How can I implement "firewall rules" style timebased ACL implemantation ? (C#, Sql Server)

Question

I'm using ServiceStack and I dont know if my way is true or not for this requirement with ServiceStack Permission support.

Now rule table structure is:

TargetRole
TargetUserId
DENY/ALLOW
ActionTypeEnum
StartDate
EndDate
StartHour
EndHour
RunningEnum ([Flags] OnlyOnce=1,Monday=2,....,Sunday=128)

Rule: All admins could not (DENY) crateUser (ACTIONTYPEENUM.CREATEUSER) every Mondays (RUNNINGENUM=2) between 12-17 hours (STARTHOUR=12,ENDHOUR=17)

So I have to solve these rules (and if I can I have to bind with ServiceStack Permission), Is there any problem on my way or any better framework or ruleresolver in C# ?

score 1 · Answer 1 · answered Jul 19 '12 at 16:25

ServiceStack's RequireRole and RequiredPermissions attributes let you mark what Roles / Permission a service needs. The implementation of RequireRole just calls IAuthSession.HasRole() (or IAuthSession.HasPermission()) which determines whether the user has the role specified.

When you register your own CustomUserSession you can implement the above methods to do exactly what you need.

The alternative is to ignore the existing Roles/Permissions support and just create your own Request Filter Attribute and have it execute before each request you want validated.

score 0 · Accepted Answer · answered Jul 29 '12 at 16:53

0

There is no framework for ACL implemantation in C#. You have to write your own! So do I :)

answered Jul 29 '12 at 16:53

Oguz Karadenizli

3,449
6
38
73

How can I implement "firewall rules" style timebased ACL implemantation ? (C#, Sql Server)

2 Answers2