Skip to content

Commit

Permalink
Added Role-based access control
Browse files Browse the repository at this point in the history
  • Loading branch information
@jo-trep
jo-trep committed Jan 15, 2019
1 parent 29fe988 commit c6219a7
Show file tree
Hide file tree
Showing 5 changed files with 249 additions and 23 deletions.
114 changes: 101 additions & 13 deletions casbinet/Rbac/DefaultRoleManager.cs
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
namespace casbinet.rbac
namespace casbinet.Rbac
{
using System;
using System.Collections.Generic;
using System.Runtime.CompilerServices;

public class DefaultRoleManager : IRoleManager
{
Expand All @@ -10,13 +12,37 @@ public class DefaultRoleManager : IRoleManager

private string secondRole;

private string[] domain;
private string domain;

private Dictionary<string, >
private Dictionary<string, Role> allRoles;

private int maxHierarchyLevel;

public DefaultRoleManager(int maxHierarchyLevel)
{
this.maxHierarchyLevel = maxHierarchyLevel;
}

private bool HasRole(string roleName)
{
return this.allRoles.ContainsKey(roleName);
}

private Role CreateRole(string name)
{
if (this.HasRole(name))
{
this.allRoles.TryGetValue(name, out Role role);

if (role != null)
{
return role;
}
}

Role newRole = new Role(name);
this.allRoles.Add(name, newRole);
return newRole;
}

public string User
Expand Down Expand Up @@ -49,7 +75,7 @@ public string SecondRole
}
}

public string[] Domain
public string Domain
{
get => this.domain;

Expand All @@ -61,27 +87,89 @@ public string[] Domain

public void Clear()
{
throw new System.NotImplementedException();
this.allRoles.Clear();
}

public void AddLink(string roleOrUser, string role, params object[] domain)
public void AddLink(string roleName1, string roleName2, string domain)
{
throw new System.NotImplementedException();
roleName1 = domain + "::" + roleName1;
roleName2 = domain + "::" + roleName2;

Role role1 = this.CreateRole(roleName1);
Role role2 = this.CreateRole(roleName2);
role1.AddRole(role2);
}

public bool HasLink(string roleOrUser, string role, params object[] domain)
public void DeleteLink(string roleName1, string roleName2, string domain)
{
throw new System.NotImplementedException();
roleName1 = domain + "::" + roleName1;
roleName2 = domain + "::" + roleName2;

if (!this.HasRole(roleName1) || !this.HasRole(roleName2))
{
throw new Exception("error : roles or user does not exist");
}

Role role1 = this.CreateRole(roleName1);
Role role2 = this.CreateRole(roleName2);
role1.DeleteRole(role2);
}

public List<string> GetRoles(string roleOrUser, params object[] domain)
public virtual bool HasLink(string roleName1, string roleName2, string domain)
{
throw new System.NotImplementedException();
roleName1 = domain + "::" + roleName1;
roleName2 = domain + "::" + roleName2;

if (roleName1 == roleName2)
{
return true;
}

if (!this.HasRole(roleName1) || !this.HasRole(roleName2))
{
return false;
}

Role role1 = this.CreateRole(roleName1);
return role1.HasRole(roleName2, this.maxHierarchyLevel);
}

public List<string> GetUsers(string role)
public List<string> GetRoles(string roleName, string domain = "")
{
throw new System.NotImplementedException();
roleName = domain + "::" + roleName;

if (!this.HasRole(roleName))
{
throw new Exception("Error: name does not exists");
}

List<string> roles = this.CreateRole(roleName).GetRoles();
roles.ForEach(
delegate(string role)
{
role = role.Substring(domain.Length + 2, role.Length);
});

return roles;
}

public List<string> GetUsers(string roleName)
{
if (!this.HasRole(roleName))
{
throw new Exception("Error: name does not exist");
}

List<string> names = new List<string>();
foreach (Role role in this.allRoles.Values)
{
if (role.HasDirectRole(roleName))
{
names.Add(role.Name);
}
}

return names;
}

public void PrintRoles()
Expand Down
40 changes: 40 additions & 0 deletions casbinet/Rbac/GroupRoleManager.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
using System;
using System.Collections.Generic;
using System.Text;

namespace casbinet.Rbac
{
public class GroupRoleManager : DefaultRoleManager
{
public GroupRoleManager(int maxHierarchyLevel) : base(maxHierarchyLevel)
{
}

public override bool HasLink(string roleName1, string roleName2, string domain)
{
if (base.HasLink(roleName1, roleName2, domain))
{
return true;
}

try
{
List<string> roles = base.GetRoles(roleName1);
List<string> groups = roles.Count > 0 ? base.GetRoles(roleName1) : new List<string>();
foreach (string group in groups)
{
if (this.HasLink(group, roleName2, domain))
{
return true;
}
}
}
catch (Exception e)
{
return false;
}

return false;
}
}
}
8 changes: 8 additions & 0 deletions casbinet/Rbac/IDomainsRoleManager.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
namespace casbinet.Rbac
{

public interface IDomainsRoleManager : IRoleManager
{
void AddLink(string roleOrUser, string role, params object[] domain);
}
}
14 changes: 8 additions & 6 deletions casbinet/Rbac/IRoleManager.cs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
namespace casbinet.rbac
namespace casbinet.Rbac
{
using System.Collections.Generic;

Expand All @@ -10,17 +10,19 @@ public interface IRoleManager

string SecondRole { get; set; }

string[] Domain { get; set; }
string Domain { get; set; }

void Clear();

void AddLink(string roleOrUser, string role, params object[] domain);
void AddLink(string role1, string role2, string domain);

bool HasLink(string roleOrUser, string role, params object[] domain);
void DeleteLink(string role1, string role2, string domain);

List<string> GetRoles(string roleOrUser, params object[] domain);
bool HasLink(string role1, string role2, string domain);

List<string> GetUsers(string role);
List<string> GetRoles(string roleName, string domain);

List<string> GetUsers(string roleName);

void PrintRoles();
}
Expand Down
96 changes: 92 additions & 4 deletions casbinet/Rbac/Role.cs
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,112 @@
namespace casbinet.rbac
namespace casbinet.Rbac
{
using System.Collections.Generic;
using System.Linq;
using System.Text;

public class Role
{
private string name;

private List<Role> roles = new List<Role>();
private Dictionary<string, Role> roles = new Dictionary<string, Role>();

public Role(string name)
{
this.name = name;
}

public string Name
{
get => this.name;

set
{
this.name = value;
}
}

public void AddRole(Role role)
{
foreach (Role role in roles)
if (this.roles.ContainsKey(role.name))
{
return;
}

this.roles.Add(role.name, role);
}

public void DeleteRole(Role role)
{
if (this.roles.ContainsKey(role.name))
{
this.roles.Remove(role.name);
}
}

public bool HasRole(string roleName, int hierarchyLevel)
{
if (this.name == roleName)
{
return true;
}

if (hierarchyLevel <= 0)
{
return false;
}

foreach (Role role in this.roles.Values.ToArray())
{
if (role.HasRole(roleName, hierarchyLevel - 1))
{
return true;
}
}

return false;
}

public bool HasDirectRole(string roleName)
{
foreach (Role role in this.roles.Values.ToArray())
{

if (role.name == roleName)
{
return true;
}
}

return false;
}

public List<string> GetRoles()
{
List<string> names = new List<string>();
foreach (Role role in this.roles.Values.ToArray())
{
names.Add(role.name);
}

return names;
}

public override string ToString()
{
Role[] allRoles = this.roles.Values.ToArray();
StringBuilder names = new StringBuilder(allRoles[0].name);
for (int i = 0; i < allRoles.Length; i++)
{
if (i == 0)
{
names.Append(allRoles[i].name);
}
else
{
names.Append(", " + allRoles[i].name);
}
}

return this.name + " < " + names;
}
}
}

0 comments on commit c6219a7

Please sign in to comment.