* Disabled TCP Remoting Channel Security for InterRegion communication, as it appears we are not implementing this correctly. (need to set up certificates first)

* Documented ACL class
author: Adam Frisby 2007-10-21 22:15:41 +0000
committer: Adam Frisby 2007-10-21 22:15:41 +0000
commit: 7f2ec02802cabc98e93ac872999933b6e5be48e5 (patch)
tree: 9a3fd985e02939a090fdf4ffaa9e7b1af25a8173 /OpenSim/Framework
parent: fix line ending mixing. Probably should put some (diff)
download: opensim-SC_OLD-7f2ec02802cabc98e93ac872999933b6e5be48e5.zip
opensim-SC_OLD-7f2ec02802cabc98e93ac872999933b6e5be48e5.tar.gz
opensim-SC_OLD-7f2ec02802cabc98e93ac872999933b6e5be48e5.tar.bz2
opensim-SC_OLD-7f2ec02802cabc98e93ac872999933b6e5be48e5.tar.xz
1 files changed, 257 insertions, 223 deletions
diff --git a/OpenSim/Framework/General/PolicyManager/ACL.cs b/OpenSim/Framework/General/PolicyManager/ACL.cs
index 53c1b2d..8dffe7b 100644
--- a/OpenSim/Framework/General/PolicyManager/ACL.cs
+++ b/OpenSim/Framework/General/PolicyManager/ACL.cs
@@ -1,223 +1,257 @@
-using System;
+/*
-using System.Collections.Generic;
+* Copyright (c) Contributors, http://opensimulator.org/
-using System.Text;
+* See CONTRIBUTORS.TXT for a full list of copyright holders.
+*
-namespace OpenSim.Framework.PolicyManager
+* Redistribution and use in source and binary forms, with or without
-{
+* modification, are permitted provided that the following conditions are met:
-    #region ACL Core Class
+*     * Redistributions of source code must retain the above copyright
-    /// <summary>
+*       notice, this list of conditions and the following disclaimer.
-    /// Access Control List Engine
+*     * Redistributions in binary form must reproduce the above copyright
-    /// </summary>
+*       notice, this list of conditions and the following disclaimer in the
-    public class ACL
+*       documentation and/or other materials provided with the distribution.
-    {
+*     * Neither the name of the OpenSim Project nor the
-        Dictionary<string, Role> Roles = new Dictionary<string, Role>();
+*       names of its contributors may be used to endorse or promote products
-        Dictionary<string, Resource> Resources = new Dictionary<string, Resource>();
+*       derived from this software without specific prior written permission.
+*
-        public ACL AddRole(Role role)
+* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS AS IS AND ANY
-        {
+* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-            if (Roles.ContainsKey(role.Name))
+* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-                throw new AlreadyContainsRoleException(role);
+* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-            Roles.Add(role.Name, role);
+* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-            return this;
+* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-        }
+* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-        public ACL AddResource(Resource resource)
+* 
-        {
+*/
-            Resources.Add(resource.Name, resource);
+using System;
+using System.Collections.Generic;
-            return this;
+using System.Text;
-        }
+namespace OpenSim.Framework.PolicyManager
-        public Permission HasPermission(string role, string resource)
+{
-        {
+    // ACL Class
-            if (!Roles.ContainsKey(role))
+    // Modelled after the structure of the Zend ACL Framework Library
-                throw new KeyNotFoundException();
+    // with one key difference - the tree will search for all matching
+    // permissions rather than just the first. Deny permissions will
-            if (!Resources.ContainsKey(resource))
+    // override all others.
-                throw new KeyNotFoundException();
-            return Roles[role].RequestPermission(resource);
+    #region ACL Core Class
-        }
+    /// <summary>
+    /// Access Control List Engine
-        public ACL GrantPermission(string role, string resource)
+    /// </summary>
-        {
+    public class ACL
-            if (!Roles.ContainsKey(role))
+    {
-                throw new KeyNotFoundException();
+        Dictionary<string, Role> Roles = new Dictionary<string, Role>();
+        Dictionary<string, Resource> Resources = new Dictionary<string, Resource>();
-            if (!Resources.ContainsKey(resource))
-                throw new KeyNotFoundException();
+        public ACL AddRole(Role role)
+        {
-            Roles[role].GivePermission(resource, Permission.Allow);
+            if (Roles.ContainsKey(role.Name))
+                throw new AlreadyContainsRoleException(role);
-            return this;
-        }
+            Roles.Add(role.Name, role);
-        public ACL DenyPermission(string role, string resource)
+            return this;
-        {
+        }
-            if (!Roles.ContainsKey(role))
-                throw new KeyNotFoundException();
+        public ACL AddResource(Resource resource)
+        {
-            if (!Resources.ContainsKey(resource))
+            Resources.Add(resource.Name, resource);
-                throw new KeyNotFoundException();
+            return this;
-            Roles[role].GivePermission(resource, Permission.Deny);
+        }
-            return this;
+        public Permission HasPermission(string role, string resource)
-        }
+        {
+            if (!Roles.ContainsKey(role))
-        public ACL ResetPermission(string role, string resource)
+                throw new KeyNotFoundException();
-        {
-            if (!Roles.ContainsKey(role))
+            if (!Resources.ContainsKey(resource))
-                throw new KeyNotFoundException();
+                throw new KeyNotFoundException();
-            if (!Resources.ContainsKey(resource))
+            return Roles[role].RequestPermission(resource);
-                throw new KeyNotFoundException();
+        }
-            Roles[role].GivePermission(resource, Permission.None);
+        public ACL GrantPermission(string role, string resource)
+        {
-            return this;
+            if (!Roles.ContainsKey(role))
-        }
+                throw new KeyNotFoundException();
-    }
-    #endregion
+            if (!Resources.ContainsKey(resource))
+                throw new KeyNotFoundException();
-    #region Exceptions
-    /// <summary>
+            Roles[role].GivePermission(resource, Permission.Allow);
-    /// Thrown when an ACL attempts to add a duplicate role.
-    /// </summary>
+            return this;
-    public class AlreadyContainsRoleException : Exception
+        }
-    {
-        protected Role m_role;
+        public ACL DenyPermission(string role, string resource)
+        {
-        public Role ErrorRole
+            if (!Roles.ContainsKey(role))
-        {
+                throw new KeyNotFoundException();
-            get { return m_role; }
-        }
+            if (!Resources.ContainsKey(resource))
+                throw new KeyNotFoundException();
-        public AlreadyContainsRoleException(Role role)
-        {
+            Roles[role].GivePermission(resource, Permission.Deny);
-            m_role = role;
-        }
+            return this;
+        }
-        public override string ToString()
-        {
+        public ACL ResetPermission(string role, string resource)
-            return "This ACL already contains a role called '" + m_role.Name + "'.";
+        {
-        }
+            if (!Roles.ContainsKey(role))
-    }
+                throw new KeyNotFoundException();
-    #endregion
+            if (!Resources.ContainsKey(resource))
-    #region Roles and Resources
+                throw new KeyNotFoundException();
-    /// <summary>
+            Roles[role].GivePermission(resource, Permission.None);
-    /// Does this Role have permission to access a specified Resource?
-    /// </summary>
+            return this;
-    public enum Permission { Deny, None, Allow };
+        }
+    }
-    /// <summary>
+    #endregion
-    /// A role class, for use with Users or Groups
-    /// </summary>
+    #region Exceptions
-    public class Role
+    /// <summary>
-    {
+    /// Thrown when an ACL attempts to add a duplicate role.
-        private string m_name;
+    /// </summary>
-        private Role[] m_parents;
+    public class AlreadyContainsRoleException : Exception
-        private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>();
+    {
+        protected Role m_role;
-        public string Name
-        {
+        public Role ErrorRole
-            get { return m_name; }
+        {
-        }
+            get { return m_role; }
+        }
-        public Permission RequestPermission(string resource)
-        {
+        public AlreadyContainsRoleException(Role role)
-            return RequestPermission(resource, Permission.None);
+        {
-        }
+            m_role = role;
+        }
-        public Permission RequestPermission(string resource, Permission current)
-        {
+        public override string ToString()
-            // Deny permissions always override any others
+        {
-            if (current == Permission.Deny)
+            return "This ACL already contains a role called '" + m_role.Name + "'.";
-                return current;
+        }
+    }
-            Permission temp = Permission.None;
+    #endregion
-            // Pickup non-None permissions
+    #region Roles and Resources
-            if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None)
-                temp = m_resources[resource];
+    /// <summary>
+    /// Does this Role have permission to access a specified Resource?
-            if (m_parents != null)
+    /// </summary>
-            {
+    public enum Permission { Deny, None, Allow };
-                foreach (Role parent in m_parents)
-                {
+    /// <summary>
-                    temp = parent.RequestPermission(resource, temp);
+    /// A role class, for use with Users or Groups
-                }
+    /// </summary>
-            }
+    public class Role
+    {
-            return temp;
+        private string m_name;
-        }
+        private Role[] m_parents;
+        private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>();
-        public void GivePermission(string resource, Permission perm)
-        {
+        public string Name
-            m_resources[resource] = perm;
+        {
-        }
+            get { return m_name; }
+        }
-        public Role(string name)
-        {
+        public Permission RequestPermission(string resource)
-            m_name = name;
+        {
-            m_parents = null;
+            return RequestPermission(resource, Permission.None);
-        }
+        }
-        public Role(string name, Role[] parents)
+        public Permission RequestPermission(string resource, Permission current)
-        {
+        {
-            m_name = name;
+            // Deny permissions always override any others
-            m_parents = parents;
+            if (current == Permission.Deny)
-        }
+                return current;
-    }
+            Permission temp = Permission.None;
-    public class Resource
-    {
+            // Pickup non-None permissions
-        private string m_name;
+            if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None)
+                temp = m_resources[resource];
-        public string Name
-        {
+            if (m_parents != null)
-            get { return m_name; }
+            {
-        }
+                foreach (Role parent in m_parents)
+                {
-        public Resource(string name)
+                    temp = parent.RequestPermission(resource, temp);
-        {
+                }
-            m_name = name;
+            }
-        }
-    }
+            return temp;
+        }
-    #endregion
+        public void GivePermission(string resource, Permission perm)
-    #region Tests
+        {
+            m_resources[resource] = perm;
-    class ACLTester
+        }
-    {
-        public ACLTester()
+        public Role(string name)
-        {
+        {
-            ACL acl = new ACL();
+            m_name = name;
+            m_parents = null;
-            Role Guests = new Role("Guests");
+        }
-            acl.AddRole(Guests);
+        public Role(string name, Role[] parents)
-            Role[] parents = new Role[0];
+        {
-            parents[0] = Guests;
+            m_name = name;
+            m_parents = parents;
-            Role JoeGuest = new Role("JoeGuest", parents);
+        }
-            acl.AddRole(JoeGuest);
+    }
-            Resource CanBuild = new Resource("CanBuild");
+    public class Resource
-            acl.AddResource(CanBuild);
+    {
+        private string m_name;
-            acl.GrantPermission("Guests", "CanBuild");
+        public string Name
+        {
-            acl.HasPermission("JoeGuest", "CanBuild");
+            get { return m_name; }
+        }
-        }
-    }
+        public Resource(string name)
+        {
-    #endregion
+            m_name = name;
-}
+        }
+    }
+    #endregion
+    #region Tests
+    class ACLTester
+    {
+        public ACLTester()
+        {
+            ACL acl = new ACL();
+            Role Guests = new Role("Guests");
+            acl.AddRole(Guests);
+            Role[] parents = new Role[0];
+            parents[0] = Guests;
+            Role JoeGuest = new Role("JoeGuest", parents);
+            acl.AddRole(JoeGuest);
+            Resource CanBuild = new Resource("CanBuild");
+            acl.AddResource(CanBuild);
+            acl.GrantPermission("Guests", "CanBuild");
+            acl.HasPermission("JoeGuest", "CanBuild");
+        }
+    }
+    #endregion
+}
author	Adam Frisby	2007-10-21 22:15:41 +0000
committer	Adam Frisby	2007-10-21 22:15:41 +0000
commit	7f2ec02802cabc98e93ac872999933b6e5be48e5 (patch)
tree	9a3fd985e02939a090fdf4ffaa9e7b1af25a8173 /OpenSim/Framework
parent	fix line ending mixing. Probably should put some (diff)
download	opensim-SC_OLD-7f2ec02802cabc98e93ac872999933b6e5be48e5.zip opensim-SC_OLD-7f2ec02802cabc98e93ac872999933b6e5be48e5.tar.gz opensim-SC_OLD-7f2ec02802cabc98e93ac872999933b6e5be48e5.tar.bz2 opensim-SC_OLD-7f2ec02802cabc98e93ac872999933b6e5be48e5.tar.xz

diff --git a/OpenSim/Framework/General/PolicyManager/ACL.cs b/OpenSim/Framework/General/PolicyManager/ACL.cs index 53c1b2d..8dffe7b 100644 --- a/OpenSim/Framework/General/PolicyManager/ACL.cs +++ b/OpenSim/Framework/General/PolicyManager/ACL.cs
@@ -1,223 +1,257 @@
1	using System;	1	/*
2	using System.Collections.Generic;	2	* Copyright (c) Contributors, http://opensimulator.org/
3	using System.Text;	3	* See CONTRIBUTORS.TXT for a full list of copyright holders.
4		4	*
5	namespace OpenSim.Framework.PolicyManager	5	* Redistribution and use in source and binary forms, with or without
6	{	6	* modification, are permitted provided that the following conditions are met:
7	#region ACL Core Class	7	* * Redistributions of source code must retain the above copyright
8	/// <summary>	8	* notice, this list of conditions and the following disclaimer.
9	/// Access Control List Engine	9	* * Redistributions in binary form must reproduce the above copyright
10	/// </summary>	10	* notice, this list of conditions and the following disclaimer in the
11	public class ACL	11	* documentation and/or other materials provided with the distribution.
12	{	12	* * Neither the name of the OpenSim Project nor the
13	Dictionary<string, Role> Roles = new Dictionary<string, Role>();	13	* names of its contributors may be used to endorse or promote products
14	Dictionary<string, Resource> Resources = new Dictionary<string, Resource>();	14	* derived from this software without specific prior written permission.
15		15	*
16	public ACL AddRole(Role role)	16	* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS AS IS AND ANY
17	{	17	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18	if (Roles.ContainsKey(role.Name))	18	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19	throw new AlreadyContainsRoleException(role);	19	* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20		20	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21	Roles.Add(role.Name, role);	21	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22		22	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23	return this;	23	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24	}	24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25		25	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26	public ACL AddResource(Resource resource)	26	*
27	{	27	*/
28	Resources.Add(resource.Name, resource);	28	using System;
29		29	using System.Collections.Generic;
30	return this;	30	using System.Text;
31	}	31
32		32	namespace OpenSim.Framework.PolicyManager
33	public Permission HasPermission(string role, string resource)	33	{
34	{	34	// ACL Class
35	if (!Roles.ContainsKey(role))	35	// Modelled after the structure of the Zend ACL Framework Library
36	throw new KeyNotFoundException();	36	// with one key difference - the tree will search for all matching
37		37	// permissions rather than just the first. Deny permissions will
38	if (!Resources.ContainsKey(resource))	38	// override all others.
39	throw new KeyNotFoundException();	39
40		40
41	return Roles[role].RequestPermission(resource);	41	#region ACL Core Class
42	}	42	/// <summary>
43		43	/// Access Control List Engine
44	public ACL GrantPermission(string role, string resource)	44	/// </summary>
45	{	45	public class ACL
46	if (!Roles.ContainsKey(role))	46	{
47	throw new KeyNotFoundException();	47	Dictionary<string, Role> Roles = new Dictionary<string, Role>();
48		48	Dictionary<string, Resource> Resources = new Dictionary<string, Resource>();
49	if (!Resources.ContainsKey(resource))	49
50	throw new KeyNotFoundException();	50	public ACL AddRole(Role role)
51		51	{
52	Roles[role].GivePermission(resource, Permission.Allow);	52	if (Roles.ContainsKey(role.Name))
53		53	throw new AlreadyContainsRoleException(role);
54	return this;	54
55	}	55	Roles.Add(role.Name, role);
56		56
57	public ACL DenyPermission(string role, string resource)	57	return this;
58	{	58	}
59	if (!Roles.ContainsKey(role))	59
60	throw new KeyNotFoundException();	60	public ACL AddResource(Resource resource)
61		61	{
62	if (!Resources.ContainsKey(resource))	62	Resources.Add(resource.Name, resource);
63	throw new KeyNotFoundException();	63
64		64	return this;
65	Roles[role].GivePermission(resource, Permission.Deny);	65	}
66		66
67	return this;	67	public Permission HasPermission(string role, string resource)
68	}	68	{
69		69	if (!Roles.ContainsKey(role))
70	public ACL ResetPermission(string role, string resource)	70	throw new KeyNotFoundException();
71	{	71
72	if (!Roles.ContainsKey(role))	72	if (!Resources.ContainsKey(resource))
73	throw new KeyNotFoundException();	73	throw new KeyNotFoundException();
74		74
75	if (!Resources.ContainsKey(resource))	75	return Roles[role].RequestPermission(resource);
76	throw new KeyNotFoundException();	76	}
77		77
78	Roles[role].GivePermission(resource, Permission.None);	78	public ACL GrantPermission(string role, string resource)
79		79	{
80	return this;	80	if (!Roles.ContainsKey(role))
81	}	81	throw new KeyNotFoundException();
82	}	82
83	#endregion	83	if (!Resources.ContainsKey(resource))
84		84	throw new KeyNotFoundException();
85	#region Exceptions	85
86	/// <summary>	86	Roles[role].GivePermission(resource, Permission.Allow);
87	/// Thrown when an ACL attempts to add a duplicate role.	87
88	/// </summary>	88	return this;
89	public class AlreadyContainsRoleException : Exception	89	}
90	{	90
91	protected Role m_role;	91	public ACL DenyPermission(string role, string resource)
92		92	{
93	public Role ErrorRole	93	if (!Roles.ContainsKey(role))
94	{	94	throw new KeyNotFoundException();
95	get { return m_role; }	95
96	}	96	if (!Resources.ContainsKey(resource))
97		97	throw new KeyNotFoundException();
98	public AlreadyContainsRoleException(Role role)	98
99	{	99	Roles[role].GivePermission(resource, Permission.Deny);
100	m_role = role;	100
101	}	101	return this;
102		102	}
103	public override string ToString()	103
104	{	104	public ACL ResetPermission(string role, string resource)
105	return "This ACL already contains a role called '" + m_role.Name + "'.";	105	{
106	}	106	if (!Roles.ContainsKey(role))
107	}	107	throw new KeyNotFoundException();
108	#endregion	108
109		109	if (!Resources.ContainsKey(resource))
110	#region Roles and Resources	110	throw new KeyNotFoundException();
111		111
112	/// <summary>	112	Roles[role].GivePermission(resource, Permission.None);
113	/// Does this Role have permission to access a specified Resource?	113
114	/// </summary>	114	return this;
115	public enum Permission { Deny, None, Allow };	115	}
116		116	}
117	/// <summary>	117	#endregion
118	/// A role class, for use with Users or Groups	118
119	/// </summary>	119	#region Exceptions
120	public class Role	120	/// <summary>
121	{	121	/// Thrown when an ACL attempts to add a duplicate role.
122	private string m_name;	122	/// </summary>
123	private Role[] m_parents;	123	public class AlreadyContainsRoleException : Exception
124	private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>();	124	{
125		125	protected Role m_role;
126	public string Name	126
127	{	127	public Role ErrorRole
128	get { return m_name; }	128	{
129	}	129	get { return m_role; }
130		130	}
131	public Permission RequestPermission(string resource)	131
132	{	132	public AlreadyContainsRoleException(Role role)
133	return RequestPermission(resource, Permission.None);	133	{
134	}	134	m_role = role;
135		135	}
136	public Permission RequestPermission(string resource, Permission current)	136
137	{	137	public override string ToString()
138	// Deny permissions always override any others	138	{
139	if (current == Permission.Deny)	139	return "This ACL already contains a role called '" + m_role.Name + "'.";
140	return current;	140	}
141		141	}
142	Permission temp = Permission.None;	142	#endregion
143		143
144	// Pickup non-None permissions	144	#region Roles and Resources
145	if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None)	145
146	temp = m_resources[resource];	146	/// <summary>
147		147	/// Does this Role have permission to access a specified Resource?
148	if (m_parents != null)	148	/// </summary>
149	{	149	public enum Permission { Deny, None, Allow };
150	foreach (Role parent in m_parents)	150
151	{	151	/// <summary>
152	temp = parent.RequestPermission(resource, temp);	152	/// A role class, for use with Users or Groups
153	}	153	/// </summary>
154	}	154	public class Role
155		155	{
156	return temp;	156	private string m_name;
157	}	157	private Role[] m_parents;
158		158	private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>();
159	public void GivePermission(string resource, Permission perm)	159
160	{	160	public string Name
161	m_resources[resource] = perm;	161	{
162	}	162	get { return m_name; }
163		163	}
164	public Role(string name)	164
165	{	165	public Permission RequestPermission(string resource)
166	m_name = name;	166	{
167	m_parents = null;	167	return RequestPermission(resource, Permission.None);
168	}	168	}
169		169
170	public Role(string name, Role[] parents)	170	public Permission RequestPermission(string resource, Permission current)
171	{	171	{
172	m_name = name;	172	// Deny permissions always override any others
173	m_parents = parents;	173	if (current == Permission.Deny)
174	}	174	return current;
175	}	175
176		176	Permission temp = Permission.None;
177	public class Resource	177
178	{	178	// Pickup non-None permissions
179	private string m_name;	179	if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None)
180		180	temp = m_resources[resource];
181	public string Name	181
182	{	182	if (m_parents != null)
183	get { return m_name; }	183	{
184	}	184	foreach (Role parent in m_parents)
185		185	{
186	public Resource(string name)	186	temp = parent.RequestPermission(resource, temp);
187	{	187	}
188	m_name = name;	188	}
189	}	189
190	}	190	return temp;
191		191	}
192	#endregion	192
193		193	public void GivePermission(string resource, Permission perm)
194	#region Tests	194	{
195		195	m_resources[resource] = perm;
196	class ACLTester	196	}
197	{	197
198	public ACLTester()	198	public Role(string name)
199	{	199	{
200	ACL acl = new ACL();	200	m_name = name;
201		201	m_parents = null;
202	Role Guests = new Role("Guests");	202	}
203	acl.AddRole(Guests);	203
204		204	public Role(string name, Role[] parents)
205	Role[] parents = new Role[0];	205	{
206	parents[0] = Guests;	206	m_name = name;
207		207	m_parents = parents;
208	Role JoeGuest = new Role("JoeGuest", parents);	208	}
209	acl.AddRole(JoeGuest);	209	}
210		210
211	Resource CanBuild = new Resource("CanBuild");	211	public class Resource
212	acl.AddResource(CanBuild);	212	{
213		213	private string m_name;
214		214
215	acl.GrantPermission("Guests", "CanBuild");	215	public string Name
216		216	{
217	acl.HasPermission("JoeGuest", "CanBuild");	217	get { return m_name; }
218		218	}
219	}	219
220	}	220	public Resource(string name)
221		221	{
222	#endregion	222	m_name = name;
223	}	223	}
		224	}
		225
		226	#endregion
		227
		228	#region Tests
		229
		230	class ACLTester
		231	{
		232	public ACLTester()
		233	{
		234	ACL acl = new ACL();
		235
		236	Role Guests = new Role("Guests");
		237	acl.AddRole(Guests);
		238
		239	Role[] parents = new Role[0];
		240	parents[0] = Guests;
		241
		242	Role JoeGuest = new Role("JoeGuest", parents);
		243	acl.AddRole(JoeGuest);
		244
		245	Resource CanBuild = new Resource("CanBuild");
		246	acl.AddResource(CanBuild);
		247
		248
		249	acl.GrantPermission("Guests", "CanBuild");
		250
		251	acl.HasPermission("JoeGuest", "CanBuild");
		252
		253	}
		254	}
		255
		256	#endregion
		257	}