mcs/class/System.Web/System.Web.Configuration/AuthorizationConfig.cs

   1 //
   2 // System.Web.Configuration.AuthorizationConfig
   3 //
   4 // Authors:
   5 //      Gonzalo Paniagua Javier (gonzalo@ximian.com)
   6 //
   7 // (C) 2003 Ximian, Inc (http://www.ximian.com)
   8 //
   9
  10 using System;
  11 using System.Collections;
  12 using System.Security.Principal;
  13 using System.Web.UI;
  14
  15 namespace System.Web.Configuration
  16 {
  17         class AuthorizationConfig
  18         {
  19                 AuthorizationConfig parent;
  20                 ArrayList list;
  21
  22                 internal AuthorizationConfig (object parent)
  23                 {
  24                         this.parent = parent as AuthorizationConfig;
  25                 }
  26
  27                 static string [] SplitAndTrim (string s)
  28                 {
  29                         if (s == null || s == "")
  30                                 return null;
  31
  32                         string [] all = s.Split (',');
  33                         for (int i = 0; i < all.Length; i++)
  34                                 all [i] = all [i].Trim ();
  35
  36                         return all;
  37                 }
  38
  39                 static bool CheckWildcards (string [] values)
  40                 {
  41                         if (values == null)
  42                                 return true;
  43
  44                         foreach (string s in values) {
  45                                 if (s == null || s.Length == 1)
  46                                         continue;
  47
  48                                 if (s.IndexOf ('?') != -1 || s.IndexOf ('*') != -1)
  49                                         return false;
  50                         }
  51
  52                         return true;
  53                 }
  54
  55                 bool Add (bool allow, string users, string roles, string verbs)
  56                 {
  57                         string [] allUsers = SplitAndTrim (users);
  58                         string [] allRoles = SplitAndTrim (roles);
  59                         string [] allVerbs = SplitAndTrim (verbs);
  60                         if (!CheckWildcards (allUsers) || !CheckWildcards (allRoles))
  61                                 return false;
  62
  63                         if (list == null)
  64                                 list = new ArrayList ();
  65
  66                         list.Add (new UserData (allow, allUsers, allRoles, allVerbs));
  67                         return true;
  68                 }
  69
  70                 internal bool Allow (string users, string roles, string verbs)
  71                 {
  72                         return Add (true, users, roles, verbs);
  73                 }
  74
  75                 internal bool Deny (string users, string roles, string verbs)
  76                 {
  77                         return Add (false, users, roles, verbs);
  78                 }
  79
  80                 internal bool IsValidUser (IPrincipal user, string verb)
  81                 {
  82                         if (user == null)
  83                                 return false;
  84
  85                         if (list == null) {
  86                                 if (parent != null)
  87                                         return parent.IsValidUser (user, verb);
  88
  89                                 return true;
  90                         }
  91
  92                         bool userMatch;
  93                         bool roleMatch;
  94                         bool verbMatch;
  95                         foreach (UserData data in list) {
  96                                 if (data.Users == null)
  97                                         continue;
  98
  99                                 userMatch = (data.Users == null);
 100                                 if (!userMatch)
 101                                         userMatch = data.CheckUser (user.Identity.Name);
 102
 103                                 roleMatch = (data.Roles == null);
 104                                 if (!roleMatch)
 105                                         roleMatch = data.CheckRole (user);
 106
 107                                 verbMatch = (data.Verbs == null);
 108                                 if (data.Verbs != null)
 109                                         verbMatch = data.CheckVerb (verb);
 110
 111                                 if (userMatch && roleMatch && verbMatch)
 112                                         return data.Allow;
 113                         }
 114
 115                         if (parent != null)
 116                                 return parent.IsValidUser (user, verb);
 117
 118                         return true;
 119                 }
 120
 121                 struct UserData
 122                 {
 123                         public bool Allow;
 124                         public string [] Users;
 125                         public string [] Roles;
 126                         public string [] Verbs;
 127
 128                         public UserData (bool allow, string [] users, string [] roles, string [] verbs)
 129                         {
 130                                 Allow = allow;
 131                                 Users = users;
 132                                 Roles = roles;
 133                                 Verbs = verbs;
 134                         }
 135
 136                         public bool CheckUser (string user)
 137                         {
 138                                 foreach (string u in Users) {
 139                                         if (String.Compare (u, user, true) == 0 ||
 140                                             u == "*" ||
 141                                             (u == "?" && user == ""))
 142                                                 return true;
 143                                 }
 144
 145                                 return false;
 146                         }
 147
 148                         public bool CheckRole (IPrincipal user)
 149                         {
 150                                 foreach (string r in Roles) {
 151                                         if (user.IsInRole (r))
 152                                                 return true;
 153                                 }
 154
 155                                 return false;
 156                         }
 157
 158                         public bool CheckVerb (string verb)
 159                         {
 160                                 foreach (string u in Verbs) {
 161                                         if (String.Compare (u, verb, true) == 0)
 162                                                 return true;
 163                                 }
 164
 165                                 return false;
 166                         }
 167
 168                 }
 169         }
 170 }
 171