aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Framework
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--OpenSim/Framework/ACL.cs252
-rw-r--r--OpenSim/Framework/Tests/ACLTest.cs125
2 files changed, 0 insertions, 377 deletions
diff --git a/OpenSim/Framework/ACL.cs b/OpenSim/Framework/ACL.cs
deleted file mode 100644
index f76e8b7..0000000
--- a/OpenSim/Framework/ACL.cs
+++ /dev/null
@@ -1,252 +0,0 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using System;
29using System.Collections.Generic;
30
31namespace OpenSim.Framework
32{
33 // ACL Class
34 // Modelled after the structure of the Zend ACL Framework Library
35 // with one key difference - the tree will search for all matching
36 // permissions rather than just the first. Deny permissions will
37 // override all others.
38
39 #region ACL Core Class
40
41 /// <summary>
42 /// Access Control List Engine
43 /// </summary>
44 public class ACL
45 {
46 private Dictionary<string, Resource> Resources = new Dictionary<string, Resource>();
47 private Dictionary<string, Role> Roles = new Dictionary<string, Role>();
48
49 /// <summary>
50 /// Adds a new role
51 /// </summary>
52 /// <param name="role"></param>
53 /// <returns></returns>
54 public ACL AddRole(Role role)
55 {
56 if (Roles.ContainsKey(role.Name))
57 throw new AlreadyContainsRoleException(role);
58
59 Roles.Add(role.Name, role);
60
61 return this;
62 }
63
64 /// <summary>
65 /// Adds a new resource
66 /// </summary>
67 /// <param name="resource"></param>
68 /// <returns></returns>
69 public ACL AddResource(Resource resource)
70 {
71 Resources.Add(resource.Name, resource);
72
73 return this;
74 }
75
76 /// <summary>
77 /// Permision for user/roll on a resource
78 /// </summary>
79 /// <param name="role"></param>
80 /// <param name="resource"></param>
81 /// <returns></returns>
82 public Permission HasPermission(string role, string resource)
83 {
84 if (!Roles.ContainsKey(role))
85 throw new KeyNotFoundException();
86
87 if (!Resources.ContainsKey(resource))
88 throw new KeyNotFoundException();
89
90 return Roles[role].RequestPermission(resource);
91 }
92
93 public ACL GrantPermission(string role, string resource)
94 {
95 if (!Roles.ContainsKey(role))
96 throw new KeyNotFoundException();
97
98 if (!Resources.ContainsKey(resource))
99 throw new KeyNotFoundException();
100
101 Roles[role].GivePermission(resource, Permission.Allow);
102
103 return this;
104 }
105
106 public ACL DenyPermission(string role, string resource)
107 {
108 if (!Roles.ContainsKey(role))
109 throw new KeyNotFoundException();
110
111 if (!Resources.ContainsKey(resource))
112 throw new KeyNotFoundException();
113
114 Roles[role].GivePermission(resource, Permission.Deny);
115
116 return this;
117 }
118
119 public ACL ResetPermission(string role, string resource)
120 {
121 if (!Roles.ContainsKey(role))
122 throw new KeyNotFoundException();
123
124 if (!Resources.ContainsKey(resource))
125 throw new KeyNotFoundException();
126
127 Roles[role].GivePermission(resource, Permission.None);
128
129 return this;
130 }
131 }
132
133 #endregion
134
135 #region Exceptions
136
137 /// <summary>
138 /// Thrown when an ACL attempts to add a duplicate role.
139 /// </summary>
140 public class AlreadyContainsRoleException : Exception
141 {
142 protected Role m_role;
143
144 public AlreadyContainsRoleException(Role role)
145 {
146 m_role = role;
147 }
148
149 public Role ErrorRole
150 {
151 get { return m_role; }
152 }
153
154 public override string ToString()
155 {
156 return "This ACL already contains a role called '" + m_role.Name + "'.";
157 }
158 }
159
160 #endregion
161
162 #region Roles and Resources
163
164 /// <summary>
165 /// Does this Role have permission to access a specified Resource?
166 /// </summary>
167 public enum Permission
168 {
169 Deny,
170 None,
171 Allow
172 } ;
173
174 /// <summary>
175 /// A role class, for use with Users or Groups
176 /// </summary>
177 public class Role
178 {
179 private string m_name;
180 private Role[] m_parents;
181 private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>();
182
183 public Role(string name)
184 {
185 m_name = name;
186 m_parents = null;
187 }
188
189 public Role(string name, Role[] parents)
190 {
191 m_name = name;
192 m_parents = parents;
193 }
194
195 public string Name
196 {
197 get { return m_name; }
198 }
199
200 public Permission RequestPermission(string resource)
201 {
202 return RequestPermission(resource, Permission.None);
203 }
204
205 public Permission RequestPermission(string resource, Permission current)
206 {
207 // Deny permissions always override any others
208 if (current == Permission.Deny)
209 return current;
210
211 Permission temp = Permission.None;
212
213 // Pickup non-None permissions
214 if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None)
215 temp = m_resources[resource];
216
217 if (m_parents != null)
218 {
219 foreach (Role parent in m_parents)
220 {
221 temp = parent.RequestPermission(resource, temp);
222 }
223 }
224
225 return temp;
226 }
227
228 public void GivePermission(string resource, Permission perm)
229 {
230 m_resources[resource] = perm;
231 }
232 }
233
234 public class Resource
235 {
236 private string m_name;
237
238 public Resource(string name)
239 {
240 m_name = name;
241 }
242
243 public string Name
244 {
245 get { return m_name; }
246 }
247 }
248
249 #endregion
250
251
252} \ No newline at end of file
diff --git a/OpenSim/Framework/Tests/ACLTest.cs b/OpenSim/Framework/Tests/ACLTest.cs
deleted file mode 100644
index 06e860e..0000000
--- a/OpenSim/Framework/Tests/ACLTest.cs
+++ /dev/null
@@ -1,125 +0,0 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using System;
29using NUnit.Framework;
30using System.Collections.Generic;
31
32
33namespace OpenSim.Framework.Tests
34{
35 [TestFixture]
36 public class ACLTest
37 {
38 #region Tests
39
40 /// <summary>
41 /// ACL Test class
42 /// </summary>
43 [Test]
44 public void ACLTest01()
45 {
46 ACL acl = new ACL();
47
48 Role Guests = new Role("Guests");
49 acl.AddRole(Guests);
50
51 Role[] parents = new Role[1];
52 parents[0] = Guests;
53
54 Role JoeGuest = new Role("JoeGuest", parents);
55 acl.AddRole(JoeGuest);
56
57 Resource CanBuild = new Resource("CanBuild");
58 acl.AddResource(CanBuild);
59
60
61 acl.GrantPermission("Guests", "CanBuild");
62
63 Permission perm = acl.HasPermission("JoeGuest", "CanBuild");
64 Assert.That(perm == Permission.Allow, "JoeGuest should have permission to build");
65 perm = Permission.None;
66 try
67 {
68 perm = acl.HasPermission("unknownGuest", "CanBuild");
69
70 }
71 catch (KeyNotFoundException)
72 {
73
74
75 }
76 catch (Exception)
77 {
78 Assert.That(false,"Exception thrown should have been KeyNotFoundException");
79 }
80 Assert.That(perm == Permission.None,"Permission None should be set because exception should have been thrown");
81
82 }
83
84 [Test]
85 public void KnownButPermissionDenyAndPermissionNoneUserTest()
86 {
87 ACL acl = new ACL();
88
89 Role Guests = new Role("Guests");
90 acl.AddRole(Guests);
91 Role Administrators = new Role("Administrators");
92 acl.AddRole(Administrators);
93 Role[] Guestparents = new Role[1];
94 Role[] Adminparents = new Role[1];
95
96 Guestparents[0] = Guests;
97 Adminparents[0] = Administrators;
98
99 Role JoeGuest = new Role("JoeGuest", Guestparents);
100 acl.AddRole(JoeGuest);
101
102 Resource CanBuild = new Resource("CanBuild");
103 acl.AddResource(CanBuild);
104
105 Resource CanScript = new Resource("CanScript");
106 acl.AddResource(CanScript);
107
108 Resource CanRestart = new Resource("CanRestart");
109 acl.AddResource(CanRestart);
110
111 acl.GrantPermission("Guests", "CanBuild");
112 acl.DenyPermission("Guests", "CanRestart");
113
114 acl.GrantPermission("Administrators", "CanScript");
115
116 acl.GrantPermission("Administrators", "CanRestart");
117 Permission setPermission = acl.HasPermission("JoeGuest", "CanRestart");
118 Assert.That(setPermission == Permission.Deny, "Guests Should not be able to restart");
119 Assert.That(acl.HasPermission("JoeGuest", "CanScript") == Permission.None,
120 "No Explicit Permissions set so should be Permission.None");
121 }
122
123 #endregion
124 }
125}