This example demonstrates how to enforce a non-trivial security model with aspect-oriented programming.
The PostSharp.Samples.Authorization.Framework
defines the skeleton of an abstract security model. The key concept is represented the IPermission
interface, with typical
values Permission.Read
or Permission.Write
, for instance. Permissions are things that the current ISubject
need to be granted to be allowed to read or write a field
or execute a method. However
The ApplyDefaultPermissionsAttribute
aspect automatically requires the Permission.Read
or Permission.Write
on public fields and properties.
You can use the RequiresPermissionAttribute
aspect on fields, properties and methods to require a specific permission.
The abstract security framework does not specify how to determine whether the current ISubject
has a given IPermission
. This job is delegated to the ISecurityPolicy
interface,
which can have different implementations.
The PostSharp.Samples.Authorization.RoleBased
namespace provides an example implementation of the role-based security model:
- Each business object has a list of assignments of users to roles (for instance Mikki is Sales Manager in the business unit).
- Each business object has a parent and inherits user-role assignments from its parent (for instance an Invoice inherits the role assignments from its parent business unit).
- For each class of business objects, there is a list of assignments of roles to permissions (for instance, Sale Managers have the Write permission on invoices).
The RoleBasedSecurityPolicy
class implements the ISecurityPolicy
interface for the role-based model.
- THIS EXAMPLE IS NOT SUFFICIENTLY TESTED FOR PRODUCTION USE. This is only a proof of concept.
- Performance is really poor because even evaluating a property causes the evaluation of complex policies and allocations of memory on the heap. A better implementation should cache permissions.