Show / Hide Table of Contents

    Class AuthorizationRuleAssignment

    Represents an authorization rule assignment to a service version, contract, endpoint, or operation. A list of rule assignments to a particular service represents an access control policy for that service.

    Inheritance
    Object
    DomainObjectBase
    AuthorizationRuleAssignment
    Implements
    IValidator
    IExtensibleDataObject
    IEquatable<AuthorizationRuleAssignment>
    Inherited Members
    DomainObjectBase.IsValidElementName(String)
    DomainObjectBase.AreEqual(Nullable<DateTime>, Nullable<DateTime>)
    DomainObjectBase.Equals(DomainObjectBase)
    DomainObjectBase.Id
    DomainObjectBase.Key
    DomainObjectBase.Created
    DomainObjectBase.Updated
    DomainObjectBase.IsMajorObject
    DomainObjectBase.ErrorMessage
    DomainObjectBase.ExtensionData
    Object.Equals(Object, Object)
    Object.ReferenceEquals(Object, Object)
    Object.GetType()
    Object.MemberwiseClone()
    Namespace: Nevatech.Vsb.Repository.Entities
    Assembly: Nevatech.Vsb.Repository.dll
    Syntax
    public sealed class AuthorizationRuleAssignment : DomainObjectBase, IValidator, IExtensibleDataObject, IEquatable<AuthorizationRuleAssignment>
    Remarks

    The access control works as follows:

    • Authorization rule defines a set of claims that rule matches.
    • Each authorization rule can be assigned to a service version, contract, endpoint, or service operation. If rule is assigned to a service version then it applies to all contracts in that service version. If it is assigned to a contract then it applies to all operations in that contract, etc.
    • Then rule is assigned, it is given a priority - the order in which rules in the access list are evaluated. Rule with higher priority is evaluated first.
    • The result of rule execution is a "match" or "not-match" value. Which means that claims of the current caller's identity do or do not satisfy the rule's condition. Evaluation of the rule list stops at the first "match", unless its "Action" is set to None.
    • Each rule assignment also defines the authorization decision that should be made, if rule matches the claims. The decisions are Permit (access should be granted), Deny (access is denied and call should be blocked), or None (mark transaction with service agreement identifier and continue rule evaluations).
    • If all rules in the access list are evaluated and no match was determined, then access to the resource should be denied. However, if access list is empty (not defined) then access should be denied.
    • If Service Agreement identifier is provided then messages matching this rule must be "marked" with that identifier (included in the scope of that SLA).

    Constructors

    AuthorizationRuleAssignment()

    Initializes and empty object.

    Declaration
    public AuthorizationRuleAssignment()

    Properties

    Action

    Gets or sets the action that will be taken, if that rule matches particular set of claims.

    Declaration
    public AuthorizationRuleAction Action { get; set; }
    Property Value
    Type Description
    AuthorizationRuleAction

    ContractId

    Gets or sets identifier of the contract that rule is applied to. If not set, then rule is applied to all contracts in the service version.

    Declaration
    public int? ContractId { get; set; }
    Property Value
    Type Description
    Nullable<Int32>

    ContractName

    Gets contract WSDL name that rule is applied to.

    Declaration
    public string ContractName { get; }
    Property Value
    Type Description
    String

    EndpointId

    Gets or sets identifier of the endpoint that rule is applied to. If not set, then rule is applied to all endpoints in the service version.

    Declaration
    public int? EndpointId { get; set; }
    Property Value
    Type Description
    Nullable<Int32>

    EndpointName

    Gets endpoint WSDL name that rule is applied to.

    Declaration
    public string EndpointName { get; }
    Property Value
    Type Description
    String

    GroupId

    Gets or sets authorization group identifier. Either rule or group can be assigned at the same time.

    Declaration
    public int? GroupId { get; set; }
    Property Value
    Type Description
    Nullable<Int32>

    GroupName

    Gets authorization group name.

    Declaration
    public string GroupName { get; }
    Property Value
    Type Description
    String

    Kind

    Gets the service kind: SOAP, REST, or OpenData.

    Declaration
    public ServiceKind Kind { get; }
    Property Value
    Type Description
    ServiceKind

    ObjectType

    Gets object type identifier.

    Declaration
    public override EntityType ObjectType { get; }
    Property Value
    Type Description
    EntityType
    Overrides
    DomainObjectBase.ObjectType

    OperationId

    Gets or sets identifier of the service operation that rule is applied to. If not set, then rule is applied to all operations in the service version.

    Declaration
    public int? OperationId { get; set; }
    Property Value
    Type Description
    Nullable<Int32>

    OperationName

    Gets contract/operation WSDL name that rule is applied to.

    Declaration
    public string OperationName { get; }
    Property Value
    Type Description
    String

    Priority

    Gets or sets rule priority that dictates the order in which rules are executed for particular service. Rule with higher priority is executed first.

    Declaration
    public int Priority { get; set; }
    Property Value
    Type Description
    Int32

    RuleExpression

    Gets authorization rule expression.

    Declaration
    public AuthorizationExpressionBase RuleExpression { get; }
    Property Value
    Type Description
    AuthorizationExpressionBase

    RuleId

    Gets or sets authorization rule identifier. If rule and group are not set then "match-all" rule is applied.

    Declaration
    public int? RuleId { get; set; }
    Property Value
    Type Description
    Nullable<Int32>

    RuleName

    Gets authorization rule name.

    Declaration
    public string RuleName { get; }
    Property Value
    Type Description
    String

    ServiceAgreementId

    Gets or sets identifier of the service agreement this authorization rule belongs to. Transactions matching the rule will have this identifier assigned.

    Declaration
    public int? ServiceAgreementId { get; set; }
    Property Value
    Type Description
    Nullable<Int32>

    ServiceAgreementName

    Gets the friendly name of the service agreement this authorization rule belongs to.

    Declaration
    public string ServiceAgreementName { get; }
    Property Value
    Type Description
    String

    ServiceId

    Gets the service identifier.

    Declaration
    public int ServiceId { get; }
    Property Value
    Type Description
    Int32

    ServiceName

    Gets the service friendly name.

    Declaration
    public string ServiceName { get; }
    Property Value
    Type Description
    String

    ServiceVersionId

    Gets or sets identifier of the service version that rule is applied to.

    Declaration
    public int ServiceVersionId { get; set; }
    Property Value
    Type Description
    Int32

    ServiceVersionName

    Gets service version friendly name.

    Declaration
    public string ServiceVersionName { get; }
    Property Value
    Type Description
    String

    Version

    Gets the custom-defined service version identifier.

    Declaration
    public string Version { get; }
    Property Value
    Type Description
    String

    VersionNumber

    Gets service version number.

    Declaration
    public int VersionNumber { get; }
    Property Value
    Type Description
    Int32

    Methods

    Compress()

    Clears unnecessary to runtime data to reduce message payload.

    Declaration
    public void Compress()

    Equals(AuthorizationRuleAssignment)

    Determines whether the specified domain object is equal to the current object.

    Declaration
    public bool Equals(AuthorizationRuleAssignment other)
    Parameters
    Type Name Description
    AuthorizationRuleAssignment other

    The object to compare with the current object.

    Returns
    Type Description
    Boolean

    True, if objects are equal. False, if objects are not equal.

    Equals(Object)

    Determines whether the specified domain object is equal to the current object.

    Declaration
    public override bool Equals(object obj)
    Parameters
    Type Name Description
    Object obj

    The object to compare with the current object.

    Returns
    Type Description
    Boolean

    True, if objects are equal. False, if objects are not equal.

    Overrides
    DomainObjectBase.Equals(Object)

    GetHashCode()

    Returns the hash code for this instance.

    Declaration
    public override int GetHashCode()
    Returns
    Type Description
    Int32

    Hash code of the current instance.

    Overrides
    DomainObjectBase.GetHashCode()

    ToString()

    Returns string representation of the object.

    Declaration
    public override string ToString()
    Returns
    Type Description
    String

    String representation of the object.

    Overrides
    DomainObjectBase.ToString()

    Validate()

    Evaluates the state of this object.

    Declaration
    public override bool Validate()
    Returns
    Type Description
    Boolean

    True if state is valid; otherwise, false.

    Overrides
    DomainObjectBase.Validate()

    Implements

    IValidator
    System.Runtime.Serialization.IExtensibleDataObject
    System.IEquatable<T>
    Back to top Nevatech Sentinet 6.5 Online Documentation