Esbaop application-permission management

The previous article introduced the AOP Implementation of the exception blocker, and permission management is also a place where AOP can be used to make great strides. Let's take a look at how to use esbaop to implement permission management.
The first problem to be solved is how to determine whether the user has the permission to call an operation. This is achieved by each application. In order to unify the permission judgment, therefore, the ipermissionverifier interface is specified: // <summary>
/// Ipermissionverifier is used to verify whether the current user has sufficient permission to call the target method of the target class.
/// If you need to use AOP for permission management, you must implement the ipermissionverifier interface.
/// </Summary>
Public interface ipermissionverifier
{
Bool qualifiedtooperation (Object permissionneeded, string destclassfullname, string destmethodname );
}

Permissionneeded is specified by parameters applied to the features of the method (as can be seen later). destclassfullname indicates the full name of the class where the target method is located, and destmethodname indicates the name of the target method.
When the user's permissions do not meet the conditions, a permissionlimittedexception exception is thrown during the call to the target method. The exception is defined as follows: // <summary>
/// This exception is thrown when a user without the permission calls an operation.
/// </Summary>
[Serializable]
Public class permissionlimittedexception: exception
{
Public permissionlimittedexception ()
{
}

Public permissionlimittedexception (string MSG): Base (MSG)
{
}

Public permissionlimittedexception (string MSG, exception innerexception): Base (MSG, innerexception)
{
}
}

Note that custom exceptions must be serializable, so that they can be passed through remoting.

Next, you can implement permissionaspect in terms of permissions. /// <Summary>
/// Permissionaspect permission: if the current user is not authorized to call a method, permissionlimittedexception is thrown.
/// Aspectclassargument: the type of the ipermissionverifier interface is implemented.
/// Aspectmethodargument: permission required for the operation, which is customized by the user
/// </Summary>
Public class permissionaspect: iaspect
{
Public permissionaspect ()
{
}

# Region iaspect Member
Public void preprocess (imethodcallmessage requestmsg, object aspectclassargument, object aspectmethodargument)
{
Type verifiertype = (type) aspectclassargument;
Type desttype = typeof (ipermissionverifier );
If (! Desttype. isassignablefrom (verifiertype ))
{
Throw new exception ("The permissionverifiertype is invalid! ");
}

Ipermissionverifier pmverifier = (ipermissionverifier) activator. createinstance (verifiertype );
If (pmverifier = NULL)
{
Throw new exception ("The permissionverifiertype is invalid! ");
}

Object pmneeded = aspectmethodargument;
String classname = aophelper. getfullclassname (requestmsg );
String methodname = aophelper. getmethodname (requestmsg );

Bool qualified = pmverifier. qualifiedtooperation (pmneeded, classname, methodname );

If (! Qualified)
{
Throw new permissionlimittedexception (string. Format ("current user have no permission to call DEST method: {0 }. {1 }! ", Classname, methodname ));
}
}

Public void postprocess (imethodcallmessage requestmsg, ref imethodreturnmessage respond, object aspectclassargument, object aspectmethodargument)
{
// Todo: Add permissionaspect. enterpriseserverbase. AOP. complexaop. iaspect. postprocess
}

# Endregion
}

The meanings of aspectclassargument and aspectmethodargument have been provided. If you want to know how to use these two parameters, you can review the description in esbaop implementation. In terms of permissions, The ipermissionverifier is used to determine whether the user meets the permission requirements. If the user does not meet the requirements, a permissionlimittedexception exception is thrown.

Finally, an example is provided: public class class1.
{
[Stathread]
Static void main (string [] ARGs)
{
Try
{
Example exa = new example ();
Exa. sayhello ("sky ");
Exa. saybyebye ("sky ");
}
Catch (exception ee)
{
Console. writeline (EE. Message );
}

Console. Read ();
}
}

[Aspect (typeof (permissionaspectwrap)]
Public Class Example: contextboundobject
{
[Aspectswitcher (typeof (permissionaspectwrap), true, permission. Common)]
Public void sayhello (string name)
{
Console. writeline ("hello," + name );
}

[Aspectswitcher (typeof (permissionaspectwrap), true, permission. Super)] // The permission. Super permission is required to call this method.
Public void saybyebye (string name)
{
Console. writeline ("Byebye," + name );
}

}

# Region permissionaspectwrap
Public class permissionaspectwrap: iaspectprocessorwrap
{
# Region iaspectprocessorwrap Member

Public type aspectprocessortype
{
Get
{
Return typeof (permissionaspect );
}
}

Public object aspectclassargument
{
Get
{
Return typeof (permissionverifier );
}
}

Public aspectswitcherstate defaultaspectswitcherstate
{
Get
{
Return aspectswitcherstate. on;
}
}
# Endregion
}

# Endregion

# Region permissionverifier, permission, Logger
Public class permissionverifier: ipermissionverifier
{
Private Static int curpermission = permission. Common;

# Region ipermissionverifier Member

Public bool qualifiedtooperation (Object permissionneeded, string destclassfullname, string destmethodname)
{
Int destpermission = (INT) permissionneeded;
If (permissionverifier. curpermission> destpermission)
{
Return true;
}

Return false;
}

# Endregion
}

Public class permission
{
Public const int common = 0;
Public const int super = 1;
}
# Endregion

Because the current user level is permission. Common, an exception is thrown when saybyebye is called, but it can be normally performed when sayhello is called.