Let's start with an example: we have an image provider which allows for creating and deleting image catalogues, uploading and downloading images. (More about the image provider here.)

In order to make the things as real as possible we'll need a ImageUser class:

public class ImageUser
{
    private readonly ImageProviderBase provider;
    private readonly ImageCatalogue root;
    private readonly ImageSecurity security;
    ...
}

There are also four methods which implement the functionality for managing catalogues and images:

public ImageCatalogue AddCatalogue(string name, ImageCatalogue parent = null)

public
IEnumerable<ImageCatalogue> GetCatalogues(ImageCatalogue parent = null)

public
Image DownloadImage(string name, ImageCatalogue catalogue = null)

public void UploadImage(string name, Image image, ImageCatalogue catalogue = null)

Let's create three users: John, Marry and Peter. Every user has a root named after his name. Currently everybody is allowed to do whatever he wants with catalogues and images, collectively known as resources, taking no ownership or other user-to-resource relationships into account. Without imposing some restrictions on creating catalogues, enlisting them, uploading and downloading images to/from any catalogue no matter who owns it, things are messy and insecure.

It becomes clear that users should be required to obey some rules guarding access to resources. NSecurity helps in solving such problems by leveraging access control entries (ACE). Currently there are two ACE providers--memory and xml. We'll use the second one which reads serialized ACEs in the following format:

<acl>
  <ace securable="*" verb="create_folder" subject="John" access="Allow" />
  <ace securable="John\accept.png" verb="upload" subject="John" access="Allow" />
  <ace securable="John\accept.png" verb="download" subject="John" access="Allow" />
  <ace securable="*" verb="create_folder" subject="Marry" access="Allow" />
  <ace securable="Marry\add.png" verb="upload" subject="Marry" access="Allow" />
  <ace securable="Marry\add.png" verb="download" subject="Marry" access="Allow" />
  <ace securable="*" verb="create_folder" subject="Peter" access="Allow" />
  <ace securable="Peter\anchor.png" verb="upload" subject="Peter" access="Allow" />
  <ace securable="Peter\anchor.png" verb="download" subject="Peter" access="Allow" />
</acl>
ACEs are processed in a very simple, yet powerful manner – the AccessControlService class takes this responsibility. The three important methods processing and querying ACEs are:

public class AccessControlService<TSecurable, TVerb, TSubject>
    where TSecurable : class
    where TVerb : class
    where TSubject : class
{

    public void Allow(TSecurable securable, TVerb verb, TSubject subject)
    {
        ...
    }

    public void Deny(TSecurable securable, TVerb verb, TSubject subject)
    {
        ...
    }

    public bool IsAllowed(TSecurable securable, TVerb verb, TSubject subject)
    {
        ...
    }
}

The demo application accompanying the library shows some of these concepts and is a good starting point in getting familiar with NSecurity.

Last edited Mar 13, 2013 at 8:04 PM by ac2008, version 26

Comments

No comments yet.