Skip to content

Instantly share code, notes, and snippets.

@bitbonk
Created May 8, 2015 20:16
Show Gist options
  • Save bitbonk/42fa3e2970f6555710b0 to your computer and use it in GitHub Desktop.
Save bitbonk/42fa3e2970f6555710b0 to your computer and use it in GitHub Desktop.
ACL (Access Control List) in DDD (with CQS)
namespace UserManagement.Model
{
namespace Query
{
using System;
using System.Collections.Generic;
public class User
{
/// <summary>
/// Gets the permissions the user has for objects.
/// </summary>
public IEnumerable<Tuple<Object, Permission>> Associations { get; private set; }
public IEnumerable<Group> Groups { get; private set; }
public string Name { get; set; }
}
public class Permission
{
/// <summary>
/// Gets the users that this permission has for objects.
/// </summary>
public IEnumerable<Tuple<Object, User>> Associations { get; private set; }
public string Name { get; set; }
}
public class Group
{
public string Name { get; set; }
/// <summary>
/// Gets the users that belong to this group.
/// </summary>
public IEnumerable<User> Users { get; private set; }
}
public class Object
{
/// <summary>
/// Gets the permission that users have for this objects.
/// </summary>
public IEnumerable<Tuple<Permission, User>> Associations { get; private set; }
public string Name { get; set; }
}
public interface IRepository
{
Group GetGroup(string groupName);
Object GetObject(string objectName);
Permission GetPermission(string permissionName);
User GetUser(string userName);
}
}
namespace Command
{
using System.Collections.Generic;
public interface IRepository
{
void AddGroup(string groupName, IDictionary<string, object> metadata = null);
void AddObject(string objectName, IDictionary<string, object> metadata = null);
void AddPermission(string permissionName, IDictionary<string, object> metadata = null);
void AddUser(string userName, IDictionary<string, object> metadata = null);
void RemoveGroup(string groupName);
void RemoveObject(string objectName);
void RemovePermission(string permissionName);
void RemoveUser(string userName);
}
public interface IAssociator
{
void AddUserToGroup(string userName, string groupName);
void AssociatePermissionWidthGroup(string permissionName, string objectName, string groupName);
void AssociatePermissionWithUser(string permissionName, string objectName, string userName);
void DeassociatePermissionFromGroup(string permissionName, string objectName, string groupName);
void DeassociatePermissionFromUser(string permissionName, string objectName, string userName);
void RemoveUserFromGroup(string userName, string groupName);
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment