This example demonstrates how to enforce a non-trivial security model with aspect-oriented programming.
PostSharp.Samples.Authorization.Framework defines the skeleton of an abstract security model. The key concept is represented the
IPermission interface, with typical
Permission.Write, for instance. Permissions are things that the current
ISubject need to be granted to be allowed to read or write a field
or execute a method. However
ApplyDefaultPermissionsAttribute aspect automatically requires the
Permission.Write on public fields and properties.
You can use the
RequiresPermissionAttribute aspect on fields, properties and methods to require a specific permission.
The abstract security framework does not specify how to determine whether the current
ISubject has a given
IPermission. This job is delegated to the
which can have different implementations.
PostSharp.Samples.Authorization.RoleBased namespace provides an example implementation of the role-based security model:
- Each business object has a list of assignments of users to roles (for instance Mikki is Sales Manager in the business unit).
- Each business object has a parent and inherits user-role assignments from its parent (for instance an Invoice inherits the role assignments from its parent business unit).
- For each class of business objects, there is a list of assignments of roles to permissions (for instance, Sale Managers have the Write permission on invoices).
RoleBasedSecurityPolicy class implements the
ISecurityPolicy interface for the role-based model.
- THIS EXAMPLE IS NOT SUFFICIENTLY TESTED FOR PRODUCTION USE. This is only a proof of concept.
- Performance is really poor because even evaluating a property causes the evaluation of complex policies and allocations of memory on the heap. A better implementation should cache permissions.