internal static string GetValue(FolderPermission perm, bool singleLine)
{
StringBuilder sb = new StringBuilder();
if (perm.UserId.StandardUser.HasValue)
{
sb.AppendLine(string.Format(System.Globalization.CultureInfo.CurrentCulture, "UserId: {0}", perm.UserId.StandardUser.Value.ToString()));
}
else
{
sb.AppendLine(string.Format(System.Globalization.CultureInfo.CurrentCulture, "UserId: {0}, {1}, {2}", perm.UserId.DisplayName, perm.UserId.PrimarySmtpAddress, perm.UserId.SID));
}
sb.AppendLine(string.Format(System.Globalization.CultureInfo.CurrentCulture, "Display Permission Level: {0}", perm.DisplayPermissionLevel.ToString()));
sb.AppendLine(string.Format(System.Globalization.CultureInfo.CurrentCulture, "Permission Level: {0}", perm.PermissionLevel.ToString()));
sb.AppendLine(string.Format(System.Globalization.CultureInfo.CurrentCulture, "CanCreateItems: {0}", perm.CanCreateItems.ToString()));
sb.AppendLine(string.Format(System.Globalization.CultureInfo.CurrentCulture, "CanCreateSubFolders: {0}", perm.CanCreateSubFolders.ToString()));
sb.AppendLine(string.Format(System.Globalization.CultureInfo.CurrentCulture, "DeleteItems: {0}", perm.DeleteItems.ToString()));
sb.AppendLine(string.Format(System.Globalization.CultureInfo.CurrentCulture, "EditItems: {0}", perm.EditItems.ToString()));
sb.AppendLine(string.Format(System.Globalization.CultureInfo.CurrentCulture, "IsFolderContact: {0}", perm.IsFolderContact.ToString()));
sb.AppendLine(string.Format(System.Globalization.CultureInfo.CurrentCulture, "IsFolderOwner: {0}", perm.IsFolderOwner.ToString()));
sb.AppendLine(string.Format(System.Globalization.CultureInfo.CurrentCulture, "IsFolderVisible: {0}", perm.IsFolderVisible.ToString()));
sb.AppendLine(string.Format(System.Globalization.CultureInfo.CurrentCulture, "ReadItems: {0}", perm.ReadItems.ToString()));
if (singleLine)
{
return(sb.ToString().Replace("\n", " "));
}
return(sb.ToString());
}
/// <summary>
/// Commit the changes made to the Permissions
/// collection.
/// </summary>
private void btnOK_Click(object sender, EventArgs e)
{
try
{
this.Cursor = Cursors.WaitCursor;
// Clear the current set of permissions
this.CurrentFolder.Permissions.Clear();
// Add the updated set of permissions
foreach (ListViewItem item in lstUsers.Items)
{
FolderPermission newPermission = item.Tag as FolderPermission;
this.CurrentFolder.Permissions.Add(newPermission);
}
// Commit changes.
this.CurrentFolder.Service.ClientRequestId = Guid.NewGuid().ToString(); // Set a new GUID.
this.CurrentFolder.Update();
}
finally
{
this.Cursor = Cursors.Default;
}
}
// protected void PutObjectInIndex( IIndex index, IEnumerable<Data.Dto.Standard.Object> newObject )
// {
// foreach( var o in newObject )
// {
// foreach (var ancestorFolder in o.Folders.Where(item => item.ObjectFolderTypeID == 1).SelectMany(folder => PermissionManager.GetFolders(folder.FolderID).GetAncestorFolders()))
// {
// o.FolderTree.Add(ancestorFolder.ID);
// }
//
// if (o.ObjectRealtions.Any())
// o.RelatedObjects = McmRepository.GetObject(o.Guid, null).ToList();
// }
//
// index.Create( newObject.Select(item => item as Data.Dto.Standard.Object), false );
// }
// protected void RemoveObjectFromIndex( IIndex index, Data.Dto.Standard.Object delObject )
// {
// index.Remove( delObject, false );
// }
public bool HasPermissionToObject(Guid objectGuid, FolderPermission permissions)
{
var userGuid = Request.User.Guid;
var groupGuids = Request.Groups.Select(item => item.Guid);
return PermissionManager.HasPermissionToObject(objectGuid, userGuid, groupGuids, permissions);
}
/// <summary>
/// Determine if two FolderPermissions objects are equal
/// </summary>
/// <param name="perm1">First FolderPermission to compare</param>
/// <param name="perm2">Second FolderPermission to compare</param>
/// <returns>Returns true if objects are equal</returns>
public static bool IsEqual(FolderPermission perm1, FolderPermission perm2)
{
// If any one of these properties are not equal then the permissions
// are not equal...
if (perm1.CanCreateItems != perm2.CanCreateItems)
{
return(false);
}
if (perm1.CanCreateSubFolders != perm2.CanCreateSubFolders)
{
return(false);
}
if (perm1.DeleteItems != perm2.DeleteItems)
{
return(false);
}
if (perm1.DisplayPermissionLevel != perm2.DisplayPermissionLevel)
{
return(false);
}
if (perm1.EditItems != perm2.EditItems)
{
return(false);
}
if (perm1.IsFolderContact != perm2.IsFolderContact)
{
return(false);
}
if (perm1.IsFolderOwner != perm2.IsFolderOwner)
{
return(false);
}
if (perm1.IsFolderVisible != perm2.IsFolderVisible)
{
return(false);
}
if (perm1.PermissionLevel != perm2.PermissionLevel)
{
return(false);
}
if (perm1.ReadItems != perm2.ReadItems)
{
return(false);
}
return(true);
}
static void Main(string[] args)
{
// Create a delegate user with folder permissions.
UserId delegateUser = new UserId("*****@*****.**");
FolderPermission permission = new FolderPermission(delegateUser, FolderPermissionLevel.Editor);
// Create a new folder and add a delegate user with permission to edit.
CreateFolder(service, "Custom Folder", WellKnownFolderName.Inbox, permission);
Console.WriteLine("\r\n");
Console.WriteLine("Press or select Enter...");
Console.Read();
}
/// <summary>
/// Show the ResolveNameDialog to get a Mailbox
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void btnAdd_Click(object sender, EventArgs e)
{
NameResolution name = null;
// Show the ResolveNamesDialog to pick a user
if (ResolveNameDialog.ShowDialog(this.CurrentService, out name) == DialogResult.OK)
{
// Create a FolderPermission and add it to the ListView
UserId user = new UserId();
user.DisplayName = name.Mailbox.Name;
user.PrimarySmtpAddress = name.Mailbox.Address;
FolderPermission permission = new FolderPermission(user, FolderPermissionLevel.None);
AddFolderPermissionToList(permission);
}
}
public List <FolderPermission> GetFolderPermissions()
{
//Create a list of folder permissions
var permissions = new List <FolderPermission>();
//Root folder path
string rootFolderPath = HttpContext.Current.Server.MapPath("~/");
//Get the root folder
var rootFolder = new DirectoryInfo(rootFolderPath);
//Loop over folders
foreach (var folder in rootFolder.GetDirectories())
{
var permissionToAdd = new FolderPermission();
permissionToAdd.FolderName = folder.Name;
var rules = new List <FolderPermissionItem>();
//Loop over rules
//Taken from - http://forums.asp.net/t/1625708.aspx?Folder+rights+on+network
foreach (FileSystemAccessRule rule in folder.GetAccessControl().GetAccessRules(true, true, typeof(NTAccount)))
{
var permissionItemToAdd = new FolderPermissionItem();
permissionItemToAdd.Type = rule.FileSystemRights.ToString();
permissionItemToAdd.User = rule.IdentityReference.Value;
permissionItemToAdd.Access = rule.AccessControlType == AccessControlType.Allow ? "grants" : "denies";
//Add items to the rule
rules.Add(permissionItemToAdd);
}
//Set the permissions on object to the rules list
permissionToAdd.Permissions = rules;
//Add it to the list
permissions.Add(permissionToAdd);
}
//Return the list
return(permissions);
}
/// <summary>
/// Add the given permission to the ListView
/// </summary>
private void AddFolderPermissionToList(FolderPermission permission)
{
ListViewItem item = new ListViewItem();
// Store the actul FolderPermission object for later use
item.Tag = permission;
// Standard users like Default and Anonymous don't
// have a UserId.DisplayName, use UserId.StandardUser
// instead.
if (permission.UserId.DisplayName != null)
{
item.Text = permission.UserId.DisplayName;
}
else
{
item.Text = permission.UserId.StandardUser.ToString();
}
item.SubItems.Add(permission.PermissionLevel.ToString());
lstUsers.Items.Add(item);
}
public override BaseActionType[] GetActions(AbstractUserContext userContext, EntityActionType[] types)
{
Account userAccount = userContext.GetAccount();
FolderPermission permission = FolderService.Instance.GetAccountEffectivePermission(
new SystemUserContext(), this.EntityFolderID, userAccount.AccountID);
bool canAdministrate = FolderPermission.CanAdministrate == (FolderPermission.CanAdministrate & permission) ||
userAccount.GetUserRights <PortalAdministratorModuleRight>() != null ||
userAccount.IsAdministrator();
if (canAdministrate)
{
return new BaseActionType[]
{
new EditEntityAction(GetType(), "Edit", null),
}
}
;
return(new BaseActionType[0]);
}
}
private static IEnumerable<IFolder> GetTopFolders(IEnumerable<IFolder> folders, FolderPermission permission, Guid userGuid, IEnumerable<Guid> groupGuids)
{
foreach (var folder in folders)
{
if ( folder.DoesUserOrGroupHavePermission(userGuid, groupGuids, permission) )
yield return folder;
else
foreach (var subFolder in GetTopFolders(folder.GetSubFolders(), permission, userGuid, groupGuids))
yield return subFolder;
}
}
public static FolderPermission Or(this FolderPermission permission, FolderPermission orWith)
{
permission = permission | orWith;
return permission;
}
static void CreateFolder(ExchangeService service, string DisplayName, WellKnownFolderName DestinationFolder, FolderPermission Permissions)
{
// Instantiate the Folder object.
Folder folder = new Folder(service);
// Specify the name of the new folder.
folder.DisplayName = DisplayName;
// Add delegate permissions.
folder.Permissions.Add(Permissions);
// Create the new folder in the specified destination folder.
folder.Save(DestinationFolder);
Console.WriteLine("Folder created:" + folder.DisplayName);
}
/// <summary>
/// Translate the state of the form's controls into
/// property values on the selected FolderPermission.
/// </summary>
private void FormStateToPermission()
{
// There shouldn't be more than one item selected
if (lstUsers.SelectedItems.Count != 1)
{
return;
}
FolderPermission selectedPermission = lstUsers.SelectedItems[0].Tag as FolderPermission;
selectedPermission.CanCreateItems = chkCreateItems.Checked;
selectedPermission.CanCreateSubFolders = chkCreateSubFolders.Checked;
if (rdoDeleteAll.Checked)
{
selectedPermission.DeleteItems = PermissionScope.All;
}
else if (rdoDeleteNone.Checked)
{
selectedPermission.DeleteItems = PermissionScope.None;
}
else if (rdoDeleteOwn.Checked)
{
selectedPermission.DeleteItems = PermissionScope.Owned;
}
if (chkEditAll.Checked)
{
selectedPermission.EditItems = PermissionScope.All;
}
else if (chkEditOwn.Checked && !chkEditAll.Checked)
{
selectedPermission.EditItems = PermissionScope.Owned;
}
else if (!chkEditAll.Checked && !chkEditOwn.Checked)
{
selectedPermission.EditItems = PermissionScope.None;
}
selectedPermission.IsFolderContact = chkContact.Checked;
selectedPermission.IsFolderOwner = chkOwner.Checked;
selectedPermission.IsFolderVisible = chkVisible.Checked;
if (rdoReadFull.Checked)
{
selectedPermission.ReadItems = FolderPermissionReadAccess.FullDetails;
}
else if (rdoReadNone.Checked)
{
selectedPermission.ReadItems = FolderPermissionReadAccess.None;
}
else if (rdoTimeOnly.Checked)
{
selectedPermission.ReadItems = FolderPermissionReadAccess.TimeOnly;
}
else if (rdoTimeSubjectLocation.Checked)
{
selectedPermission.ReadItems = FolderPermissionReadAccess.TimeAndSubjectAndLocation;
}
// If the permission level was changed and is not custom, then it
// trumps any individual settings on the form.
FolderPermissionLevel permLevel = this.permissionLevelCombo.SelectedItem.Value;
if (LastPermLevel.Value != permLevel)
{
if (permLevel != FolderPermissionLevel.Custom)
{
selectedPermission.PermissionLevel = permLevel;
}
}
}
public string GetValue(object ownerInstance, PropertyInfo propInfo)
{
FolderPermission perm = propInfo.GetValue(ownerInstance, null) as FolderPermission;
return(GetValue(perm, false));
}
public bool HasPermissionToObject(Guid objectGuid, Guid userGuid, IEnumerable<Guid> groupGuids, FolderPermission permissions)
{
var folderGet = McmRepository.FolderGet(null, null, objectGuid: objectGuid);
var folders = folderGet.Select(item => GetFolders(item.ID));
return DoesUserOrGroupHavePermissionToFolders(userGuid, groupGuids, permissions, folders);
}
/// <summary>
/// Returns true if the user or groups have the requested permission to the folders
/// </summary>
/// <param name="userGuid"></param>
/// <param name="groupGuids"></param>
/// <param name="permission"></param>
/// <param name="folders"></param>
/// <returns></returns>
public bool DoesUserOrGroupHavePermissionToFolders(Guid userGuid, IEnumerable<Guid> groupGuids, FolderPermission permission, IEnumerable<IFolder> folders)
{
return folders.Any(f => f.DoesUserOrGroupHavePermission(userGuid, groupGuids, permission));
}
/// <summary>
/// Use the selected FolderPermission to update the
/// form's controls.
/// </summary>
private void PermissionToFormState()
{
try
{
// Since we're programmatically changing all these controls we
// want to disable events so we don't get a storm of event
// notifications
DisableFormEvents();
// There shouldn't be more than one item selected
if (lstUsers.SelectedItems.Count != 1)
{
return;
}
FolderPermission selectedPermission = lstUsers.SelectedItems[0].Tag as FolderPermission;
lstUsers.SelectedItems[0].SubItems[1].Text = selectedPermission.PermissionLevel.ToString();
this.permissionLevelCombo.SelectedItem = selectedPermission.PermissionLevel;
if (!LastPermLevel.HasValue)
{
LastPermLevel = selectedPermission.PermissionLevel;
}
switch (selectedPermission.ReadItems)
{
case FolderPermissionReadAccess.None:
rdoReadNone.Checked = true;
break;
case FolderPermissionReadAccess.FullDetails:
rdoReadFull.Checked = true;
break;
case FolderPermissionReadAccess.TimeAndSubjectAndLocation:
rdoTimeSubjectLocation.Checked = true;
break;
case FolderPermissionReadAccess.TimeOnly:
rdoTimeOnly.Checked = true;
break;
}
switch (selectedPermission.DeleteItems)
{
case PermissionScope.All:
rdoDeleteAll.Checked = true;
break;
case PermissionScope.None:
rdoDeleteNone.Checked = true;
break;
case PermissionScope.Owned:
rdoDeleteOwn.Checked = true;
break;
}
chkCreateItems.Checked = selectedPermission.CanCreateItems;
chkCreateSubFolders.Checked = selectedPermission.CanCreateSubFolders;
switch (selectedPermission.EditItems)
{
case PermissionScope.Owned:
chkEditOwn.Checked = true;
chkEditAll.Checked = false;
break;
case PermissionScope.All:
chkEditOwn.Checked = true;
chkEditAll.Checked = true;
break;
case PermissionScope.None:
chkEditAll.Checked = false;
chkEditOwn.Checked = false;
break;
}
chkOwner.Checked = selectedPermission.IsFolderOwner;
chkVisible.Checked = selectedPermission.IsFolderVisible;
chkContact.Checked = selectedPermission.IsFolderContact;
}
finally
{
// Always turn the events back on.
EnableFormEvents();
}
}
/// <summary>
///
/// </summary>
/// <param name="permission"></param>
/// <param name="userGuid"></param>
/// <param name="groupGuids"></param>
/// <returns></returns>
public IEnumerable<IFolder> GetFolders(FolderPermission permission, Guid userGuid, IEnumerable<Guid> groupGuids)
{
return GetTopFolders(_folders.Values.Where(folder => folder.ParentFolder == null), permission, userGuid, groupGuids);
}
