From 5ccd42502ae62527cf05e49aa13ac53925c31d17 Mon Sep 17 00:00:00 2001 From: "Atsuta, Ivan" Date: Tue, 29 Oct 2024 15:20:01 +0100 Subject: [PATCH 1/5] temp --- .../DomainSecurityServiceBase.cs | 10 +- .../CurrentUserSecurityProviderInjector.cs | 24 +++ .../DependencyBaseSecurityProviderInjector.cs | 30 ++++ .../DependencySecurityProviderInjector.cs | 21 +++ .../RoleBaseSecurityProviderInjector.cs | 12 ++ ...typedDependencySecurityProviderInjector.cs | 21 +++ .../Services/DomainSecurityProviderFactory.cs | 166 +++++++++++------- .../IDomainSecurityProviderFactory.cs | 7 +- .../Services/ISecurityProviderFactory.cs | 7 + .../Services/ISecurityProviderInjector.cs | 15 ++ 10 files changed, 236 insertions(+), 77 deletions(-) create mode 100644 src/Framework.SecuritySystem/Services/DefaultInjectors/CurrentUserSecurityProviderInjector.cs create mode 100644 src/Framework.SecuritySystem/Services/DefaultInjectors/DependencyBaseSecurityProviderInjector.cs create mode 100644 src/Framework.SecuritySystem/Services/DefaultInjectors/DependencySecurityProviderInjector.cs create mode 100644 src/Framework.SecuritySystem/Services/DefaultInjectors/RoleBaseSecurityProviderInjector.cs create mode 100644 src/Framework.SecuritySystem/Services/DefaultInjectors/UntypedDependencySecurityProviderInjector.cs create mode 100644 src/Framework.SecuritySystem/Services/ISecurityProviderFactory.cs create mode 100644 src/Framework.SecuritySystem/Services/ISecurityProviderInjector.cs diff --git a/src/Framework.SecuritySystem/DomainServices/DomainSecurityServiceBase.cs b/src/Framework.SecuritySystem/DomainServices/DomainSecurityServiceBase.cs index 9482481ef..21d6d71d3 100644 --- a/src/Framework.SecuritySystem/DomainServices/DomainSecurityServiceBase.cs +++ b/src/Framework.SecuritySystem/DomainServices/DomainSecurityServiceBase.cs @@ -7,11 +7,11 @@ public abstract class DomainSecurityServiceBase : IDomainSecurity private readonly IDictionaryCache> providersCache; protected DomainSecurityServiceBase() => - this.providersCache = new DictionaryCache>(securityRule => - { - return this.CreateSecurityProvider(securityRule) - .OverrideAccessDeniedResult(accessDeniedResult => accessDeniedResult with { SecurityRule = securityRule }); - }).WithLock(); + this.providersCache = new DictionaryCache>( + securityRule => + this.CreateSecurityProvider(securityRule) + .OverrideAccessDeniedResult(accessDeniedResult => accessDeniedResult with { SecurityRule = securityRule })) + .WithLock(); protected abstract ISecurityProvider CreateSecurityProvider(SecurityRule securityRule); diff --git a/src/Framework.SecuritySystem/Services/DefaultInjectors/CurrentUserSecurityProviderInjector.cs b/src/Framework.SecuritySystem/Services/DefaultInjectors/CurrentUserSecurityProviderInjector.cs new file mode 100644 index 000000000..592e56aad --- /dev/null +++ b/src/Framework.SecuritySystem/Services/DefaultInjectors/CurrentUserSecurityProviderInjector.cs @@ -0,0 +1,24 @@ +using Framework.Core; +using Framework.SecuritySystem.UserSource; + +using Microsoft.Extensions.DependencyInjection; + +namespace Framework.SecuritySystem.Services.DefaultInjectors; + +public class CurrentUserSecurityProviderInjector( + IServiceProvider serviceProvider) + : ISecurityProviderInjector +{ + public ISecurityProvider Create(DomainSecurityRule.CurrentUserSecurityRule securityRule, SecurityPath securityPath) + { + var args = new object?[] + { + securityRule.RelativePathKey == null + ? null + : new CurrentUserSecurityProviderRelativeKey(securityRule.RelativePathKey) + }.Where(arg => arg != null) + .ToArray(arg => arg!); + + return ActivatorUtilities.CreateInstance>(serviceProvider, args); + } +} diff --git a/src/Framework.SecuritySystem/Services/DefaultInjectors/DependencyBaseSecurityProviderInjector.cs b/src/Framework.SecuritySystem/Services/DefaultInjectors/DependencyBaseSecurityProviderInjector.cs new file mode 100644 index 000000000..b1a6c309c --- /dev/null +++ b/src/Framework.SecuritySystem/Services/DefaultInjectors/DependencyBaseSecurityProviderInjector.cs @@ -0,0 +1,30 @@ +using Framework.SecuritySystem.Expanders; + +namespace Framework.SecuritySystem.Services.DefaultInjectors; + +public abstract class + DependencyBaseSecurityProviderInjector( + ISecurityModeExpander securityRuleExpander, + IDomainSecurityService baseDomainSecurityService) + : ISecurityProviderInjector +{ + public ISecurityProvider Create(SecurityRule securityRule, SecurityPath securityPath) + { + return this.CreateDependencySecurityProvider(baseDomainSecurityService.GetSecurityProvider(this.GetActualSecurityRule(securityRule))); + } + + public SecurityRule GetActualSecurityRule(SecurityRule securityRule) + { + if (securityRule is SecurityRule.ModeSecurityRule modeSecurityRule + && securityRuleExpander.TryExpand(modeSecurityRule.ToDomain()) is { } customSecurityRule) + { + return customSecurityRule; + } + else + { + return securityRule; + } + } + + protected abstract ISecurityProvider CreateDependencySecurityProvider(ISecurityProvider baseProvider); +} diff --git a/src/Framework.SecuritySystem/Services/DefaultInjectors/DependencySecurityProviderInjector.cs b/src/Framework.SecuritySystem/Services/DefaultInjectors/DependencySecurityProviderInjector.cs new file mode 100644 index 000000000..60d0ab05f --- /dev/null +++ b/src/Framework.SecuritySystem/Services/DefaultInjectors/DependencySecurityProviderInjector.cs @@ -0,0 +1,21 @@ +using Framework.QueryableSource; +using Framework.SecuritySystem.Expanders; + +namespace Framework.SecuritySystem.Services.DefaultInjectors; + +public class DependencySecurityProviderInjector( + ISecurityModeExpander securityRuleExpander, + IDomainSecurityService baseDomainSecurityService, + IQueryableSource queryableSource, + IRelativeDomainPathInfo pathInfo) + : DependencyBaseSecurityProviderInjector(securityRuleExpander, baseDomainSecurityService) +{ + protected override ISecurityProvider CreateDependencySecurityProvider(ISecurityProvider baseProvider) + { + return new DependencySecurityProvider( + baseProvider, + pathInfo.Path, + queryableSource); + } +} diff --git a/src/Framework.SecuritySystem/Services/DefaultInjectors/RoleBaseSecurityProviderInjector.cs b/src/Framework.SecuritySystem/Services/DefaultInjectors/RoleBaseSecurityProviderInjector.cs new file mode 100644 index 000000000..90ede5676 --- /dev/null +++ b/src/Framework.SecuritySystem/Services/DefaultInjectors/RoleBaseSecurityProviderInjector.cs @@ -0,0 +1,12 @@ +using static Framework.SecuritySystem.DomainSecurityRule; + +namespace Framework.SecuritySystem.Services.DefaultInjectors; + + +public class RoleBaseSecurityProviderInjector( + IRoleBaseSecurityProviderFactory roleBaseSecurityProviderFactory) + : ISecurityProviderInjector +{ + public ISecurityProvider Create(RoleBaseSecurityRule securityRule, SecurityPath securityPath) => + roleBaseSecurityProviderFactory.Create(securityRule, securityPath); +} diff --git a/src/Framework.SecuritySystem/Services/DefaultInjectors/UntypedDependencySecurityProviderInjector.cs b/src/Framework.SecuritySystem/Services/DefaultInjectors/UntypedDependencySecurityProviderInjector.cs new file mode 100644 index 000000000..ecec0e41a --- /dev/null +++ b/src/Framework.SecuritySystem/Services/DefaultInjectors/UntypedDependencySecurityProviderInjector.cs @@ -0,0 +1,21 @@ +using Framework.Persistent; +using Framework.QueryableSource; +using Framework.SecuritySystem.Expanders; + +namespace Framework.SecuritySystem.Services.DefaultInjectors; + +public class UntypedDependencySecurityProviderInjector( + ISecurityModeExpander securityRuleExpander, + IDomainSecurityService baseDomainSecurityService, + IQueryableSource queryableSource) + : DependencyBaseSecurityProviderInjector(securityRuleExpander, baseDomainSecurityService) + where TDomainObject : IIdentityObject where TBaseDomainObject : class, IIdentityObject +{ + protected override ISecurityProvider CreateDependencySecurityProvider(ISecurityProvider baseProvider) + { + return new UntypedDependencySecurityProvider( + baseProvider, + queryableSource); + } +} diff --git a/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs b/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs index f7612c77a..e02afce9e 100644 --- a/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs +++ b/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs @@ -14,16 +14,50 @@ public class DomainSecurityProviderFactory( ISecurityRuleDeepOptimizer deepOptimizer, IRoleBaseSecurityProviderFactory roleBaseSecurityProviderFactory) : IDomainSecurityProviderFactory { - public virtual ISecurityProvider Create( - DomainSecurityRule securityRule, - SecurityPath securityPath) + public ISecurityProvider Create(SecurityRule securityRule, SecurityPath securityPath) { - return this.CreateInternal(deepOptimizer.Optimize(securityRule), securityPath); + var injectors = serviceProvider.GetRequiredService(typeof(IEnumerable<>).MakeGenericType(securityRule.GetType())); + + + + switch (baseSecurityRule) + { + case DomainSecurityRule securityRule: + return this.CreateInternal(deepOptimizer.Optimize(securityRule), securityPath); + + case SecurityRule.ModeSecurityRule securityRule: + return this.Create(securityRule.ToDomain(), securityPath); + + default: + throw new ArgumentOutOfRangeException(nameof(baseSecurityRule)); + } } - protected virtual ISecurityProvider CreateInternal( - DomainSecurityRule baseSecurityRule, - SecurityPath securityPath) + private ISecurityProvider Create( + TSecurityRule securityRule, + SecurityPath securityPath, + ISecurityProviderInjector defaultInjector, + IEnumerable> injectors) + where TSecurityRule : SecurityRule => + injectors.Aggregate( + defaultInjector, + (state, injector) => + { + injector.DefaultCreateFunc = state.Create; + + return injector; + }) + .Create(securityRule, securityPath); +} + +internal class InternalDomainSecurityProviderFactory( + IServiceProvider serviceProvider, + IRoleBaseSecurityProviderFactory roleBaseSecurityProviderFactory, + SecurityPath securityPath, + ISecurityProviderInjector injectors) + where TSecurityRule : SecurityRule +{ + protected virtual ISecurityProvider Create(DomainSecurityRule baseSecurityRule) { switch (baseSecurityRule) { @@ -31,98 +65,98 @@ protected virtual ISecurityProvider CreateInternal( return roleBaseSecurityProviderFactory.Create(securityRule, securityPath); case CurrentUserSecurityRule securityRule: - { - var args = new object?[] - { - securityRule.RelativePathKey == null - ? null - : new CurrentUserSecurityProviderRelativeKey(securityRule.RelativePathKey) - }.Where(arg => arg != null) - .ToArray(arg => arg!); - - return ActivatorUtilities.CreateInstance>(serviceProvider, args); - } + { + var args = new object?[] + { + securityRule.RelativePathKey == null + ? null + : new CurrentUserSecurityProviderRelativeKey(securityRule.RelativePathKey) + }.Where(arg => arg != null) + .ToArray(arg => arg!); + + return ActivatorUtilities.CreateInstance>(serviceProvider, args); + } case ProviderSecurityRule securityRule: - { - var securityProviderType = - securityRule.GenericSecurityProviderType.MakeGenericType(typeof(TDomainObject)); + { + var securityProviderType = + securityRule.GenericSecurityProviderType.MakeGenericType(typeof(TDomainObject)); - var securityProvider = securityRule.Key == null - ? serviceProvider.GetRequiredService(securityProviderType) - : serviceProvider.GetRequiredKeyedService(securityProviderType, securityRule.Key); + var securityProvider = securityRule.Key == null + ? serviceProvider.GetRequiredService(securityProviderType) + : serviceProvider.GetRequiredKeyedService(securityProviderType, securityRule.Key); - return (ISecurityProvider)securityProvider; - } + return (ISecurityProvider)securityProvider; + } case ProviderFactorySecurityRule securityRule: - { - var securityProviderFactoryType = - securityRule.GenericSecurityProviderFactoryType.MakeGenericType(typeof(TDomainObject)); + { + var securityProviderFactoryType = + securityRule.GenericSecurityProviderFactoryType.MakeGenericType(typeof(TDomainObject)); - var securityProviderFactoryUntyped = - securityRule.Key == null - ? serviceProvider.GetRequiredService(securityProviderFactoryType) - : serviceProvider.GetRequiredKeyedService(securityProviderFactoryType, securityRule.Key); + var securityProviderFactoryUntyped = + securityRule.Key == null + ? serviceProvider.GetRequiredService(securityProviderFactoryType) + : serviceProvider.GetRequiredKeyedService(securityProviderFactoryType, securityRule.Key); - var securityProviderFactory = (IFactory>)securityProviderFactoryUntyped; + var securityProviderFactory = (IFactory>)securityProviderFactoryUntyped; - return securityProviderFactory.Create(); - } + return securityProviderFactory.Create(); + } case ConditionFactorySecurityRule securityRule: - { - var conditionFactoryType = - securityRule.GenericConditionFactoryType.MakeGenericType(typeof(TDomainObject)); + { + var conditionFactoryType = + securityRule.GenericConditionFactoryType.MakeGenericType(typeof(TDomainObject)); - var conditionFactoryUntyped = serviceProvider.GetRequiredService(conditionFactoryType); + var conditionFactoryUntyped = serviceProvider.GetRequiredService(conditionFactoryType); - var conditionFactory = (IFactory>>)conditionFactoryUntyped; + var conditionFactory = (IFactory>>)conditionFactoryUntyped; - return SecurityProvider.Create(conditionFactory.Create()); - } + return SecurityProvider.Create(conditionFactory.Create()); + } case RelativeConditionSecurityRule securityRule: - { - var conditionInfo = securityRule.RelativeConditionInfo; + { + var conditionInfo = securityRule.RelativeConditionInfo; - var factoryType = typeof(RequiredRelativeConditionFactory<,>).MakeGenericType( - typeof(TDomainObject), - conditionInfo.RelativeDomainObjectType); + var factoryType = typeof(RequiredRelativeConditionFactory<,>).MakeGenericType( + typeof(TDomainObject), + conditionInfo.RelativeDomainObjectType); - var untypedConditionFactory = ActivatorUtilities.CreateInstance(serviceProvider, factoryType, conditionInfo); + var untypedConditionFactory = ActivatorUtilities.CreateInstance(serviceProvider, factoryType, conditionInfo); - var conditionFactory = (IFactory>>)untypedConditionFactory; + var conditionFactory = (IFactory>>)untypedConditionFactory; - var condition = conditionFactory.Create(); + var condition = conditionFactory.Create(); - return SecurityProvider.Create(condition); - } + return SecurityProvider.Create(condition); + } case FactorySecurityRule securityRule: - { - var dynamicRoleFactoryUntyped = serviceProvider.GetRequiredService(securityRule.RuleFactoryType); + { + var dynamicRoleFactoryUntyped = serviceProvider.GetRequiredService(securityRule.RuleFactoryType); - var dynamicRoleFactory = (IFactory)dynamicRoleFactoryUntyped; + var dynamicRoleFactory = (IFactory)dynamicRoleFactoryUntyped; - return this.CreateInternal(dynamicRoleFactory.Create(), securityPath); - } + return this.Create(dynamicRoleFactory.Create()); + } case OverrideAccessDeniedMessageSecurityRule securityRule: - { - return this.CreateInternal(securityRule.BaseSecurityRule, securityPath) - .OverrideAccessDeniedResult( - accessDeniedResult => accessDeniedResult with { CustomMessage = securityRule.CustomMessage }); - } + { + return this.Create(securityRule.BaseSecurityRule) + .OverrideAccessDeniedResult( + accessDeniedResult => accessDeniedResult with { CustomMessage = securityRule.CustomMessage }); + } case OrSecurityRule securityRule: - return this.CreateInternal(securityRule.Left, securityPath).Or(this.CreateInternal(securityRule.Right, securityPath)); + return this.Create(securityRule.Left).Or(this.Create(securityRule.Right)); case AndSecurityRule securityRule: - return this.CreateInternal(securityRule.Left, securityPath).And(this.CreateInternal(securityRule.Right, securityPath)); + return this.Create(securityRule.Left).And(this.Create(securityRule.Right)); case NegateSecurityRule securityRule: - return this.CreateInternal(securityRule.InnerRule, securityPath).Negate(); + return this.Create(securityRule.InnerRule).Negate(); case DomainModeSecurityRule: case SecurityRuleHeader: diff --git a/src/Framework.SecuritySystem/Services/IDomainSecurityProviderFactory.cs b/src/Framework.SecuritySystem/Services/IDomainSecurityProviderFactory.cs index ef44f19f3..849164202 100644 --- a/src/Framework.SecuritySystem/Services/IDomainSecurityProviderFactory.cs +++ b/src/Framework.SecuritySystem/Services/IDomainSecurityProviderFactory.cs @@ -1,8 +1,3 @@ namespace Framework.SecuritySystem.Services; -public interface IDomainSecurityProviderFactory -{ - ISecurityProvider Create( - DomainSecurityRule securityRule, - SecurityPath securityPath); -} +public interface IDomainSecurityProviderFactory : ISecurityProviderFactory; diff --git a/src/Framework.SecuritySystem/Services/ISecurityProviderFactory.cs b/src/Framework.SecuritySystem/Services/ISecurityProviderFactory.cs new file mode 100644 index 000000000..90d462b0a --- /dev/null +++ b/src/Framework.SecuritySystem/Services/ISecurityProviderFactory.cs @@ -0,0 +1,7 @@ +namespace Framework.SecuritySystem.Services; + +public interface ISecurityProviderFactory + where TSecurityRule : SecurityRule +{ + ISecurityProvider Create(TSecurityRule securityRule, SecurityPath securityPath); +} diff --git a/src/Framework.SecuritySystem/Services/ISecurityProviderInjector.cs b/src/Framework.SecuritySystem/Services/ISecurityProviderInjector.cs new file mode 100644 index 000000000..a629ba7af --- /dev/null +++ b/src/Framework.SecuritySystem/Services/ISecurityProviderInjector.cs @@ -0,0 +1,15 @@ +namespace Framework.SecuritySystem.Services; + +public interface ISecurityProviderInjector : ISecurityProviderFactory + where TSecurityRule : SecurityRule; + + +public class SecurityProviderInjector : ISecurityProviderInjector + where TSecurityRule : SecurityRule +{ + internal Func, ISecurityProvider> DefaultCreateFunc { get; set; } = default!; + + + public virtual ISecurityProvider Create(TSecurityRule securityRule, SecurityPath securityPath) => + this.DefaultCreateFunc.Invoke(securityRule, securityPath); +} From 6c7b9c302a7a4b962efac421cad35b0aa09ba947 Mon Sep 17 00:00:00 2001 From: "Atsuta, Ivan" Date: Tue, 29 Oct 2024 16:15:04 +0100 Subject: [PATCH 2/5] upd --- .../CurrentUserSecurityProviderFactory.cs} | 6 +++--- .../DependencyBaseSecurityProviderInjector.cs | 6 +++--- .../DependencySecurityProviderInjector.cs | 6 +++--- .../ISecurityProviderFactory.cs | 2 +- .../ISecurityProviderInjector.cs | 7 +++++++ .../RoleBaseSecurityProviderInjector.cs | 11 ++++++++++ .../SecurityProviderFactory.cs | 16 ++++++++++++++ ...typedDependencySecurityProviderInjector.cs | 10 ++++----- .../RoleBaseSecurityProviderInjector.cs | 12 ----------- .../Services/DomainSecurityProviderFactory.cs | 21 +++++++------------ .../IDomainSecurityProviderFactory.cs | 4 +++- .../Services/ISecurityProviderInjector.cs | 15 ------------- 12 files changed, 59 insertions(+), 57 deletions(-) rename src/Framework.SecuritySystem/{Services/DefaultInjectors/CurrentUserSecurityProviderInjector.cs => ProviderFactories/CurrentUserSecurityProviderFactory.cs} (77%) rename src/Framework.SecuritySystem/{Services/DefaultInjectors => ProviderFactories}/DependencyBaseSecurityProviderInjector.cs (83%) rename src/Framework.SecuritySystem/{Services/DefaultInjectors => ProviderFactories}/DependencySecurityProviderInjector.cs (77%) rename src/Framework.SecuritySystem/{Services => ProviderFactories}/ISecurityProviderFactory.cs (80%) create mode 100644 src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderInjector.cs create mode 100644 src/Framework.SecuritySystem/ProviderFactories/RoleBaseSecurityProviderInjector.cs create mode 100644 src/Framework.SecuritySystem/ProviderFactories/SecurityProviderFactory.cs rename src/Framework.SecuritySystem/{Services/DefaultInjectors => ProviderFactories}/UntypedDependencySecurityProviderInjector.cs (72%) delete mode 100644 src/Framework.SecuritySystem/Services/DefaultInjectors/RoleBaseSecurityProviderInjector.cs delete mode 100644 src/Framework.SecuritySystem/Services/ISecurityProviderInjector.cs diff --git a/src/Framework.SecuritySystem/Services/DefaultInjectors/CurrentUserSecurityProviderInjector.cs b/src/Framework.SecuritySystem/ProviderFactories/CurrentUserSecurityProviderFactory.cs similarity index 77% rename from src/Framework.SecuritySystem/Services/DefaultInjectors/CurrentUserSecurityProviderInjector.cs rename to src/Framework.SecuritySystem/ProviderFactories/CurrentUserSecurityProviderFactory.cs index 592e56aad..ea8c8e4a0 100644 --- a/src/Framework.SecuritySystem/Services/DefaultInjectors/CurrentUserSecurityProviderInjector.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/CurrentUserSecurityProviderFactory.cs @@ -3,11 +3,11 @@ using Microsoft.Extensions.DependencyInjection; -namespace Framework.SecuritySystem.Services.DefaultInjectors; +namespace Framework.SecuritySystem.ProviderFactories; -public class CurrentUserSecurityProviderInjector( +public class CurrentUserSecurityProviderFactory( IServiceProvider serviceProvider) - : ISecurityProviderInjector + : ISecurityProviderFactory { public ISecurityProvider Create(DomainSecurityRule.CurrentUserSecurityRule securityRule, SecurityPath securityPath) { diff --git a/src/Framework.SecuritySystem/Services/DefaultInjectors/DependencyBaseSecurityProviderInjector.cs b/src/Framework.SecuritySystem/ProviderFactories/DependencyBaseSecurityProviderInjector.cs similarity index 83% rename from src/Framework.SecuritySystem/Services/DefaultInjectors/DependencyBaseSecurityProviderInjector.cs rename to src/Framework.SecuritySystem/ProviderFactories/DependencyBaseSecurityProviderInjector.cs index b1a6c309c..b224ce1f8 100644 --- a/src/Framework.SecuritySystem/Services/DefaultInjectors/DependencyBaseSecurityProviderInjector.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/DependencyBaseSecurityProviderInjector.cs @@ -1,12 +1,12 @@ using Framework.SecuritySystem.Expanders; -namespace Framework.SecuritySystem.Services.DefaultInjectors; +namespace Framework.SecuritySystem.ProviderFactories; public abstract class - DependencyBaseSecurityProviderInjector( + DependencyBaseSecurityProviderFactory( ISecurityModeExpander securityRuleExpander, IDomainSecurityService baseDomainSecurityService) - : ISecurityProviderInjector + : ISecurityProviderFactory { public ISecurityProvider Create(SecurityRule securityRule, SecurityPath securityPath) { diff --git a/src/Framework.SecuritySystem/Services/DefaultInjectors/DependencySecurityProviderInjector.cs b/src/Framework.SecuritySystem/ProviderFactories/DependencySecurityProviderInjector.cs similarity index 77% rename from src/Framework.SecuritySystem/Services/DefaultInjectors/DependencySecurityProviderInjector.cs rename to src/Framework.SecuritySystem/ProviderFactories/DependencySecurityProviderInjector.cs index 60d0ab05f..ffb9c6601 100644 --- a/src/Framework.SecuritySystem/Services/DefaultInjectors/DependencySecurityProviderInjector.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/DependencySecurityProviderInjector.cs @@ -1,14 +1,14 @@ using Framework.QueryableSource; using Framework.SecuritySystem.Expanders; -namespace Framework.SecuritySystem.Services.DefaultInjectors; +namespace Framework.SecuritySystem.ProviderFactories; -public class DependencySecurityProviderInjector( +public class DependencySecurityProviderFactory( ISecurityModeExpander securityRuleExpander, IDomainSecurityService baseDomainSecurityService, IQueryableSource queryableSource, IRelativeDomainPathInfo pathInfo) - : DependencyBaseSecurityProviderInjector(securityRuleExpander, baseDomainSecurityService) { protected override ISecurityProvider CreateDependencySecurityProvider(ISecurityProvider baseProvider) diff --git a/src/Framework.SecuritySystem/Services/ISecurityProviderFactory.cs b/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderFactory.cs similarity index 80% rename from src/Framework.SecuritySystem/Services/ISecurityProviderFactory.cs rename to src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderFactory.cs index 90d462b0a..9725046f6 100644 --- a/src/Framework.SecuritySystem/Services/ISecurityProviderFactory.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderFactory.cs @@ -1,4 +1,4 @@ -namespace Framework.SecuritySystem.Services; +namespace Framework.SecuritySystem.ProviderFactories; public interface ISecurityProviderFactory where TSecurityRule : SecurityRule diff --git a/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderInjector.cs b/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderInjector.cs new file mode 100644 index 000000000..1a7185abe --- /dev/null +++ b/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderInjector.cs @@ -0,0 +1,7 @@ +namespace Framework.SecuritySystem.ProviderFactories; + +public interface ISecurityProviderInjector + where TSecurityRule : SecurityRule +{ + ISecurityProviderFactory Inject(ISecurityProviderFactory baseFactory); +} diff --git a/src/Framework.SecuritySystem/ProviderFactories/RoleBaseSecurityProviderInjector.cs b/src/Framework.SecuritySystem/ProviderFactories/RoleBaseSecurityProviderInjector.cs new file mode 100644 index 000000000..1f7e753d3 --- /dev/null +++ b/src/Framework.SecuritySystem/ProviderFactories/RoleBaseSecurityProviderInjector.cs @@ -0,0 +1,11 @@ +using Framework.SecuritySystem.Services; + +namespace Framework.SecuritySystem.ProviderFactories; + +public class RoleBaseSecurityProviderFactory( + IRoleBaseSecurityProviderFactory roleBaseSecurityProviderFactory) + : ISecurityProviderFactory +{ + public ISecurityProvider Create(DomainSecurityRule.RoleBaseSecurityRule securityRule, SecurityPath securityPath) => + roleBaseSecurityProviderFactory.Create(securityRule, securityPath); +} diff --git a/src/Framework.SecuritySystem/ProviderFactories/SecurityProviderFactory.cs b/src/Framework.SecuritySystem/ProviderFactories/SecurityProviderFactory.cs new file mode 100644 index 000000000..0e3a3bcda --- /dev/null +++ b/src/Framework.SecuritySystem/ProviderFactories/SecurityProviderFactory.cs @@ -0,0 +1,16 @@ +namespace Framework.SecuritySystem.ProviderFactories; + +public class SecurityProviderFactory( + Func, ISecurityProvider> createFunc) + : ISecurityProviderFactory + where TSecurityRule : SecurityRule +{ + public ISecurityProvider Create(TSecurityRule securityRule, SecurityPath securityPath) + { + return createFunc(securityRule, securityPath); + } + + public static ISecurityProviderFactory Create( + Func, ISecurityProvider> createFunc) => + new SecurityProviderFactory(createFunc); +} diff --git a/src/Framework.SecuritySystem/Services/DefaultInjectors/UntypedDependencySecurityProviderInjector.cs b/src/Framework.SecuritySystem/ProviderFactories/UntypedDependencySecurityProviderInjector.cs similarity index 72% rename from src/Framework.SecuritySystem/Services/DefaultInjectors/UntypedDependencySecurityProviderInjector.cs rename to src/Framework.SecuritySystem/ProviderFactories/UntypedDependencySecurityProviderInjector.cs index ecec0e41a..33ce45a2f 100644 --- a/src/Framework.SecuritySystem/Services/DefaultInjectors/UntypedDependencySecurityProviderInjector.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/UntypedDependencySecurityProviderInjector.cs @@ -2,20 +2,20 @@ using Framework.QueryableSource; using Framework.SecuritySystem.Expanders; -namespace Framework.SecuritySystem.Services.DefaultInjectors; +namespace Framework.SecuritySystem.ProviderFactories; -public class UntypedDependencySecurityProviderInjector( +public class UntypedDependencySecurityProviderFactory( ISecurityModeExpander securityRuleExpander, IDomainSecurityService baseDomainSecurityService, IQueryableSource queryableSource) - : DependencyBaseSecurityProviderInjector(securityRuleExpander, baseDomainSecurityService) where TDomainObject : IIdentityObject where TBaseDomainObject : class, IIdentityObject { protected override ISecurityProvider CreateDependencySecurityProvider(ISecurityProvider baseProvider) { return new UntypedDependencySecurityProvider( - baseProvider, - queryableSource); + baseProvider, + queryableSource); } } diff --git a/src/Framework.SecuritySystem/Services/DefaultInjectors/RoleBaseSecurityProviderInjector.cs b/src/Framework.SecuritySystem/Services/DefaultInjectors/RoleBaseSecurityProviderInjector.cs deleted file mode 100644 index 90ede5676..000000000 --- a/src/Framework.SecuritySystem/Services/DefaultInjectors/RoleBaseSecurityProviderInjector.cs +++ /dev/null @@ -1,12 +0,0 @@ -using static Framework.SecuritySystem.DomainSecurityRule; - -namespace Framework.SecuritySystem.Services.DefaultInjectors; - - -public class RoleBaseSecurityProviderInjector( - IRoleBaseSecurityProviderFactory roleBaseSecurityProviderFactory) - : ISecurityProviderInjector -{ - public ISecurityProvider Create(RoleBaseSecurityRule securityRule, SecurityPath securityPath) => - roleBaseSecurityProviderFactory.Create(securityRule, securityPath); -} diff --git a/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs b/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs index e02afce9e..bb60d2a01 100644 --- a/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs +++ b/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs @@ -6,18 +6,19 @@ using Framework.SecuritySystem.UserSource; using static Framework.SecuritySystem.DomainSecurityRule; +using Framework.SecuritySystem.ProviderFactories; namespace Framework.SecuritySystem.Services; public class DomainSecurityProviderFactory( IServiceProvider serviceProvider, - ISecurityRuleDeepOptimizer deepOptimizer, - IRoleBaseSecurityProviderFactory roleBaseSecurityProviderFactory) : IDomainSecurityProviderFactory + ISecurityRuleDeepOptimizer deepOptimizer) : IDomainSecurityProviderFactory { public ISecurityProvider Create(SecurityRule securityRule, SecurityPath securityPath) { - var injectors = serviceProvider.GetRequiredService(typeof(IEnumerable<>).MakeGenericType(securityRule.GetType())); + var injectorType = typeof(ISecurityProviderInjector<,>).MakeGenericType(typeof(TDomainObject), securityRule.GetType()); + var injectors = serviceProvider.GetRequiredService(typeof(IEnumerable<>).MakeGenericType(injectorType)); switch (baseSecurityRule) @@ -36,18 +37,10 @@ public ISecurityProvider Create(SecurityRule securityRule, Securi private ISecurityProvider Create( TSecurityRule securityRule, SecurityPath securityPath, - ISecurityProviderInjector defaultInjector, - IEnumerable> injectors) + ISecurityProviderFactory defaultFactory, + IEnumerable> injectors) where TSecurityRule : SecurityRule => - injectors.Aggregate( - defaultInjector, - (state, injector) => - { - injector.DefaultCreateFunc = state.Create; - - return injector; - }) - .Create(securityRule, securityPath); + injectors.Aggregate(defaultFactory, (state, injector) => injector.Inject(state)).Create(securityRule, securityPath); } internal class InternalDomainSecurityProviderFactory( diff --git a/src/Framework.SecuritySystem/Services/IDomainSecurityProviderFactory.cs b/src/Framework.SecuritySystem/Services/IDomainSecurityProviderFactory.cs index 849164202..171563262 100644 --- a/src/Framework.SecuritySystem/Services/IDomainSecurityProviderFactory.cs +++ b/src/Framework.SecuritySystem/Services/IDomainSecurityProviderFactory.cs @@ -1,3 +1,5 @@ -namespace Framework.SecuritySystem.Services; +using Framework.SecuritySystem.ProviderFactories; + +namespace Framework.SecuritySystem.Services; public interface IDomainSecurityProviderFactory : ISecurityProviderFactory; diff --git a/src/Framework.SecuritySystem/Services/ISecurityProviderInjector.cs b/src/Framework.SecuritySystem/Services/ISecurityProviderInjector.cs deleted file mode 100644 index a629ba7af..000000000 --- a/src/Framework.SecuritySystem/Services/ISecurityProviderInjector.cs +++ /dev/null @@ -1,15 +0,0 @@ -namespace Framework.SecuritySystem.Services; - -public interface ISecurityProviderInjector : ISecurityProviderFactory - where TSecurityRule : SecurityRule; - - -public class SecurityProviderInjector : ISecurityProviderInjector - where TSecurityRule : SecurityRule -{ - internal Func, ISecurityProvider> DefaultCreateFunc { get; set; } = default!; - - - public virtual ISecurityProvider Create(TSecurityRule securityRule, SecurityPath securityPath) => - this.DefaultCreateFunc.Invoke(securityRule, securityPath); -} From 71841b2ba7b40f648509bede2fc1ee15b133381f Mon Sep 17 00:00:00 2001 From: "Atsuta, Ivan" Date: Tue, 29 Oct 2024 16:38:52 +0100 Subject: [PATCH 3/5] tmp2 --- .../DomainSecurityServiceWithFunctor.cs | 3 ++- .../IDomainSecurityServiceBuilder.cs | 4 +++- .../IDomainSecurityServiceMetadata.cs | 11 +++++++-- .../IOverrideSecurityProviderFunctor.cs | 12 ---------- .../ISecurityProviderInjector.cs | 12 ++++++++-- .../Services/DomainSecurityProviderFactory.cs | 24 +++++++++++++++++++ 6 files changed, 48 insertions(+), 18 deletions(-) delete mode 100644 src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IOverrideSecurityProviderFunctor.cs diff --git a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceWithFunctor.cs b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceWithFunctor.cs index 6d13b0baf..901479126 100644 --- a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceWithFunctor.cs +++ b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceWithFunctor.cs @@ -1,11 +1,12 @@ using Framework.SecuritySystem.Expanders; +using Framework.SecuritySystem.ProviderFactories; namespace Framework.SecuritySystem.DependencyInjection.DomainSecurityServiceBuilder; public class DomainSecurityServiceWithFunctor( ISecurityRuleExpander securityRuleExpander, TOriginalDomainSecurityService originalDomainSecurityService, - IEnumerable> functorList) + IEnumerable> injectors) : DomainSecurityService(securityRuleExpander) where TOriginalDomainSecurityService : IDomainSecurityService { diff --git a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IDomainSecurityServiceBuilder.cs b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IDomainSecurityServiceBuilder.cs index 0991a85de..a996c0623 100644 --- a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IDomainSecurityServiceBuilder.cs +++ b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IDomainSecurityServiceBuilder.cs @@ -1,5 +1,7 @@ using System.Linq.Expressions; +using Framework.SecuritySystem.ProviderFactories; + using Microsoft.Extensions.DependencyInjection; namespace Framework.SecuritySystem.DependencyInjection.DomainSecurityServiceBuilder; @@ -40,7 +42,7 @@ IDomainSecurityServiceBuilder SetCustomService; IDomainSecurityServiceBuilder Override() - where TSecurityFunctor : IOverrideSecurityProviderFunctor; + where TSecurityFunctor : ISecurityProviderInjector; } public interface IDomainSecurityServiceBuilder diff --git a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IDomainSecurityServiceMetadata.cs b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IDomainSecurityServiceMetadata.cs index a5af1816b..8f24a741f 100644 --- a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IDomainSecurityServiceMetadata.cs +++ b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IDomainSecurityServiceMetadata.cs @@ -1,6 +1,13 @@ -namespace Framework.SecuritySystem.DependencyInjection.DomainSecurityServiceBuilder; +using Framework.SecuritySystem.ProviderFactories; -public interface IDomainSecurityServiceMetadata : IDomainSecurityServiceMetadata, IOverrideSecurityProviderFunctor +namespace Framework.SecuritySystem.DependencyInjection.DomainSecurityServiceBuilder; + +public interface IDomainSecurityServiceMetadata : + IDomainSecurityServiceMetadata, + ISecurityProviderInjector, + ISecurityProviderInjector, + ISecurityProviderInjector, + ISecurityProviderInjector { static Type IDomainSecurityServiceMetadata.DomainType { get; } = typeof(TDomainObject); diff --git a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IOverrideSecurityProviderFunctor.cs b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IOverrideSecurityProviderFunctor.cs deleted file mode 100644 index 1fb78ec5a..000000000 --- a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IOverrideSecurityProviderFunctor.cs +++ /dev/null @@ -1,12 +0,0 @@ -namespace Framework.SecuritySystem.DependencyInjection.DomainSecurityServiceBuilder; - -public interface IOverrideSecurityProviderFunctor -{ - ISecurityProvider OverrideSecurityProvider(ISecurityProvider baseProvider, SecurityRule.ModeSecurityRule securityRule) => baseProvider; - - ISecurityProvider OverrideSecurityProvider(ISecurityProvider baseProvider, DomainSecurityRule.OperationSecurityRule securityRule) => baseProvider; - - ISecurityProvider OverrideSecurityProvider(ISecurityProvider baseProvider, DomainSecurityRule.NonExpandedRolesSecurityRule securityRule) => baseProvider; - - ISecurityProvider OverrideSecurityProvider(ISecurityProvider baseProvider, DomainSecurityRule.ExpandedRolesSecurityRule securityRule) => baseProvider; -} diff --git a/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderInjector.cs b/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderInjector.cs index 1a7185abe..9398cbc1a 100644 --- a/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderInjector.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderInjector.cs @@ -1,7 +1,15 @@ namespace Framework.SecuritySystem.ProviderFactories; -public interface ISecurityProviderInjector +public interface ISecurityProviderInjector : ISecurityProviderInjector where TSecurityRule : SecurityRule { - ISecurityProviderFactory Inject(ISecurityProviderFactory baseFactory); + Type ISecurityProviderInjector.SecurityRuleType => typeof(TSecurityRule); + + + ISecurityProviderFactory Inject(ISecurityProviderFactory baseFactory) => baseFactory; +} + +public interface ISecurityProviderInjector +{ + Type SecurityRuleType { get; } } diff --git a/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs b/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs index bb60d2a01..a20f870a9 100644 --- a/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs +++ b/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs @@ -18,6 +18,8 @@ public ISecurityProvider Create(SecurityRule securityRule, Securi { var injectorType = typeof(ISecurityProviderInjector<,>).MakeGenericType(typeof(TDomainObject), securityRule.GetType()); + var defaultFactory = serviceProvider.GetRequiredService(typeof(IEnumerable<>).MakeGenericType(injectorType)); + var injectors = serviceProvider.GetRequiredService(typeof(IEnumerable<>).MakeGenericType(injectorType)); @@ -34,6 +36,28 @@ public ISecurityProvider Create(SecurityRule securityRule, Securi } } + private class InternalDomainSecurityProviderFactory( + DomainSecurityProviderFactory rootFactory, + ISecurityProviderFactory defaultFactory, + IEnumerable> injectors, + ISecurityRuleDeepOptimizer deepOptimizer, + TSecurityRule securityRule, + SecurityPath securityPath) : IFactory> + where TSecurityRule : SecurityRule + { + public ISecurityProvider Create() + { + if (!injectors.Any()) + { + + } + else + { + injectors.Aggregate(defaultFactory, (state, injector) => injector.Inject(state)).Create(securityRule, securityPath); + } + } + } + private ISecurityProvider Create( TSecurityRule securityRule, SecurityPath securityPath, From d8d6e09132c7631ce7979f92415d922fe0ea7821 Mon Sep 17 00:00:00 2001 From: "Atsuta, Ivan" Date: Tue, 5 Nov 2024 19:18:55 +0100 Subject: [PATCH 4/5] upd --- .../Expanders/ISecurityRuleExpander.cs | 2 +- .../SecurityModeExpanderExtensions.cs | 5 ++ .../Expanders/SecurityRuleExpandSettings.cs | 13 ++++ .../DomainSecurityServiceWithFunctor.cs | 55 ---------------- .../ContextDomainSecurityService.cs | 18 ----- .../DependencyDomainSecurityService.cs | 22 ------- .../UntypedDependencyDomainSecurityService.cs | 23 ------- .../DependencyDomainSecurityServiceBase.cs | 24 ------- .../DomainServices/DomainSecurityService.cs | 65 ++++--------------- ...Expande.cs => RootSecurityRuleExpander.cs} | 18 ++++- .../CurrentUserSecurityProviderFactory.cs | 2 +- .../DependencyBaseSecurityProviderInjector.cs | 6 +- .../IDefaultSecurityProviderFactory.cs | 7 ++ .../RoleBaseSecurityProviderInjector.cs | 2 +- ...TypedDependencySecurityProviderFactory.cs} | 2 +- ...typedDependencySecurityProviderInjector.cs | 4 +- .../Services/DomainSecurityProviderFactory.cs | 27 +++++++- .../Services/ISecurityRuleDeepOptimizer.cs | 6 +- .../Services/ISecurityRuleTypeResolver.cs | 5 ++ .../Services/SecurityRuleDeepOptimizer.cs | 14 ++-- .../Services/SecurityRuleTypeResolver.cs | 11 ++++ 21 files changed, 113 insertions(+), 218 deletions(-) create mode 100644 src/Framework.SecuritySystem.Abstract/Expanders/SecurityRuleExpandSettings.cs delete mode 100644 src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceWithFunctor.cs delete mode 100644 src/Framework.SecuritySystem/DomainServices/ContextDomainSecurityService.cs delete mode 100644 src/Framework.SecuritySystem/DomainServices/DependencySecurity/DependencyDomainSecurityService.cs delete mode 100644 src/Framework.SecuritySystem/DomainServices/DependencySecurity/UntypedDependencyDomainSecurityService.cs delete mode 100644 src/Framework.SecuritySystem/DomainServices/DependencySecurity/_Base/DependencyDomainSecurityServiceBase.cs rename src/Framework.SecuritySystem/Expanders/{RootSecurityRuleExpande.cs => RootSecurityRuleExpander.cs} (85%) create mode 100644 src/Framework.SecuritySystem/ProviderFactories/IDefaultSecurityProviderFactory.cs rename src/Framework.SecuritySystem/ProviderFactories/{DependencySecurityProviderInjector.cs => TypedDependencySecurityProviderFactory.cs} (90%) create mode 100644 src/Framework.SecuritySystem/Services/ISecurityRuleTypeResolver.cs create mode 100644 src/Framework.SecuritySystem/Services/SecurityRuleTypeResolver.cs diff --git a/src/Framework.SecuritySystem.Abstract/Expanders/ISecurityRuleExpander.cs b/src/Framework.SecuritySystem.Abstract/Expanders/ISecurityRuleExpander.cs index fab9bb2a5..eeab77106 100644 --- a/src/Framework.SecuritySystem.Abstract/Expanders/ISecurityRuleExpander.cs +++ b/src/Framework.SecuritySystem.Abstract/Expanders/ISecurityRuleExpander.cs @@ -9,5 +9,5 @@ public interface ISecurityRuleExpander : ISecurityModeExpander, { DomainSecurityRule.ExpandedRolesSecurityRule FullRoleExpand(DomainSecurityRule.RoleBaseSecurityRule securityRule); - DomainSecurityRule FullDomainExpand(DomainSecurityRule securityRule); + DomainSecurityRule FullDomainExpand(DomainSecurityRule securityRule, SecurityRuleExpandSettings? settings = null); } diff --git a/src/Framework.SecuritySystem.Abstract/Expanders/SecurityModeExpanderExtensions.cs b/src/Framework.SecuritySystem.Abstract/Expanders/SecurityModeExpanderExtensions.cs index da3e428a4..2ed331519 100644 --- a/src/Framework.SecuritySystem.Abstract/Expanders/SecurityModeExpanderExtensions.cs +++ b/src/Framework.SecuritySystem.Abstract/Expanders/SecurityModeExpanderExtensions.cs @@ -9,4 +9,9 @@ public static DomainSecurityRule Expand(this ISecurityModeExpander expander, Dom nameof(securityRule), $"{nameof(SecurityRule)} with mode '{securityRule}' not found for type '{securityRule.DomainType.Name}'"); } + + public static DomainSecurityRule? TryExpand(this ISecurityModeExpander expander, SecurityRule.ModeSecurityRule securityRule) + { + return expander.TryExpand(securityRule.ToDomain()); + } } diff --git a/src/Framework.SecuritySystem.Abstract/Expanders/SecurityRuleExpandSettings.cs b/src/Framework.SecuritySystem.Abstract/Expanders/SecurityRuleExpandSettings.cs new file mode 100644 index 000000000..1d78447bb --- /dev/null +++ b/src/Framework.SecuritySystem.Abstract/Expanders/SecurityRuleExpandSettings.cs @@ -0,0 +1,13 @@ +using Framework.Core; + +namespace Framework.SecuritySystem.Expanders; + +public record SecurityRuleExpandSettings(DeepEqualsCollection IgnoredTypes) +{ + public SecurityRuleExpandSettings(IEnumerable ignoredTypes) + : this(DeepEqualsCollection.Create(ignoredTypes)) + { + } + + public static SecurityRuleExpandSettings Disabled { get; } = new(new[] { typeof(SecurityRule) }); +} diff --git a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceWithFunctor.cs b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceWithFunctor.cs deleted file mode 100644 index 901479126..000000000 --- a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceWithFunctor.cs +++ /dev/null @@ -1,55 +0,0 @@ -using Framework.SecuritySystem.Expanders; -using Framework.SecuritySystem.ProviderFactories; - -namespace Framework.SecuritySystem.DependencyInjection.DomainSecurityServiceBuilder; - -public class DomainSecurityServiceWithFunctor( - ISecurityRuleExpander securityRuleExpander, - TOriginalDomainSecurityService originalDomainSecurityService, - IEnumerable> injectors) - : DomainSecurityService(securityRuleExpander) - where TOriginalDomainSecurityService : IDomainSecurityService -{ - protected override ISecurityProvider CreateSecurityProvider(SecurityRule.ModeSecurityRule securityRule) - { - var actualSecurityRule = (SecurityRule?)securityRuleExpander.TryExpand(securityRule.ToDomain()) ?? securityRule; - - var originalSecurityProvider = originalDomainSecurityService.GetSecurityProvider(actualSecurityRule); - - return functorList.Aggregate( - originalSecurityProvider, - (provider, functor) => functor.OverrideSecurityProvider(provider, securityRule)); - } - - protected override ISecurityProvider CreateSecurityProvider(DomainSecurityRule.OperationSecurityRule securityRule) - { - var originalSecurityProvider = originalDomainSecurityService.GetSecurityProvider(securityRule); - - return functorList.Aggregate( - originalSecurityProvider, - (provider, functor) => functor.OverrideSecurityProvider(provider, securityRule)); - } - - protected override ISecurityProvider CreateSecurityProvider(DomainSecurityRule.NonExpandedRolesSecurityRule securityRule) - { - var originalSecurityProvider = originalDomainSecurityService.GetSecurityProvider(securityRule); - - return functorList.Aggregate( - originalSecurityProvider, - (provider, functor) => functor.OverrideSecurityProvider(provider, securityRule)); - } - - protected override ISecurityProvider CreateSecurityProvider(DomainSecurityRule.ExpandedRolesSecurityRule securityRule) - { - var originalSecurityProvider = originalDomainSecurityService.GetSecurityProvider(securityRule); - - return functorList.Aggregate( - originalSecurityProvider, - (provider, functor) => functor.OverrideSecurityProvider(provider, securityRule)); - } - - protected override ISecurityProvider CreateFinalSecurityProvider(DomainSecurityRule securityRule) - { - return originalDomainSecurityService.GetSecurityProvider(securityRule); - } -} diff --git a/src/Framework.SecuritySystem/DomainServices/ContextDomainSecurityService.cs b/src/Framework.SecuritySystem/DomainServices/ContextDomainSecurityService.cs deleted file mode 100644 index dece7d37c..000000000 --- a/src/Framework.SecuritySystem/DomainServices/ContextDomainSecurityService.cs +++ /dev/null @@ -1,18 +0,0 @@ -using Framework.SecuritySystem.Expanders; -using Framework.SecuritySystem.Services; - -namespace Framework.SecuritySystem; - -public class ContextDomainSecurityService( - ISecurityRuleExpander securityRuleExpander, - IDomainSecurityProviderFactory domainSecurityProviderFactory, - SecurityPath? securityPath = null) - : DomainSecurityService(securityRuleExpander) -{ - protected virtual ISecurityProvider Create( - DomainSecurityRule securityRule, - SecurityPath customSecurityPath) => domainSecurityProviderFactory.Create(securityRule, customSecurityPath); - - protected override ISecurityProvider CreateFinalSecurityProvider(DomainSecurityRule securityRule) => - this.Create(securityRule, securityPath ?? SecurityPath.Empty); -} diff --git a/src/Framework.SecuritySystem/DomainServices/DependencySecurity/DependencyDomainSecurityService.cs b/src/Framework.SecuritySystem/DomainServices/DependencySecurity/DependencyDomainSecurityService.cs deleted file mode 100644 index 9f8c48918..000000000 --- a/src/Framework.SecuritySystem/DomainServices/DependencySecurity/DependencyDomainSecurityService.cs +++ /dev/null @@ -1,22 +0,0 @@ -using Framework.QueryableSource; -using Framework.SecuritySystem.Expanders; - -namespace Framework.SecuritySystem; - -public class DependencyDomainSecurityService( - ISecurityRuleExpander securityRuleExpander, - IDomainSecurityService baseDomainSecurityService, - IQueryableSource queryableSource, - IRelativeDomainPathInfo pathInfo) - : DependencyDomainSecurityServiceBase( - securityRuleExpander, - baseDomainSecurityService) -{ - protected override ISecurityProvider CreateDependencySecurityProvider(ISecurityProvider baseProvider) - { - return new DependencySecurityProvider( - baseProvider, - pathInfo.Path, - queryableSource); - } -} diff --git a/src/Framework.SecuritySystem/DomainServices/DependencySecurity/UntypedDependencyDomainSecurityService.cs b/src/Framework.SecuritySystem/DomainServices/DependencySecurity/UntypedDependencyDomainSecurityService.cs deleted file mode 100644 index 9d6ec0268..000000000 --- a/src/Framework.SecuritySystem/DomainServices/DependencySecurity/UntypedDependencyDomainSecurityService.cs +++ /dev/null @@ -1,23 +0,0 @@ -using Framework.Persistent; -using Framework.QueryableSource; -using Framework.SecuritySystem.Expanders; - -namespace Framework.SecuritySystem; - -public class UntypedDependencyDomainSecurityService( - ISecurityRuleExpander securityRuleExpander, - IDomainSecurityService baseDomainSecurityService, - IQueryableSource queryableSource) - : DependencyDomainSecurityServiceBase( - securityRuleExpander, - baseDomainSecurityService) - where TDomainObject : IIdentityObject - where TBaseDomainObject : class, IIdentityObject -{ - protected override ISecurityProvider CreateDependencySecurityProvider(ISecurityProvider baseProvider) - { - return new UntypedDependencySecurityProvider( - baseProvider, - queryableSource); - } -} diff --git a/src/Framework.SecuritySystem/DomainServices/DependencySecurity/_Base/DependencyDomainSecurityServiceBase.cs b/src/Framework.SecuritySystem/DomainServices/DependencySecurity/_Base/DependencyDomainSecurityServiceBase.cs deleted file mode 100644 index b186a1342..000000000 --- a/src/Framework.SecuritySystem/DomainServices/DependencySecurity/_Base/DependencyDomainSecurityServiceBase.cs +++ /dev/null @@ -1,24 +0,0 @@ -using Framework.SecuritySystem.Expanders; - -namespace Framework.SecuritySystem; - -public abstract class DependencyDomainSecurityServiceBase( - ISecurityRuleExpander securityRuleExpander, - IDomainSecurityService baseDomainSecurityService) - : DomainSecurityServiceBase -{ - protected override ISecurityProvider CreateSecurityProvider(SecurityRule securityRule) - { - if (securityRule is SecurityRule.ModeSecurityRule modeSecurityRule - && securityRuleExpander.TryExpand(modeSecurityRule.ToDomain()) is { } customSecurityRule) - { - return this.CreateSecurityProvider(customSecurityRule); - } - else - { - return this.CreateDependencySecurityProvider(baseDomainSecurityService.GetSecurityProvider(securityRule)); - } - } - - protected abstract ISecurityProvider CreateDependencySecurityProvider(ISecurityProvider baseProvider); -} diff --git a/src/Framework.SecuritySystem/DomainServices/DomainSecurityService.cs b/src/Framework.SecuritySystem/DomainServices/DomainSecurityService.cs index e041eab41..8ac5db03d 100644 --- a/src/Framework.SecuritySystem/DomainServices/DomainSecurityService.cs +++ b/src/Framework.SecuritySystem/DomainServices/DomainSecurityService.cs @@ -1,60 +1,17 @@ -using Framework.SecuritySystem.Expanders; - -using static Framework.SecuritySystem.DomainSecurityRule; +using Framework.SecuritySystem.Services; namespace Framework.SecuritySystem; -public abstract class DomainSecurityService(ISecurityRuleExpander securityRuleExpander) : DomainSecurityServiceBase +public class DomainSecurityService( + IDomainSecurityProviderFactory domainSecurityProviderFactory, + SecurityPath? securityPath = null) + : DomainSecurityServiceBase { - protected sealed override ISecurityProvider CreateSecurityProvider(SecurityRule baseSecurityRule) - { - switch (baseSecurityRule) - { - case SecurityRule.ModeSecurityRule securityRule: - return this.CreateSecurityProvider(securityRule); - - case DomainModeSecurityRule securityRule: - return this.CreateSecurityProvider(securityRuleExpander.Expand(securityRule)); - - case ClientSecurityRule securityRule: - return this.CreateSecurityProvider(securityRuleExpander.Expand(securityRule)); - - case OperationSecurityRule securityRule: - return this.CreateSecurityProvider(securityRule); - - case NonExpandedRolesSecurityRule securityRule: - return this.CreateSecurityProvider(securityRule); - - case ExpandedRolesSecurityRule securityRule: - return this.CreateSecurityProvider(securityRule); - - case DomainSecurityRule securityRule: - return this.CreateFinalSecurityProvider(securityRule); - - default: - throw new ArgumentOutOfRangeException(nameof(baseSecurityRule)); - } - } - - protected virtual ISecurityProvider CreateSecurityProvider(SecurityRule.ModeSecurityRule securityRule) - { - return this.GetSecurityProvider(securityRule.ToDomain()); - } - - protected virtual ISecurityProvider CreateSecurityProvider(OperationSecurityRule securityRule) - { - return this.GetSecurityProvider(securityRuleExpander.Expand(securityRule)); - } - - protected virtual ISecurityProvider CreateSecurityProvider(NonExpandedRolesSecurityRule securityRule) - { - return this.GetSecurityProvider(securityRuleExpander.Expand(securityRule)); - } - - protected virtual ISecurityProvider CreateSecurityProvider(ExpandedRolesSecurityRule securityRule) - { - return this.CreateFinalSecurityProvider(securityRule); - } + protected virtual ISecurityProvider CreateSecurityProvider( + SecurityRule securityRule, + SecurityPath customSecurityPath) => + domainSecurityProviderFactory.Create(securityRule, customSecurityPath); - protected abstract ISecurityProvider CreateFinalSecurityProvider(DomainSecurityRule securityRule); + protected override ISecurityProvider CreateSecurityProvider(SecurityRule securityRule) => + this.CreateSecurityProvider(securityRule, securityPath ?? SecurityPath.Empty); } diff --git a/src/Framework.SecuritySystem/Expanders/RootSecurityRuleExpande.cs b/src/Framework.SecuritySystem/Expanders/RootSecurityRuleExpander.cs similarity index 85% rename from src/Framework.SecuritySystem/Expanders/RootSecurityRuleExpande.cs rename to src/Framework.SecuritySystem/Expanders/RootSecurityRuleExpander.cs index e013e7418..142e57ffd 100644 --- a/src/Framework.SecuritySystem/Expanders/RootSecurityRuleExpande.cs +++ b/src/Framework.SecuritySystem/Expanders/RootSecurityRuleExpander.cs @@ -71,14 +71,26 @@ public ExpandedRolesSecurityRule FullRoleExpand(RoleBaseSecurityRule securityRul } } - public DomainSecurityRule FullDomainExpand(DomainSecurityRule securityRule) + public DomainSecurityRule FullDomainExpand(DomainSecurityRule securityRule, SecurityRuleExpandSettings? settings = null) { - return new FullDomainExpandVisitor(this).Visit(securityRule); + return new FullDomainExpandVisitor(this, settings).Visit(securityRule); } - private class FullDomainExpandVisitor(ISecurityRuleExpander expander) + private class FullDomainExpandVisitor(ISecurityRuleExpander expander, SecurityRuleExpandSettings? settings) : SecurityRuleVisitor { + public override DomainSecurityRule Visit(DomainSecurityRule baseSecurityRule) + { + if (settings != null && settings.IgnoredTypes.Any(ignoredType => ignoredType.IsInstanceOfType(baseSecurityRule))) + { + return baseSecurityRule; + } + else + { + return base.Visit(baseSecurityRule); + } + } + protected override DomainSecurityRule Visit(RoleBaseSecurityRule baseSecurityRule) => expander.FullRoleExpand(baseSecurityRule); protected override DomainSecurityRule Visit(DomainModeSecurityRule securityRule) => this.Visit(expander.Expand(securityRule)); diff --git a/src/Framework.SecuritySystem/ProviderFactories/CurrentUserSecurityProviderFactory.cs b/src/Framework.SecuritySystem/ProviderFactories/CurrentUserSecurityProviderFactory.cs index ea8c8e4a0..283a8b957 100644 --- a/src/Framework.SecuritySystem/ProviderFactories/CurrentUserSecurityProviderFactory.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/CurrentUserSecurityProviderFactory.cs @@ -7,7 +7,7 @@ namespace Framework.SecuritySystem.ProviderFactories; public class CurrentUserSecurityProviderFactory( IServiceProvider serviceProvider) - : ISecurityProviderFactory + : IDefaultSecurityProviderFactory { public ISecurityProvider Create(DomainSecurityRule.CurrentUserSecurityRule securityRule, SecurityPath securityPath) { diff --git a/src/Framework.SecuritySystem/ProviderFactories/DependencyBaseSecurityProviderInjector.cs b/src/Framework.SecuritySystem/ProviderFactories/DependencyBaseSecurityProviderInjector.cs index b224ce1f8..c8acf0f4d 100644 --- a/src/Framework.SecuritySystem/ProviderFactories/DependencyBaseSecurityProviderInjector.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/DependencyBaseSecurityProviderInjector.cs @@ -6,8 +6,10 @@ public abstract class DependencyBaseSecurityProviderFactory( ISecurityModeExpander securityRuleExpander, IDomainSecurityService baseDomainSecurityService) - : ISecurityProviderFactory + : IDefaultSecurityProviderFactory { + public bool AllowOptimize { get; } = false; + public ISecurityProvider Create(SecurityRule securityRule, SecurityPath securityPath) { return this.CreateDependencySecurityProvider(baseDomainSecurityService.GetSecurityProvider(this.GetActualSecurityRule(securityRule))); @@ -16,7 +18,7 @@ public ISecurityProvider Create(SecurityRule securityRule, Securi public SecurityRule GetActualSecurityRule(SecurityRule securityRule) { if (securityRule is SecurityRule.ModeSecurityRule modeSecurityRule - && securityRuleExpander.TryExpand(modeSecurityRule.ToDomain()) is { } customSecurityRule) + && securityRuleExpander.TryExpand(modeSecurityRule) is { } customSecurityRule) { return customSecurityRule; } diff --git a/src/Framework.SecuritySystem/ProviderFactories/IDefaultSecurityProviderFactory.cs b/src/Framework.SecuritySystem/ProviderFactories/IDefaultSecurityProviderFactory.cs new file mode 100644 index 000000000..d9be91fca --- /dev/null +++ b/src/Framework.SecuritySystem/ProviderFactories/IDefaultSecurityProviderFactory.cs @@ -0,0 +1,7 @@ +namespace Framework.SecuritySystem.ProviderFactories; + +public interface IDefaultSecurityProviderFactory : ISecurityProviderFactory + where TSecurityRule : SecurityRule +{ + bool AllowOptimize => true; +} diff --git a/src/Framework.SecuritySystem/ProviderFactories/RoleBaseSecurityProviderInjector.cs b/src/Framework.SecuritySystem/ProviderFactories/RoleBaseSecurityProviderInjector.cs index 1f7e753d3..9b97ad460 100644 --- a/src/Framework.SecuritySystem/ProviderFactories/RoleBaseSecurityProviderInjector.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/RoleBaseSecurityProviderInjector.cs @@ -4,7 +4,7 @@ namespace Framework.SecuritySystem.ProviderFactories; public class RoleBaseSecurityProviderFactory( IRoleBaseSecurityProviderFactory roleBaseSecurityProviderFactory) - : ISecurityProviderFactory + : IDefaultSecurityProviderFactory { public ISecurityProvider Create(DomainSecurityRule.RoleBaseSecurityRule securityRule, SecurityPath securityPath) => roleBaseSecurityProviderFactory.Create(securityRule, securityPath); diff --git a/src/Framework.SecuritySystem/ProviderFactories/DependencySecurityProviderInjector.cs b/src/Framework.SecuritySystem/ProviderFactories/TypedDependencySecurityProviderFactory.cs similarity index 90% rename from src/Framework.SecuritySystem/ProviderFactories/DependencySecurityProviderInjector.cs rename to src/Framework.SecuritySystem/ProviderFactories/TypedDependencySecurityProviderFactory.cs index ffb9c6601..c0cc30232 100644 --- a/src/Framework.SecuritySystem/ProviderFactories/DependencySecurityProviderInjector.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/TypedDependencySecurityProviderFactory.cs @@ -3,7 +3,7 @@ namespace Framework.SecuritySystem.ProviderFactories; -public class DependencySecurityProviderFactory( +public class TypedDependencySecurityProviderFactory( ISecurityModeExpander securityRuleExpander, IDomainSecurityService baseDomainSecurityService, IQueryableSource queryableSource, diff --git a/src/Framework.SecuritySystem/ProviderFactories/UntypedDependencySecurityProviderInjector.cs b/src/Framework.SecuritySystem/ProviderFactories/UntypedDependencySecurityProviderInjector.cs index 33ce45a2f..44b9a3cbf 100644 --- a/src/Framework.SecuritySystem/ProviderFactories/UntypedDependencySecurityProviderInjector.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/UntypedDependencySecurityProviderInjector.cs @@ -15,7 +15,7 @@ public class UntypedDependencySecurityProviderFactory CreateDependencySecurityProvider(ISecurityProvider baseProvider) { return new UntypedDependencySecurityProvider( - baseProvider, - queryableSource); + baseProvider, + queryableSource); } } diff --git a/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs b/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs index a20f870a9..96df63999 100644 --- a/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs +++ b/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs @@ -7,18 +7,41 @@ using static Framework.SecuritySystem.DomainSecurityRule; using Framework.SecuritySystem.ProviderFactories; +using Framework.SecuritySystem.Expanders; namespace Framework.SecuritySystem.Services; +public class DomainSecurityProviderFactory( + ISecurityRuleDeepOptimizer deepOptimizer, + IDefaultSecurityProviderFactory defaultSecurityProviderFactory, + IEnumerable> injectors) : ISecurityProviderFactory + where TSecurityRule : DomainSecurityRule +{ + public ISecurityProvider Create(TSecurityRule securityRule, SecurityPath securityPath) + { + var optimizeSettings = defaultSecurityProviderFactory.AllowOptimize + ? new SecurityRuleExpandSettings(injectors.Select(injector => injector.SecurityRuleType)) + : SecurityRuleExpandSettings.Disabled; + + var actualSecurityRule = deepOptimizer.Optimize(securityRule, optimizeSettings); + + injectors.Aggregate(defaultFactory, (state, injector) => injector.Inject(state)).Create(securityRule, securityPath); + } +} + public class DomainSecurityProviderFactory( IServiceProvider serviceProvider, + ISecurityRuleTypeResolver securityRuleTypeResolver, ISecurityRuleDeepOptimizer deepOptimizer) : IDomainSecurityProviderFactory { public ISecurityProvider Create(SecurityRule securityRule, SecurityPath securityPath) { - var injectorType = typeof(ISecurityProviderInjector<,>).MakeGenericType(typeof(TDomainObject), securityRule.GetType()); + var securityRuleType = securityRuleTypeResolver.Resolve(securityRule); + + var injectorType = typeof(ISecurityProviderInjector<,>).MakeGenericType(typeof(TDomainObject), securityRuleType); - var defaultFactory = serviceProvider.GetRequiredService(typeof(IEnumerable<>).MakeGenericType(injectorType)); + var defaultFactory = serviceProvider.GetRequiredService( + typeof(IDefaultSecurityProviderFactory<,>).MakeGenericType(injectorType, securityRuleType)); var injectors = serviceProvider.GetRequiredService(typeof(IEnumerable<>).MakeGenericType(injectorType)); diff --git a/src/Framework.SecuritySystem/Services/ISecurityRuleDeepOptimizer.cs b/src/Framework.SecuritySystem/Services/ISecurityRuleDeepOptimizer.cs index 2a5b4f7f6..7c6c1e676 100644 --- a/src/Framework.SecuritySystem/Services/ISecurityRuleDeepOptimizer.cs +++ b/src/Framework.SecuritySystem/Services/ISecurityRuleDeepOptimizer.cs @@ -1,6 +1,8 @@ -namespace Framework.SecuritySystem.Services; +using Framework.SecuritySystem.Expanders; + +namespace Framework.SecuritySystem.Services; public interface ISecurityRuleDeepOptimizer { - DomainSecurityRule Optimize(DomainSecurityRule securityRule); + DomainSecurityRule Optimize(DomainSecurityRule securityRule, SecurityRuleExpandSettings? settings = null); } diff --git a/src/Framework.SecuritySystem/Services/ISecurityRuleTypeResolver.cs b/src/Framework.SecuritySystem/Services/ISecurityRuleTypeResolver.cs new file mode 100644 index 000000000..d8911c832 --- /dev/null +++ b/src/Framework.SecuritySystem/Services/ISecurityRuleTypeResolver.cs @@ -0,0 +1,5 @@ +using Framework.Core; + +namespace Framework.SecuritySystem.Services; + +public interface ISecurityRuleTypeResolver : ITypeResolver; diff --git a/src/Framework.SecuritySystem/Services/SecurityRuleDeepOptimizer.cs b/src/Framework.SecuritySystem/Services/SecurityRuleDeepOptimizer.cs index 1ebed0775..0846274b0 100644 --- a/src/Framework.SecuritySystem/Services/SecurityRuleDeepOptimizer.cs +++ b/src/Framework.SecuritySystem/Services/SecurityRuleDeepOptimizer.cs @@ -9,7 +9,7 @@ public class SecurityRuleDeepOptimizer : ISecurityRuleDeepOptimizer private readonly ISecurityRuleBasicOptimizer basicOptimizer; - private readonly IDictionaryCache cache; + private readonly IDictionaryCache<(DomainSecurityRule, SecurityRuleExpandSettings?), DomainSecurityRule> cache; public SecurityRuleDeepOptimizer( ISecurityRuleExpander expander, @@ -17,16 +17,16 @@ public SecurityRuleDeepOptimizer( { this.expander = expander; this.basicOptimizer = basicOptimizer; - this.cache = new DictionaryCache(this.Visit).WithLock(); + this.cache = new DictionaryCache<(DomainSecurityRule, SecurityRuleExpandSettings?), DomainSecurityRule>(pair => this.Visit(pair.Item1, pair.Item2)).WithLock(); } - protected virtual DomainSecurityRule Visit(DomainSecurityRule baseSecurityRule) + protected virtual DomainSecurityRule Visit(DomainSecurityRule baseSecurityRule, SecurityRuleExpandSettings? settings) { - var visitedRule = this.basicOptimizer.Optimize(this.expander.FullDomainExpand(baseSecurityRule)); + var visitedRule = this.basicOptimizer.Optimize(this.expander.FullDomainExpand(baseSecurityRule, settings)); - return visitedRule == baseSecurityRule ? visitedRule : this.Visit(visitedRule); + return visitedRule == baseSecurityRule ? visitedRule : this.Visit(visitedRule, settings); } - DomainSecurityRule ISecurityRuleDeepOptimizer.Optimize(DomainSecurityRule securityRule) => - this.cache[securityRule]; + DomainSecurityRule ISecurityRuleDeepOptimizer.Optimize(DomainSecurityRule securityRule, SecurityRuleExpandSettings? settings) => + this.cache[(securityRule, settings)]; } diff --git a/src/Framework.SecuritySystem/Services/SecurityRuleTypeResolver.cs b/src/Framework.SecuritySystem/Services/SecurityRuleTypeResolver.cs new file mode 100644 index 000000000..0ff4cab9b --- /dev/null +++ b/src/Framework.SecuritySystem/Services/SecurityRuleTypeResolver.cs @@ -0,0 +1,11 @@ +using Framework.Core; + +namespace Framework.SecuritySystem.Services; + +public class SecurityRuleTypeResolver : ITypeResolver +{ + public Type Resolve(SecurityRule securityRule) => securityRule.GetType(); + + public IEnumerable GetTypes() => + typeof(SecurityRule).Assembly.GetTypes().Where(t => !t.IsAbstract && typeof(SecurityRule).IsAssignableFrom(t)); +} From 0b654c8464b33694f2803a55796e8c87bc1ac153 Mon Sep 17 00:00:00 2001 From: "Atsuta, Ivan" Date: Mon, 11 Nov 2024 10:52:15 +0100 Subject: [PATCH 5/5] tmp --- .../DomainSecurityServiceBuilder.cs | 60 ++++--------------- .../DomainSecurityServiceRootBuilder.cs | 11 +--- .../IDomainSecurityServiceBuilder.cs | 7 +-- .../DomainServices/DomainSecurityService.cs | 8 +-- .../CurrentUserSecurityProviderFactory.cs | 2 +- .../ISecurityProviderFactory.cs | 2 +- .../IDomainSecurityProviderFactory.cs | 5 -- .../Services/IRootSecurityProviderFactory.cs | 5 ++ ...tory.cs => RootSecurityProviderFactory.cs} | 10 ++-- 9 files changed, 30 insertions(+), 80 deletions(-) delete mode 100644 src/Framework.SecuritySystem/Services/IDomainSecurityProviderFactory.cs create mode 100644 src/Framework.SecuritySystem/Services/IRootSecurityProviderFactory.cs rename src/Framework.SecuritySystem/Services/{DomainSecurityProviderFactory.cs => RootSecurityProviderFactory.cs} (96%) diff --git a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceBuilder.cs b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceBuilder.cs index 7ca33ebe7..0e43dea33 100644 --- a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceBuilder.cs +++ b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceBuilder.cs @@ -2,23 +2,24 @@ using Framework.Core; using Framework.Persistent; +using Framework.SecuritySystem.ProviderFactories; using Framework.SecuritySystem.SecurityRuleInfo; using Microsoft.Extensions.DependencyInjection; namespace Framework.SecuritySystem.DependencyInjection.DomainSecurityServiceBuilder; -public abstract class DomainSecurityServiceBuilder : IDomainSecurityServiceBuilder +public abstract class DomainSecurityServiceBuilder { public abstract Type DomainType { get; } - public abstract void Register(IServiceCollection services); + public abstract void Register(IServiceCollection services, bool addSelfRelativePath); } internal class DomainSecurityServiceBuilder : DomainSecurityServiceBuilder, IDomainSecurityServiceBuilder where TDomainObject : IIdentityObject { - private readonly List functorTypes = []; + private readonly List injectorTypes = []; private readonly Dictionary domainObjectSecurityDict = []; @@ -28,11 +29,11 @@ internal class DomainSecurityServiceBuilder : DomainSecurityServi private Type? customServiceType; - private Type? dependencyServiceType; + private Type? dependencyInjectorType; public override Type DomainType { get; } = typeof(TDomainObject); - public override void Register(IServiceCollection services) + public override void Register(IServiceCollection services, bool addSelfRelativePath) { foreach (var (modeSecurityRule, implementedSecurityRule) in this.domainObjectSecurityDict) { @@ -49,50 +50,12 @@ public override void Register(IServiceCollection services) services.AddSingleton(pair.Type, pair.Instance); } - foreach (var (decl, impl) in this.GetRegisterDomainSecurityService()) + if (addSelfRelativePath) { - if (decl == null) - { - services.AddScoped(impl); - } - else - { - services.AddScoped(decl, impl); - } + services.AddSingleton, SelfRelativeDomainPathInfo>(); } - } - - private IEnumerable<(Type? Decl, Type Impl)> GetRegisterDomainSecurityService() - { - var baseServiceType = typeof(IDomainSecurityService); - - var actualCustomServiceType = this.customServiceType ?? this.dependencyServiceType; - - var functorTypeDecl = typeof(IOverrideSecurityProviderFunctor); - - var realFunctorTypes = this.functorTypes.Where(f => f.HasInterfaceMethodOverride(functorTypeDecl)).ToList(); - - if (realFunctorTypes.Any()) - { - foreach (var functorType in realFunctorTypes) - { - yield return (functorTypeDecl, functorType); - } - - var withFunctorActualCustomServiceType = actualCustomServiceType ?? typeof(ContextDomainSecurityService); - - yield return (null, withFunctorActualCustomServiceType); - - var withWrappedFunctorServiceType = typeof(DomainSecurityServiceWithFunctor<,>).MakeGenericType( - withFunctorActualCustomServiceType, - typeof(TDomainObject)); - yield return (baseServiceType, withWrappedFunctorServiceType); - } - else if (actualCustomServiceType != null) - { - yield return (baseServiceType, actualCustomServiceType); - } + services.AddScoped(typeof(IDomainSecurityService), this.customServiceType ?? typeof(DomainSecurityService)); } public IDomainSecurityServiceBuilder SetMode(SecurityRule.ModeSecurityRule modeSecurityRule, DomainSecurityRule implementedSecurityRule) @@ -111,6 +74,7 @@ public IDomainSecurityServiceBuilder SetPath(SecurityPath SetDependency() { + this.dependencyInjectorType = this.dependencyServiceType = typeof(DependencyDomainSecurityService); return this; @@ -142,8 +106,8 @@ public IDomainSecurityServiceBuilder SetCustomService Override() - where TSecurityFunctor : IOverrideSecurityProviderFunctor + public IDomainSecurityServiceBuilder AddInjector() + where TSecurityFunctor : ISecurityProviderInjector { this.functorTypes.Add(typeof(TSecurityFunctor)); diff --git a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceRootBuilder.cs b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceRootBuilder.cs index f164502ad..e7b7ed206 100644 --- a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceRootBuilder.cs +++ b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/DomainSecurityServiceRootBuilder.cs @@ -32,7 +32,7 @@ private IDomainSecurityServiceRootBuilder AddMetadataInternal where TDomainObject : IIdentityObject { - return this.AddInternal(b => b.Override().Pipe(TMetadata.Setup)); + return this.AddInternal(b => b.AddInjector().Pipe(TMetadata.Setup)); } private IDomainSecurityServiceRootBuilder AddInternal(Action> setup) @@ -51,14 +51,7 @@ public void Register(IServiceCollection services) { foreach (var domainBuilder in this.domainBuilders) { - domainBuilder.Register(services); - - if (this.AutoAddSelfRelativePath) - { - services.AddSingleton( - typeof(IRelativeDomainPathInfo<,>).MakeGenericType(domainBuilder.DomainType, domainBuilder.DomainType), - typeof(SelfRelativeDomainPathInfo<>).MakeGenericType(domainBuilder.DomainType)); - } + domainBuilder.Register(services, this.AutoAddSelfRelativePath); } } } diff --git a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IDomainSecurityServiceBuilder.cs b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IDomainSecurityServiceBuilder.cs index a996c0623..fb0072f9a 100644 --- a/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IDomainSecurityServiceBuilder.cs +++ b/src/Framework.SecuritySystem/DependencyInjection/DomainSecurityServiceBuilder/IDomainSecurityServiceBuilder.cs @@ -41,11 +41,6 @@ public interface IDomainSecurityServiceBuilder IDomainSecurityServiceBuilder SetCustomService() where TDomainSecurityService : IDomainSecurityService; - IDomainSecurityServiceBuilder Override() + IDomainSecurityServiceBuilder AddInjector() where TSecurityFunctor : ISecurityProviderInjector; } - -public interface IDomainSecurityServiceBuilder -{ - void Register(IServiceCollection services); -} diff --git a/src/Framework.SecuritySystem/DomainServices/DomainSecurityService.cs b/src/Framework.SecuritySystem/DomainServices/DomainSecurityService.cs index 8ac5db03d..56f759b76 100644 --- a/src/Framework.SecuritySystem/DomainServices/DomainSecurityService.cs +++ b/src/Framework.SecuritySystem/DomainServices/DomainSecurityService.cs @@ -2,16 +2,14 @@ namespace Framework.SecuritySystem; -public class DomainSecurityService( - IDomainSecurityProviderFactory domainSecurityProviderFactory, - SecurityPath? securityPath = null) +public class DomainSecurityService(IDomainSecurityProviderFactory domainSecurityProviderFactory) : DomainSecurityServiceBase { protected virtual ISecurityProvider CreateSecurityProvider( SecurityRule securityRule, - SecurityPath customSecurityPath) => + SecurityPath? customSecurityPath) => domainSecurityProviderFactory.Create(securityRule, customSecurityPath); protected override ISecurityProvider CreateSecurityProvider(SecurityRule securityRule) => - this.CreateSecurityProvider(securityRule, securityPath ?? SecurityPath.Empty); + this.CreateSecurityProvider(securityRule, null); } diff --git a/src/Framework.SecuritySystem/ProviderFactories/CurrentUserSecurityProviderFactory.cs b/src/Framework.SecuritySystem/ProviderFactories/CurrentUserSecurityProviderFactory.cs index 283a8b957..a2d601786 100644 --- a/src/Framework.SecuritySystem/ProviderFactories/CurrentUserSecurityProviderFactory.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/CurrentUserSecurityProviderFactory.cs @@ -9,7 +9,7 @@ public class CurrentUserSecurityProviderFactory( IServiceProvider serviceProvider) : IDefaultSecurityProviderFactory { - public ISecurityProvider Create(DomainSecurityRule.CurrentUserSecurityRule securityRule, SecurityPath securityPath) + public ISecurityProvider Create(DomainSecurityRule.CurrentUserSecurityRule securityRule, SecurityPath? securityPath) { var args = new object?[] { diff --git a/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderFactory.cs b/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderFactory.cs index 9725046f6..947c8e6f3 100644 --- a/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderFactory.cs +++ b/src/Framework.SecuritySystem/ProviderFactories/ISecurityProviderFactory.cs @@ -3,5 +3,5 @@ public interface ISecurityProviderFactory where TSecurityRule : SecurityRule { - ISecurityProvider Create(TSecurityRule securityRule, SecurityPath securityPath); + ISecurityProvider Create(TSecurityRule securityRule, SecurityPath? customSecurityPath); } diff --git a/src/Framework.SecuritySystem/Services/IDomainSecurityProviderFactory.cs b/src/Framework.SecuritySystem/Services/IDomainSecurityProviderFactory.cs deleted file mode 100644 index 171563262..000000000 --- a/src/Framework.SecuritySystem/Services/IDomainSecurityProviderFactory.cs +++ /dev/null @@ -1,5 +0,0 @@ -using Framework.SecuritySystem.ProviderFactories; - -namespace Framework.SecuritySystem.Services; - -public interface IDomainSecurityProviderFactory : ISecurityProviderFactory; diff --git a/src/Framework.SecuritySystem/Services/IRootSecurityProviderFactory.cs b/src/Framework.SecuritySystem/Services/IRootSecurityProviderFactory.cs new file mode 100644 index 000000000..ba6bb0a91 --- /dev/null +++ b/src/Framework.SecuritySystem/Services/IRootSecurityProviderFactory.cs @@ -0,0 +1,5 @@ +using Framework.SecuritySystem.ProviderFactories; + +namespace Framework.SecuritySystem.Services; + +public interface IRootSecurityProviderFactory : ISecurityProviderFactory; diff --git a/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs b/src/Framework.SecuritySystem/Services/RootSecurityProviderFactory.cs similarity index 96% rename from src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs rename to src/Framework.SecuritySystem/Services/RootSecurityProviderFactory.cs index 96df63999..510f7e72b 100644 --- a/src/Framework.SecuritySystem/Services/DomainSecurityProviderFactory.cs +++ b/src/Framework.SecuritySystem/Services/RootSecurityProviderFactory.cs @@ -11,13 +11,13 @@ namespace Framework.SecuritySystem.Services; -public class DomainSecurityProviderFactory( +public class RootSecurityProviderFactory( ISecurityRuleDeepOptimizer deepOptimizer, IDefaultSecurityProviderFactory defaultSecurityProviderFactory, IEnumerable> injectors) : ISecurityProviderFactory where TSecurityRule : DomainSecurityRule { - public ISecurityProvider Create(TSecurityRule securityRule, SecurityPath securityPath) + public ISecurityProvider Create(TSecurityRule securityRule, SecurityPath? securityPath) { var optimizeSettings = defaultSecurityProviderFactory.AllowOptimize ? new SecurityRuleExpandSettings(injectors.Select(injector => injector.SecurityRuleType)) @@ -29,12 +29,12 @@ public ISecurityProvider Create(TSecurityRule securityRule, Secur } } -public class DomainSecurityProviderFactory( +public class RootSecurityProviderFactory( IServiceProvider serviceProvider, ISecurityRuleTypeResolver securityRuleTypeResolver, - ISecurityRuleDeepOptimizer deepOptimizer) : IDomainSecurityProviderFactory + ISecurityRuleDeepOptimizer deepOptimizer) : IRootSecurityProviderFactory { - public ISecurityProvider Create(SecurityRule securityRule, SecurityPath securityPath) + public ISecurityProvider Create(SecurityRule securityRule, SecurityPath? securityPath) { var securityRuleType = securityRuleTypeResolver.Resolve(securityRule);