VOOZH about

URL: https://www.nuget.org/packages/aarbac.NET/

โ‡ฑ NuGet Gallery | aarbac.NET 1.0.11.2

๏ปฟ

๐Ÿ‘ Image
 aarbac.NET 1.0.11.2 

dotnet add package aarbac.NET --version 1.0.11.2
 
 
NuGet\Install-Package aarbac.NET -Version 1.0.11.2
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="aarbac.NET" Version="1.0.11.2" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="aarbac.NET" Version="1.0.11.2" />
 


 Directory.Packages.props
 

 

 
<PackageReference Include="aarbac.NET" />
 


 Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add aarbac.NET --version 1.0.11.2
The NuGet Team does not provide support for this client. Please contact its maintainers for support. 
#r "nuget: aarbac.NET, 1.0.11.2"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package aarbac.NET@1.0.11.2
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=aarbac.NET&version=1.0.11.2
 


 Install as a Cake Addin
 

 

 
#tool nuget:?package=aarbac.NET&version=1.0.11.2
 


 Install as a Cake Tool
The NuGet Team does not provide support for this client. Please contact its maintainers for support.

๐Ÿ‘ Aarbac logo

Background & Thoughts

Technology solution is vast these days, and there is always at least one solution for every technical problem. A typical application has following layers:

  1. Security Layer (Authentication & Authorization)
  2. User Interface Layer
  3. Business Logic Layer
  4. Data Access Layer
  5. And a RDBMS database

๐Ÿ‘ Without aarbac

Security layer generally just performs authentication & authorization, and to facilitate roles (permissions & entitlements), developers implement various HasPermission(), IsInGroup(), etc. type methods with many ifs elses & switches, various sql queries and inject code into these layers(2, 3 & 4). Basically to enure that users with appropriate rights are performing appropriate operations. Users should see what they should see on the screens, users able to do what they are allowed to do with data.

During initial few releases, everything looks good, but messed up soon when complex business scenarios, exceptions are introduced, more ifs, switches are introduced in those layers, code quality decreases and code volume increases and makes production support & enhancements difficult. Nightmare for new team members!

What is aarbac?

aarbac is An Automated Role Based Access Control .NET framework which can override all CRUD(Create, Read Update, Delete) operations automatically based on the logged in user role. It separates out permission related code into a complete new layer and let these layers (2, 3 & 4) do their regular job & not worried about the permission at all. Additionally it also maintains user entitlements. ๐Ÿ‘ aarbac

  1. Automated - Data Filter & Permissions are abstracted into a separate layer and all automated.
  2. Schema based - Data filters and permissions are based on your database schema.
  3. Clean Code - Clean code, less error, less testing, less maintenance.
  4. Encrypted - The role, entitlements & user parameters are encrypted and stored as binary in the aarbac database.
  5. Disable overriding for specific queries - As we do understand there will be few queries where aarbac may not able to produce automated result as desired, in those cases, just switch off aarbac.
  6. Comes with REST API, Utility, WinApp testbed, Sample Code.
  7. Pluggable.
  8. deployed</li>

1. Automated Data Filters & Permissions (Schema Based)

Apply row & column level permissions on your SELECT,INSERT,UPDATE & DELETE queries. For example, a read (or select) operation like the following โ€ฆ

select * from Author

automatically may get converted to...

SELECT Author.AuthorId, Author.Name, Author.ZipCodeId FROM Author 
inner join [ZipCode] [t9] on [t9].ZipCodeId = [Author].ZipCodeId 
inner join [City] [t10] on [t10].CityId = [t9].CityId WHERE t10.Name in ('New York','Charlotte')

...assuming user belongs to a role which allows him to see only 3 columns from author table and only allowed to see authors from New York and Charlotte cities.

And an update query like the following...

update Author set Name = 'Eyedia', SSN = '999-99-9999' where AuthorId = 9999

may hit exception like...

- User โ€˜abcโ€™ does have permission to update table โ€˜Authorโ€™ but does not have permission to update column โ€˜SSNโ€™

Sample Code

Select:
using (Rbac rbac = new Rbac("essie")) //<-- you should pass the logged in user name from the context
{
 using (RbacSqlQueryEngine engine = new RbacSqlQueryEngine(rbac, query))
 {
 engine.Execute(); //<-- automatically parse and transform query based on role
 if ((!engine.IsErrored) && (engine.Parser.IsParsed) 
 && (engine.Parser.QueryType == RbacQueryTypes.Select))
 return engine.Table; //<-- if it is select query, the table will be loaded
 }
}
Inserts, updates and deletes
using (Rbac rbac = new Rbac("essie")) //<-- you should pass the logged in user name from the context
{
 using (SqlQueryParser parser = new SqlQueryParser(rbac))
 {
 parser.Parse(query); //<-- this will throw exception if not permitted 
 //<-- if you are here, you are goood. Just perform basic insert/update/delete
 }
}

2. Entitlements (Menu/Sub-Menu & Screen/Screen-Elements)

Every rule in aarbac has screen entitlement, you can define entitlements for your applications in following 2 categories:

1. Menus - Menu and sub menues within (linked list nodes)
2. Screens - Screen and Screen Elements (linked list nodes)

And just set visible and enabled properties on those nodes.

When user logs in, i.e. authenticated and authorized based on your authentication mechanism(for example active directory of the organization), just map user with a specific aarbac role, & each role will have entitlement. App developers need to apply the entitlement xml into the menu and screen elements.

Prerequisites:

  1. Microsoft SQL Server.
  2. .NET 4.5.2+

Release Frequency

*Every EST Sunday night *

Product Versions Compatible and additional computed target framework versions.
.NET Framework net452 net452 is compatible.  net46 net46 was computed.  net461 net461 was computed.  net462 net462 was computed.  net463 net463 was computed.  net47 net47 was computed.  net471 net471 was computed.  net472 net472 was computed.  net48 net48 was computed.  net481 net481 was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.0.11.2 2,515 12/17/2017
1.0.11 1,728 12/10/2017
1.0.1 1,610 11/15/2017
1.0.0 1,641 11/15/2017

First Release