defines the action that needs to be taken if the rule is satisfied. /// ////// [ConfigurationProperty("verbs")] [TypeConverter(typeof(CommaDelimitedStringCollectionConverter))] public StringCollection Verbs { get { if (_Verbs == null) { CommaDelimitedStringCollection propertyBagValue; propertyBagValue = (CommaDelimitedStringCollection)base[_propVerbs]; if (propertyBagValue == null) { _Verbs = new CommaDelimitedStringCollection(); } else { // Clone it so we don't give back same mutable // object as possibly parent _Verbs = propertyBagValue.Clone(); } } return (StringCollection)_Verbs; } } ///Defines a list of verbs needed to satisfy the rule /// ////// [ConfigurationProperty("users")] [TypeConverter(typeof(CommaDelimitedStringCollectionConverter))] public StringCollection Users { get { if (_Users == null) { CommaDelimitedStringCollection propertyBagValue; propertyBagValue = (CommaDelimitedStringCollection)base[_propUsers]; if (propertyBagValue == null) { _Users = new CommaDelimitedStringCollection(); } else { // Clone it so we don't give back same mutable // object as possibly parent _Users = propertyBagValue.Clone(); } _UsersExpanded = null; // throw away old collection and force a new one to be created } return (StringCollection)_Users; } } [ConfigurationProperty("roles")] [TypeConverter(typeof(CommaDelimitedStringCollectionConverter))] public StringCollection Roles { get { if (_Roles == null) { CommaDelimitedStringCollection propertyBagValue; propertyBagValue = (CommaDelimitedStringCollection)base[_propRoles]; if (propertyBagValue == null) { _Roles = new CommaDelimitedStringCollection(); } else { // Clone it so we don't give back same mutable // object as possibly parent _Roles = propertyBagValue.Clone(); } _RolesExpanded = null; // throw away old collection and force a new one to be created } return (StringCollection)_Roles; } } internal StringCollection UsersExpanded { get { if (_UsersExpanded == null) { _UsersExpanded = CreateExpandedCollection(Users); } return _UsersExpanded; } } internal StringCollection RolesExpanded { get { if (_RolesExpanded == null) { _RolesExpanded = CreateExpandedCollection(Roles); } return _RolesExpanded; } } protected override bool SerializeElement(XmlWriter writer, bool serializeCollectionKey) { bool DataToWrite = false; UpdateUsersRolesVerbs(); // the ismodifed can be short circuited if (base.SerializeElement(null, false) == true) { if (writer != null) { writer.WriteStartElement(_ElementName); DataToWrite |= base.SerializeElement(writer, false); writer.WriteEndElement(); } else DataToWrite |= base.SerializeElement(writer, false); } return DataToWrite; } private string ExpandName(string name) { string ExpandedName = name; if (StringUtil.StringStartsWith(name, @".\")) { if (machineName == null) { machineName = HttpServerUtility.GetMachineNameInternal().ToLower(CultureInfo.InvariantCulture); } ExpandedName = machineName + name.Substring(1); } return ExpandedName; } private StringCollection CreateExpandedCollection(StringCollection collection) { StringCollection ExpandedCollection = new StringCollection(); foreach (string name in collection) { string ExpandedName = ExpandName(name); ExpandedCollection.Add(ExpandedName); } return ExpandedCollection; } private void EvaluateData() { if (DataReady == false) { if (Users.Count > 0) { foreach (string User in Users) { if (User.Length > 1) { int foundIndex = User.IndexOfAny(new char[] { '*', '?' }); if (foundIndex >= 0) { throw new ConfigurationErrorsException(SR.GetString(SR.Auth_rule_names_cant_contain_char, User[foundIndex].ToString(CultureInfo.InvariantCulture))); } } if (User.Equals(_strAllUsersTag)) { _AllUsersSpecified = true; } if (User.Equals(_strAnonUserTag)) { _AnonUserSpecified = true; } } } if (Roles.Count > 0) { foreach (string Role in Roles) { if (Role.Length > 0) { int foundIndex = Role.IndexOfAny(new char[] { '*', '?' }); if (foundIndex >= 0) { throw new ConfigurationErrorsException(SR.GetString(SR.Auth_rule_names_cant_contain_char, Role[foundIndex].ToString(CultureInfo.InvariantCulture))); } } } } _Everyone = (_AllUsersSpecified && (Verbs.Count == 0)); _RolesExpanded = CreateExpandedCollection(Roles); _UsersExpanded = CreateExpandedCollection(Users); if (Roles.Count == 0 && Users.Count == 0) { throw new ConfigurationErrorsException(SR.GetString(SR.Auth_rule_must_specify_users_andor_roles)); } DataReady = true; } } internal bool IncludesAnonymous { get { EvaluateData(); return (_AnonUserSpecified && Verbs.Count == 0); } } protected override void PreSerialize(XmlWriter writer) { EvaluateData(); } protected override void PostDeserialize() { EvaluateData(); } ///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// // 0 => Don't know, 1 => Yes, -1 => No internal int IsUserAllowed(IPrincipal user, String verb) { EvaluateData(); int answer = ((Action == AuthorizationRuleAction.Allow) ? 1 : -1); // return value if this rule applies if (Everyone) { return answer; } /////////////////////////////////////////////////// // Step 1: Make sure the verbs match if (!FindVerb(verb)) { return 0; } ////////////////////////////////////////////////// // Step 2a: See if the rule applies to all users if (_AllUsersSpecified) { // All users specified return answer; } ////////////////////////////////////////////////// // Step 2b: See if the rule applies to anonymous user and this user is anonymous if (_AnonUserSpecified && !user.Identity.IsAuthenticated) { return answer; } ////////////////////////////////////////////////// // Step 3: Is user is WindowsIdentity, use the expanded // set of users and roles StringCollection users; StringCollection roles; if (user.Identity is WindowsIdentity) { users = UsersExpanded; roles = RolesExpanded; } else { users = Users; roles = Roles; } //////////////////////////////////////////////////// // Step 4: See if the user is specified if (users.Count > 0 && FindUser(users, user.Identity.Name)) { return answer; } //////////////////////////////////////////////////// // Step 5: See if the user is in any specified role if (roles.Count > 0 && IsTheUserInAnyRole(roles, user)) { return answer; } // Rule doesn't apply return 0; } ///////////////////////////////////////////////////////////////////////// private bool FindVerb(String verb) { if (Verbs.Count < 1) { return true; // No verbs specified => all verbs are allowed } foreach (string sVerb in Verbs) { if (String.Equals(sVerb, verb, StringComparison.OrdinalIgnoreCase)) { return true; } } return false; } private bool FindUser(StringCollection users, String principal) { foreach (string user in users) { if (String.Equals(user, principal, StringComparison.OrdinalIgnoreCase)) { return true; } } return false; } private bool IsTheUserInAnyRole(StringCollection roles, IPrincipal principal) { if (!HttpRuntime.DisableProcessRequestInApplicationTrust) { if (HttpRuntime.NamedPermissionSet != null && HttpRuntime.ProcessRequestInApplicationTrust) { HttpRuntime.NamedPermissionSet.PermitOnly(); } } foreach (string role in roles) { if (principal.IsInRole(role)) { return true; // Found it! } } // Not in any specified role return false; } } // class AuthorizationRule } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.Defines a list of users authorized for this rule. /// ///
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- XamlDesignerSerializationManager.cs
- XmlSchemaCompilationSettings.cs
- SQLBytesStorage.cs
- Attachment.cs
- WmpBitmapDecoder.cs
- Wildcard.cs
- ArrayConverter.cs
- ModelProperty.cs
- CfgRule.cs
- GuidConverter.cs
- ConnectionStringSettings.cs
- SynchronizationFilter.cs
- ServiceContractViewControl.cs
- CollectionView.cs
- StickyNoteAnnotations.cs
- BamlLocalizerErrorNotifyEventArgs.cs
- TemplatingOptionsDialog.cs
- ColorKeyFrameCollection.cs
- EntityClientCacheEntry.cs
- VectorAnimation.cs
- MarginCollapsingState.cs
- SignatureDescription.cs
- FunctionImportMapping.cs
- ConditionCollection.cs
- SignedXml.cs
- BitmapSource.cs
- ellipse.cs
- GPRECTF.cs
- followingsibling.cs
- ParallelTimeline.cs
- SafeRightsManagementSessionHandle.cs
- Helpers.cs
- linebase.cs
- UnauthorizedWebPart.cs
- HandlerBase.cs
- WindowsContainer.cs
- RecordsAffectedEventArgs.cs
- AllMembershipCondition.cs
- HyperlinkAutomationPeer.cs
- SqlCachedBuffer.cs
- ObjectItemCollection.cs
- SecurityException.cs
- MailMessage.cs
- HttpConfigurationSystem.cs
- MiniParameterInfo.cs
- GeneralTransform3DGroup.cs
- BufferedWebEventProvider.cs
- PrintPreviewDialog.cs
- AttributeCollection.cs
- RenderData.cs
- DocumentViewerHelper.cs
- EncoderFallback.cs
- XamlParser.cs
- ToolStripSeparator.cs
- ToolStripComboBox.cs
- WebBrowserPermission.cs
- XmlDocumentType.cs
- TranslateTransform.cs
- LinqDataSourceEditData.cs
- JsonMessageEncoderFactory.cs
- MemberInfoSerializationHolder.cs
- SamlSecurityToken.cs
- XmlBaseWriter.cs
- ArraySet.cs
- ExpandCollapsePattern.cs
- ScriptReference.cs
- ProgressBarBrushConverter.cs
- ArrayItemValue.cs
- EnlistmentState.cs
- InputScope.cs
- Application.cs
- DelegatingConfigHost.cs
- WebReferencesBuildProvider.cs
- TCPClient.cs
- CompiledRegexRunnerFactory.cs
- BamlTreeUpdater.cs
- Symbol.cs
- DataGridViewRowErrorTextNeededEventArgs.cs
- FirstMatchCodeGroup.cs
- CachedTypeface.cs
- TimeSpanValidatorAttribute.cs
- TabItemWrapperAutomationPeer.cs
- sqlpipe.cs
- SupportsEventValidationAttribute.cs
- Automation.cs
- DependencyPropertyChangedEventArgs.cs
- unsafenativemethodstextservices.cs
- SqlWorkflowPersistenceService.cs
- UInt32.cs
- DbConnectionOptions.cs
- HtmlWindowCollection.cs
- WebRequest.cs
- SourceLocationProvider.cs
- LocatorBase.cs
- SessionStateUtil.cs
- StructuredProperty.cs
- WebPermission.cs
- PropertiesTab.cs
- ScriptRegistrationManager.cs
- PageParserFilter.cs