mcs/class/System.Web/System.Web.Configuration/AuthorizationConfig.cs

   1 //
   2 // System.Web.Configuration.AuthorizationConfig
   3 //
   4 // Authors:
   5 //      Gonzalo Paniagua Javier (gonzalo@ximian.com)
   6 //
   7 // (C) 2003 Ximian, Inc (http://www.ximian.com)
   8 //
   9
  10 //
  11 // Permission is hereby granted, free of charge, to any person obtaining
  12 // a copy of this software and associated documentation files (the
  13 // "Software"), to deal in the Software without restriction, including
  14 // without limitation the rights to use, copy, modify, merge, publish,
  15 // distribute, sublicense, and/or sell copies of the Software, and to
  16 // permit persons to whom the Software is furnished to do so, subject to
  17 // the following conditions:
  18 //
  19 // The above copyright notice and this permission notice shall be
  20 // included in all copies or substantial portions of the Software.
  21 //
  22 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  23 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  25 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  26 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  27 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  29 //
  30
  31 using System;
  32 using System.Collections;
  33 using System.Security.Principal;
  34 using System.Web.UI;
  35
  36 namespace System.Web.Configuration
  37 {
  38         class AuthorizationConfig
  39         {
  40                 AuthorizationConfig parent;
  41                 ArrayList list;
  42
  43                 internal AuthorizationConfig (object parent)
  44                 {
  45                         this.parent = parent as AuthorizationConfig;
  46                 }
  47
  48                 static string [] SplitAndTrim (string s)
  49                 {
  50                         if (s == null || s == "")
  51                                 return null;
  52
  53                         string [] all = s.Split (',');
  54                         for (int i = 0; i < all.Length; i++)
  55                                 all [i] = all [i].Trim ();
  56
  57                         return all;
  58                 }
  59
  60                 static bool CheckWildcards (string [] values)
  61                 {
  62                         if (values == null)
  63                                 return true;
  64
  65                         foreach (string s in values) {
  66                                 if (s == null || s.Length == 1)
  67                                         continue;
  68
  69                                 if (s.IndexOf ('?') != -1 || s.IndexOf ('*') != -1)
  70                                         return false;
  71                         }
  72
  73                         return true;
  74                 }
  75
  76                 bool Add (bool allow, string users, string roles, string verbs)
  77                 {
  78                         string [] allUsers = SplitAndTrim (users);
  79                         string [] allRoles = SplitAndTrim (roles);
  80                         string [] allVerbs = SplitAndTrim (verbs);
  81                         if (!CheckWildcards (allUsers) || !CheckWildcards (allRoles))
  82                                 return false;
  83
  84                         if (list == null)
  85                                 list = new ArrayList ();
  86
  87                         list.Add (new UserData (allow, allUsers, allRoles, allVerbs));
  88                         return true;
  89                 }
  90
  91                 internal bool Allow (string users, string roles, string verbs)
  92                 {
  93                         return Add (true, users, roles, verbs);
  94                 }
  95
  96                 internal bool Deny (string users, string roles, string verbs)
  97                 {
  98                         return Add (false, users, roles, verbs);
  99                 }
 100
 101                 internal bool IsValidUser (IPrincipal user, string verb)
 102                 {
 103                         if (user == null)
 104                                 return false;
 105
 106                         if (list == null) {
 107                                 if (parent != null)
 108                                         return parent.IsValidUser (user, verb);
 109
 110                                 return true;
 111                         }
 112
 113                         foreach (UserData data in list) {
 114                                 if (data.Verbs != null && !data.CheckVerb (verb))
 115                                         continue;
 116
 117                                 if ((data.Users !=null && data.CheckUser(user.Identity.Name)) ||
 118                                     (data.Roles != null && data.CheckRole(user)))
 119                                         return data.Allow;
 120                         }
 121
 122                         if (parent != null)
 123                                 return parent.IsValidUser (user, verb);
 124
 125                         return true;
 126                 }
 127
 128                 struct UserData
 129                 {
 130                         public bool Allow;
 131                         public string [] Users;
 132                         public string [] Roles;
 133                         public string [] Verbs;
 134
 135                         public UserData (bool allow, string [] users, string [] roles, string [] verbs)
 136                         {
 137                                 Allow = allow;
 138                                 Users = users;
 139                                 Roles = roles;
 140                                 Verbs = verbs;
 141                         }
 142
 143                         public bool CheckUser (string user)
 144                         {
 145                                 foreach (string u in Users) {
 146                                         if (String.Compare (u, user, true) == 0 ||
 147                                             u == "*" ||
 148                                             (u == "?" && user == ""))
 149                                                 return true;
 150                                 }
 151
 152                                 return false;
 153                         }
 154
 155                         public bool CheckRole (IPrincipal user)
 156                         {
 157                                 foreach (string r in Roles) {
 158                                         if (user.IsInRole (r))
 159                                                 return true;
 160                                 }
 161
 162                                 return false;
 163                         }
 164
 165                         public bool CheckVerb (string verb)
 166                         {
 167                                 foreach (string u in Verbs) {
 168                                         if (String.Compare (u, verb, true) == 0)
 169                                                 return true;
 170                                 }
 171
 172                                 return false;
 173                         }
 174
 175                 }
 176         }
 177 }
 178