Class WMAccessManager

Manages access privileges throughout the WM API

Inheritance

object

WMAccessManager

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ReferenceEquals(object, object)

object.ToString()

Namespace: Quantellia.WMServer.Auth.Model.UserAccess

Assembly: WMServer.dll

Syntax

public static class WMAccessManager

Properties

WMServerApplicationID

The ApplicationID for all base WMServer resources and operations.

Declaration

public static string WMServerApplicationID { get; }

Property Value

Type	Description
string

Methods

EnsurePermissionAsync(WMPrincipal, WMResource, WMOperation, string, AuthDbContext)

Ensures that the specified user has permission to perform the given operation on the given asset. Throws an exception if not.

Declaration

public static Task EnsurePermissionAsync(WMPrincipal principal, WMBaseResouceOperation.WMResource resource, WMBaseResouceOperation.WMOperation operation, string organizationID, AuthDbContext context = null)

Parameters

Type	Name	Description
WMPrincipal	principal	The user in question
WMBaseResouceOperation.WMResource	resource	The asset in question.
WMBaseResouceOperation.WMOperation	operation	The operation in question.
string	organizationID	The organization that owns the permission.
AuthDbContext	context

Returns

Type	Description
Task

EnsurePermissionAsync<A>(WMPrincipal, A?, WMOperation, AuthDbContext)

Ensures that the specified user has permission to perform the given operation on the given asset. Throws an exception if not.

Declaration

public static Task EnsurePermissionAsync<A>(WMPrincipal principal, A? resource, WMBaseResouceOperation.WMOperation operation, AuthDbContext context = null) where A : IWMOwnableResource, new()

Parameters

Type	Name	Description
WMPrincipal	principal	The user in question
A	resource	The asset in question.
WMBaseResouceOperation.WMOperation	operation	The operation in question.
AuthDbContext	context

Returns

Type	Description
Task

Type Parameters

Name	Description
A	An asset type parameter that denotes the resource.

GetAccessControlOrganizations(WMPrincipal, WMResource, WMOperation, AuthDbContext)

This IQueryable queries all organizations who provide access for a given WMServer resource-operation pair to the user.

Declaration

public static Task<List<string>> GetAccessControlOrganizations(WMPrincipal principal, WMBaseResouceOperation.WMResource resource, WMBaseResouceOperation.WMOperation operation, AuthDbContext context = null)

Parameters

Type	Name	Description
WMPrincipal	principal	The user in question
WMBaseResouceOperation.WMResource	resource	The resource in question
WMBaseResouceOperation.WMOperation	operation	The operation in question
AuthDbContext	context

Returns

Type	Description
Task<List<string>>	All organizations that give access to this resource-operation to the user.

GetAccessControlOrganizations(WMPrincipal, string, string, string, AuthDbContext)

This IQueryable queries all organizations who provide access for a given resource-operation pair to the user.

Declaration

public static Task<List<string>> GetAccessControlOrganizations(WMPrincipal principal, string applicationID, string resource, string operation, AuthDbContext context = null)

Parameters

Type	Name	Description
WMPrincipal	principal	The user in question
string	applicationID	The application this resource-operation pair belongs to. WMServer by default.
string	resource	The resource in question
string	operation	The operation in question
AuthDbContext	context

Returns

Type	Description
Task<List<string>>	All organizationIDs that give access to this resource-operation to the user.

GetAccessControlOrganizations<A>(WMPrincipal, WMOperation, AuthDbContext)

This IQueryable queries all organizations who provide access for a given WMServer resource-operation pair to the user, where the resource is a WMServer asset given by A

Declaration

public static Task<List<string>> GetAccessControlOrganizations<A>(WMPrincipal principal, WMBaseResouceOperation.WMOperation operation, AuthDbContext context = null) where A : IWMOwnableResource, new()

Parameters

Type	Name	Description
WMPrincipal	principal	The user in question
WMBaseResouceOperation.WMOperation	operation	The operation in question
AuthDbContext	context

Returns

Type	Description
Task<List<string>>	All organizations that give access to this resource-operation to the user.

Type Parameters

Name	Description
A	An asset type parameter that denotes the resource.

GetAuthorizedResourceIQueryable<A>(WMPrincipal, IQueryable<A>, WMAppDbContext)

Builds an IQueryable that makes up all resources the user has authorization to view. This IQueryable should be built before all other querying actions to ensure that no user has access to resources outside of their authorization.

Declaration

public static Task<IQueryable<A>> GetAuthorizedResourceIQueryable<A>(WMPrincipal principal, IQueryable<A> dbSet, WMAppDbContext context) where A : IWMOwnableResource, new()

Parameters

Type	Name	Description
WMPrincipal	principal	The user.
IQueryable<A>	dbSet	An IQueryable representing the table of all resources of type `A`. Must be .AsNoTracking()
WMAppDbContext	context

Returns

Type	Description
Task<IQueryable<A>>

Type Parameters

Name	Description
A	The type of resource to return.

GetPermissionAsync(WMPrincipal, WMResource, WMOperation, string, AuthDbContext)

Queries whether the specified user has permission to perform the given operation on the given resource for a given organization.

Declaration

public static Task<bool> GetPermissionAsync(WMPrincipal principal, WMBaseResouceOperation.WMResource resource, WMBaseResouceOperation.WMOperation operation, string organizationID, AuthDbContext context = null)

Parameters

Type	Name	Description
WMPrincipal	principal	The user in question
WMBaseResouceOperation.WMResource	resource	The resource.
WMBaseResouceOperation.WMOperation	operation	The operation.
string	organizationID	The organization granting or denying permission.
AuthDbContext	context

Returns

Type	Description
Task<bool>	True if permission is granted, False if denied.

GetPermissionAsync(WMPrincipal, string, string, string, string, AuthDbContext)

Queries whether the specified user has permission to perform the given operation on the given resource for a given organization.

Declaration

public static Task<bool> GetPermissionAsync(WMPrincipal principal, string applicationID, string resource, string operation, string organizationID, AuthDbContext context = null)

Parameters

Type	Name	Description
WMPrincipal	principal	The user in question
string	applicationID	The application this resource exists in.
string	resource	The resource.
string	operation	The operation.
string	organizationID	The organization granting or denying permission.
AuthDbContext	context

Returns

Type	Description
Task<bool>	True if permission is granted, False if denied.

IsAllowed(WMPrincipal, WMResource, WMOperation)

Test if the requested resource/operation is allowed for the specified user/agent. Only handles WMServer base resources and operations.

Declaration

public static Task<bool> IsAllowed(WMPrincipal principal, WMBaseResouceOperation.WMResource resource, WMBaseResouceOperation.WMOperation operation)

Parameters

Type	Name	Description
WMPrincipal	principal	Principal identity requesting permission
WMBaseResouceOperation.WMResource	resource	Resource to which acceess is being requested.
WMBaseResouceOperation.WMOperation	operation	Action on the requested resource to which access is being requested.

Returns

Type	Description
Task<bool>	true if access is granted. Otherwise, an exception is thrown with a messaged describing the reason that acceess was denied.

IsAllowed(WMPrincipal, string, string)

Test if the requested resource/operation is allowed for the specified user/agent. Only handles WMServer base resources and operations.

Declaration

public static Task<bool> IsAllowed(WMPrincipal principal, string resource, string operation)

Parameters

Type	Name	Description
WMPrincipal	principal	Principal identity requesting permission
string	resource	Resource to which acceess is being requested.
string	operation	Action on the requested resource to which access is being requested.

Returns

Type	Description
Task<bool>	true if access is granted. Otherwise, an exception is thrown with a messaged describing the reason that acceess was denied.

IsAllowed(WMPrincipal, string, string, string)

Test if the requested resource/operation is allowed for the specified user/agent

Declaration

public static Task<bool> IsAllowed(WMPrincipal principal, string applicationID, string resource, string operation)

Parameters

Type	Name	Description
WMPrincipal	principal	Principal identity requesting permission
string	applicationID	The application this resource exists in.
string	resource	Resource to which acceess is being requested.
string	operation	Action on the requested resource to which access is being requested.

Returns

Type	Description
Task<bool>	true if access is granted. Otherwise, an exception is thrown with a messaged describing the reason that acceess was denied.

VerifyLicense(WMPrincipal, AuthDbContext)

Verifies whether a user is licensed to login to a domain dictated by a license.

Declaration

public static Task<bool> VerifyLicense(WMPrincipal principal, AuthDbContext context = null)

Parameters

Type	Name	Description
WMPrincipal	principal	The principal of the user logging in.
AuthDbContext	context

Returns

Type	Description
Task<bool>

VerifyLicense(string, Domain, string, AuthDbContext)

Verifies whether a user is licensed to login to a domain dictated by a license.

Declaration

public static Task<bool> VerifyLicense(string userID, WMPrincipal.Domain domainType, string domainID, AuthDbContext context = null)

Parameters

Type	Name	Description
string	userID	The ID of the WMUser logging in.
WMPrincipal.Domain	domainType	The domain being logged into. See WMPrincipal.Domain for details.
string	domainID	The ID of the domain being logged into.
AuthDbContext	context

Returns

Type	Description
Task<bool>