protected void lnkBreakWithClear_Click(Object sender, EventArgs e)
{
// Check permission
CheckModifyPermission(true);
// Break permission inheritance and clear permissions
AclInfoProvider.BreakInherintance(Node, false);
// Log staging task and flush cache
DocumentSynchronizationHelper.LogDocumentChange(Node, TaskTypeEnum.BreakACLInheritance, Node.TreeProvider, SynchronizationInfoProvider.ENABLED_SERVERS, null, Node.TreeProvider.AllowAsyncActions);
CacheHelper.TouchKeys(TreeProvider.GetDependencyCacheKeys(Node, Node.NodeSiteName));
// Insert information about this event to event log.
if (DocumentManager.Tree.LogEvents)
{
EventLogProvider.LogEvent(EventType.INFORMATION, "Content", "DOCPERMISSIONSMODIFIED", ResHelper.GetAPIString("security.documentpermissionsbreakclear", "Inheritance of the parent document permissions have been broken."), eventUrl, currentUser.UserID, currentUser.UserName, Node.NodeID, DocumentName, ipAddress, Node.NodeSiteID);
}
lblInheritanceInfo.Text = GetString("Security.InheritsInfo.DoesNotInherit");
SwitchBackToPermissionsMode();
// Clear and reload
securityElem.InvalidateAcls();
securityElem.LoadOperators(true);
}
protected void lnkBreakWithCopy_Click(Object sender, EventArgs e)
{
// Check permission
CheckModifyPermission(true);
// Break permission inheritance and copy parent permissions
AclInfoProvider.BreakInherintance(Node, true);
// Log staging task
TaskParameters taskParam = new TaskParameters();
taskParam.SetParameter("copyPermissions", true);
DocumentSynchronizationHelper.LogDocumentChange(Node, TaskTypeEnum.BreakACLInheritance, Node.TreeProvider, SynchronizationInfoProvider.ENABLED_SERVERS, taskParam, Node.TreeProvider.AllowAsyncActions);
// Insert information about this event to event log.
if (DocumentManager.Tree.LogEvents)
{
EventLogProvider.LogEvent(EventType.INFORMATION, "Content", "DOCPERMISSIONSMODIFIED", ResHelper.GetAPIString("security.documentpermissionsbreakcopy", "Inheritance of the parent page permissions have been broken. Parent page permissions have been copied."), eventUrl, DocumentManager.Tree.UserInfo.UserID, DocumentManager.Tree.UserInfo.UserName, Node.NodeID, DocumentName, ipAddress, Node.NodeSiteID);
}
lblInheritanceInfo.Text = GetString("Security.InheritsInfo.DoesNotInherit");
SwitchBackToPermissionsMode();
// Clear and reload
securityElem.InvalidateAcls();
securityElem.LoadOperators(true);
}
/// <summary>
/// Changes permission inheritance for documents filtered by permission 'Modify permissions'
/// </summary>
private bool FilterDataSet()
{
// Create an instance of the Tree provider
TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser);
// Set the parameters for getting documents
string siteName = SiteContext.CurrentSiteName;
string aliasPath = "/%";
string culture = SettingsKeyInfoProvider.GetStringValue(SiteContext.CurrentSiteName + ".CMSDefaultCultureCode");
bool combineWithDefaultCulture = true;
// Get data set with documents
DataSet documents = tree.SelectNodes(siteName, aliasPath, culture, combineWithDefaultCulture);
// Get the user
UserInfo user = UserInfoProvider.GetUserInfo("Andy");
if (user != null)
{
// Filter the data set by the user permissions
TreeSecurityProvider.FilterDataSetByPermissions(documents, NodePermissionsEnum.ModifyPermissions, user);
if (!DataHelper.DataSourceIsEmpty(documents))
{
// Loop through filtered documents
foreach (DataRow documentRow in documents.Tables[0].Rows)
{
// Create a new Tree node from the data row
TreeNode node = TreeNode.New("CMS.MenuItem", documentRow, tree);
// Break permission inheritance (with copying parent permissions)
AclInfoProvider.BreakInherintance(node, true);
}
// Data set filtered successfully - permission inheritance broken for filtered items
apiFilterDataSet.InfoMessage = "Data set with all pages filtered successfully by permission 'Modify permissions' for user 'Andy'. Permission inheritance broken for filtered items.";
}
else
{
// Data set filtered successfully - no items left in data set
apiFilterDataSet.InfoMessage = "Data set with all pages filtered successfully by permission 'Modify permissions' for user 'Andy'. No items left in data set.";
}
return(true);
}
return(false);
}
/// <summary>
/// Expects the "CreateDocumentStructure" method to be run first.
/// </summary>
private bool BreakPermissionInheritance()
{
// Create an instance of the Tree provider
TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser);
// Get default culture code
string culture = SettingsKeyInfoProvider.GetStringValue(SiteContext.CurrentSiteName + ".CMSDefaultCultureCode");
// Get the API Example document
TreeNode node = tree.SelectSingleNode(SiteContext.CurrentSiteName, "/API-Example/API-Example-subpage", culture);
if (node != null)
{
// Break permission inheritance (without copying parent permissions)
bool copyParentPermissions = false;
AclInfoProvider.BreakInherintance(node, copyParentPermissions);
return(true);
}
return(false);
}
/// <summary>
/// After node created, solver role permissions.
/// </summary>
private void AddRoles(object sender, EventArgs e)
{
string roleIds = ";" + usRoles.Value + ";";
// Check if ACL should inherit from parent
if (InheritParentPermissions)
{
AclInfoProvider.EnsureOwnAcl(EditedNode);
}
else
{
// If node has already own ACL don't leave permissions, otherwise break inheritance
if (!AclInfoProvider.HasOwnAcl(EditedNode))
{
AclInfoProvider.BreakInherintance(EditedNode, false);
}
}
int aclId = ValidationHelper.GetInteger(EditedNode.GetValue("NodeACLID"), 0);
// Get original ACLItems
DataSet ds = AclItemInfoProvider.GetAclItems(EditedNode.NodeID, "Operator LIKE N'R%' AND ACLID = " + aclId, null, 0, "Operator, Allowed, Denied");
// Change original values
if (!DataHelper.DataSourceIsEmpty(ds))
{
foreach (DataRow dr in ds.Tables[0].Rows)
{
string op = DataHelper.GetNotEmpty(dr["Operator"], "R");
int allowed = ValidationHelper.GetInteger(dr["Allowed"], 0);
int denied = ValidationHelper.GetInteger(dr["Denied"], 0);
int aclRoleId = ValidationHelper.GetInteger(op.Substring(1), 0);
if (aclRoleId != 0)
{
// Check if read permission should be set or removed
if (roleIds.Contains(";" + aclRoleId + ";"))
{
// Remove role from processed role and adjust permissions in database
roleIds = roleIds.Replace(";" + aclRoleId + ";", ";");
allowed |= 1;
}
else
{
allowed &= 126;
}
RoleInfo ri = RoleInfoProvider.GetRoleInfo(aclRoleId);
AclItemInfoProvider.SetRolePermissions(EditedNode, allowed, denied, ri);
}
}
}
// Create ACL items for new roles
if (roleIds.Trim(';') != "")
{
// Process rest of the roles
string[] roles = roleIds.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries);
foreach (string role in roles)
{
RoleInfo ri = RoleInfoProvider.GetRoleInfo(int.Parse(role));
AclItemInfoProvider.SetRolePermissions(EditedNode, 1, 0, ri);
}
}
}