/// <summary>
/// Loads the anonymous user session data.
/// </summary>
public static void LoadAnonymousSessionData()
{
ForumRoleForumActionRightCollection forumActionRights = SecurityGuiHelper.GetForumsActionRightsForUser(0); // 0 is the the Anonymous userID.
// add user forums rights to the session object
AddForumsActionRights(forumActionRights);
}
/// <summary>
/// Retrieves an entitycollection with all the forum-actionright-role combinations currently defined for the role specified for the given forum
/// </summary>
/// <param name="roleID">The role which forum action rights should be retrieved.</param>
/// <param name="forumID">The forum ID.</param>
/// <returns>filled entity collection
/// </returns>
public static ForumRoleForumActionRightCollection GetForumActionRightRolesFoForumRole(int roleID, int forumID)
{
ForumRoleForumActionRightCollection toReturn = new ForumRoleForumActionRightCollection();
toReturn.GetMulti((ForumRoleForumActionRightFields.RoleID == roleID).And(ForumRoleForumActionRightFields.ForumID == forumID));
return(toReturn);
}
/// <summary>
/// Loads the user and his rights and audits to the session object.
/// </summary>
/// <param name="user">The user to be added to the session.</param>
public static void LoadUserSessionData(UserEntity user)
{
// Adds the user object to session
AddUserObject(user);
ActionRightCollection systemActionRights = SecurityGuiHelper.GetSystemActionRightsForUser(user.UserID);
// add user system rights to the session object
AddSystemActionRights(systemActionRights);
AuditActionCollection auditActions = SecurityGuiHelper.GetAuditActionsForUser(user.UserID);
// add user audit actions to the session object
AddAuditActions(auditActions);
ForumRoleForumActionRightCollection forumActionRights = SecurityGuiHelper.GetForumsActionRightsForUser(user.UserID);
// add user forums rights to the session object
AddForumsActionRights(forumActionRights);
// set the last visit date.
if ((user.UserID > 0) && (user.LastVisitedDate.HasValue))
{
SessionAdapter.AddLastVisitDate(user.LastVisitedDate.Value, true);
}
else
{
SessionAdapter.AddLastVisitDate(DateTime.Now, true);
}
}
/// <summary>
/// Adds the forums action rights collection to the session.
/// If the object already exists, it is overwritten with the new value.
/// The user can be in various Roles. Each role has 0 or more actionrights assigned to it for each forum. An action right which can be applied to
/// a forum can be for example 'access forum'. These relations are stored in TF_ForumRoleForumActionRight. The user's session object
/// keeps a list of forum - actionrights tuples so the system can quickly check if the user has a given action right assigned to it for a given forum.
/// It does that by storing for each actionrightID a list of forumIDs the user has that actionrightID applied to it.
/// To check if a user then for example has the access forum right for a given forum is easy: if the
/// user has the access forum right assigned to it via a role, is the forum in the list of forums? if not, the user doesn't have the right for the
/// forum, otherwise s/he has the right.
/// This routine reads forum - actionrights combinations and stores them in the dictionary
/// forumsActionRightsInSession, which is stored in the user's Session object under 'forumsActionRights'
/// which keeps per ActionRightID a list of ForumIDs.
/// Since in general the number of Action Rights will be less than the number of forums, we decided to group forum IDs per each action right.
/// An example: A "Power User" Role, has "Access Forum" Action right for the followoing Forums: 1,3,4 and 8, then in the collection of the
/// action right 'Access forum', the ForumIDs 1, 3, 4, and 8 are placed.
/// </summary>
/// <param name="forumsActionRights">The action rights.</param>
private static void AddForumsActionRights(ForumRoleForumActionRightCollection forumsActionRights)
{
// create a dictionary that will be stored in the session
Dictionary <int, List <int> > forumsActionRightsInSession = new Dictionary <int, List <int> >();
// For each forumActionRight returned from the database, which contains a forum-actionright combination, we store it in the structure
// for forum-actionrights, if it's not already present. We only store ActionRightIDs and ForumIDs, as the forum code uses these ids to check if a user
// has a given action right for a given forum, which are also numbers, and storing entities wouldn't make much sense in this case, as it would only
// increase memory usage.
foreach (ForumRoleForumActionRightEntity forumActionRight in forumsActionRights)
{
List <int> forumIDs;
// check if the dictionary already contains a KeyValuePair with the specified ActionRightID key
if (!forumsActionRightsInSession.TryGetValue(forumActionRight.ActionRightID, out forumIDs))
{
// if not then add a a KeyValuePair to the dictionary with the specified ActionRightID key
forumIDs = new List <int>();
forumsActionRightsInSession.Add(forumActionRight.ActionRightID, forumIDs);
}
// Check if the List of forum IDs associated with the specified Action Right ID already contains the forumID
if (!forumIDs.Contains(forumActionRight.ForumID))
{
// the list does not contain the forumID -> Add the forumID to the List of forum IDs.
forumIDs.Add(forumActionRight.ForumID);
}
}
//Adds a new item to the session-state collection.
//If the name parameter refers to an existing session state item, the existing item is overwritten with the specified value.
HttpContext.Current.Session.Add("forumsActionRights", forumsActionRightsInSession);
}
/// <summary>
/// Reads all actionrights for the current selected forum and shows these settings in the form
/// </summary>
private void ReflectCurrentActionRights()
{
ForumRoleForumActionRightCollection actionRights = SecurityGuiHelper.GetForumActionRightRolesFoForumRole(_roleID, _forumID);
foreach (ForumRoleForumActionRightEntity currentEntity in actionRights)
{
cblForumRights.Items.FindByValue(currentEntity.ActionRightID.ToString()).Selected = true;
}
}
/// <summary>
/// Deletes the given role from the system.
/// </summary>
/// <param name="roleID">ID of role to delete</param>
/// <returns>true if succeeded, false otherwise</returns>
public static bool DeleteRole(int roleID)
{
RoleEntity toDelete = SecurityGuiHelper.GetRole(roleID);
if (toDelete == null)
{
// not found
return(false);
}
Transaction trans = new Transaction(IsolationLevel.ReadCommitted, "DeleteRole");
try
{
// remove the role - forum - action right entities
ForumRoleForumActionRightCollection forumRoleActionRights = new ForumRoleForumActionRightCollection();
trans.Add(forumRoleActionRights);
forumRoleActionRights.DeleteMulti(ForumRoleForumActionRightFields.RoleID == roleID);
// Remove role-audit action entities
RoleAuditActionCollection roleAuditActions = new RoleAuditActionCollection();
trans.Add(roleAuditActions);
roleAuditActions.DeleteMulti(RoleAuditActionFields.RoleID == roleID);
// remove Role - systemright entities
RoleSystemActionRightCollection roleSystemRights = new RoleSystemActionRightCollection();
trans.Add(roleSystemRights);
roleSystemRights.DeleteMulti(RoleSystemActionRightFields.RoleID == roleID);
// remove Role - user entities
RoleUserCollection roleUsers = new RoleUserCollection();
trans.Add(roleUsers);
roleUsers.DeleteMulti(RoleUserFields.RoleID == roleID);
// delete the actual role
trans.Add(toDelete);
toDelete.Delete();
trans.Commit();
return(true);
}
catch
{
// error occured, rollback
trans.Rollback();
throw;
}
finally
{
trans.Dispose();
}
}
/// <summary>
/// Gets the Forum action rights for user.
/// </summary>
/// <param name="userID">The user ID.</param>
/// <returns>fetched collection</returns>
public static ForumRoleForumActionRightCollection GetForumsActionRightsForUser(int userID)
{
ForumRoleForumActionRightCollection forumRoleActionRights = new ForumRoleForumActionRightCollection();
// the subquery in the filter requires joins as the filter's subquery has to filter on fields in related entities:
// WHERE RoleID IN (SELECT RoleID FROM Role INNER JOIN RoleUser ... WHERE RoleUser.UserID=userID)
RelationCollection relations = new RelationCollection();
relations.Add(RoleEntity.Relations.RoleUserEntityUsingRoleID);
PredicateExpression filter = new PredicateExpression();
filter.Add(new FieldCompareSetPredicate(ForumRoleForumActionRightFields.RoleID,
RoleFields.RoleID, SetOperator.In, (RoleUserFields.UserID == userID), relations));
forumRoleActionRights.GetMulti(filter);
return(forumRoleActionRights);
}
/// <summary>
/// Saves the given set of actionrights as the set of forum action rights for the given forum / role combination.
/// It first removes all current action rights for that combination.
/// </summary>
/// <param name="actionRightIDs">List of actionrights to set of this role</param>
/// <param name="roleID">Role to use</param>
/// <param name="forumID">Forum to use</param>
/// <returns>true if succeeded, false otherwise</returns>
public static bool SaveForumActionRightsForForumRole(List <int> actionRightIDs, int roleID, int forumID)
{
ForumRoleForumActionRightCollection forumRightsPerRole = new ForumRoleForumActionRightCollection();
Transaction trans = new Transaction(IsolationLevel.ReadCommitted, "SaveForumActionRights");
// add this collection to the transaction so all actions executed through this collection will be inside the transaction
trans.Add(forumRightsPerRole);
try
{
// first remove the existing rows for the role
forumRightsPerRole.DeleteMulti((ForumRoleForumActionRightFields.RoleID == roleID).And(ForumRoleForumActionRightFields.ForumID == forumID));
// THEN add new ones
foreach (int actionRightID in actionRightIDs)
{
ForumRoleForumActionRightEntity newForumRightPerRole = new ForumRoleForumActionRightEntity();
newForumRightPerRole.ActionRightID = actionRightID;
newForumRightPerRole.ForumID = forumID;
newForumRightPerRole.RoleID = roleID;
forumRightsPerRole.Add(newForumRightPerRole);
}
// save the new entities
forumRightsPerRole.SaveMulti();
// all done, commit transaction
trans.Commit();
return(true);
}
catch
{
// failed, rollback transaction
trans.Rollback();
throw;
}
finally
{
trans.Dispose();
}
}
/// <summary>
/// Deletes the given forum from the system, including <b>all</b> threads in this forum and messages in those threads.
/// </summary>
/// <param name="forumID">Forum ID.</param>
/// <returns>True if succeeded, false otherwise</returns>
public static bool DeleteForum(int forumID)
{
// first all threads in this forum have to be removed, then this forum should be removed. Do this in one transaction.
Transaction trans = new Transaction(IsolationLevel.ReadCommitted, "DeleteForum");
try
{
PredicateExpression forumFilter = new PredicateExpression();
forumFilter.Add((ForumFields.ForumID == forumID));
// remove all threads in this forum
ThreadManager.DeleteAllThreadsInForum(forumID, trans);
// remove all ForumRoleForumActionRight entities for this forum
ForumRoleForumActionRightCollection forumRoleActionRights = new ForumRoleForumActionRightCollection();
trans.Add(forumRoleActionRights);
forumRoleActionRights.DeleteMulti(ForumRoleForumActionRightFields.ForumID == forumID);
// remove the forum entity. do this by executing a direct delete statement on the database
ForumCollection forums = new ForumCollection();
trans.Add(forums);
forums.DeleteMulti(forumFilter);
trans.Commit();
return(true);
}
catch
{
// exception occured, rollback
trans.Rollback();
throw;
}
finally
{
trans.Dispose();
}
}
/// <summary>
/// Deletes the given forum from the system, including <b>all</b> threads in this forum and messages in those threads.
/// </summary>
/// <param name="forumID">Forum ID.</param>
/// <returns>True if succeeded, false otherwise</returns>
public static bool DeleteForum(int forumID)
{
// first all threads in this forum have to be removed, then this forum should be removed. Do this in one transaction.
Transaction trans = new Transaction(IsolationLevel.ReadCommitted, "DeleteForum");
try
{
PredicateExpression forumFilter = new PredicateExpression();
forumFilter.Add((ForumFields.ForumID == forumID));
// remove all threads in this forum
ThreadManager.DeleteAllThreadsInForum(forumID, trans);
// remove all ForumRoleForumActionRight entities for this forum
ForumRoleForumActionRightCollection forumRoleActionRights = new ForumRoleForumActionRightCollection();
trans.Add(forumRoleActionRights);
forumRoleActionRights.DeleteMulti(ForumRoleForumActionRightFields.ForumID == forumID);
// remove the forum entity. do this by executing a direct delete statement on the database
ForumCollection forums = new ForumCollection();
trans.Add(forums);
forums.DeleteMulti(forumFilter);
trans.Commit();
return true;
}
catch
{
// exception occured, rollback
trans.Rollback();
throw;
}
finally
{
trans.Dispose();
}
}
/// <summary>
/// Saves the given set of actionrights as the set of forum action rights for the given forum / role combination.
/// It first removes all current action rights for that combination.
/// </summary>
/// <param name="actionRightIDs">List of actionrights to set of this role</param>
/// <param name="roleID">Role to use</param>
/// <param name="forumID">Forum to use</param>
/// <returns>true if succeeded, false otherwise</returns>
public static bool SaveForumActionRightsForForumRole(List<int> actionRightIDs, int roleID, int forumID)
{
ForumRoleForumActionRightCollection forumRightsPerRole = new ForumRoleForumActionRightCollection();
Transaction trans = new Transaction(IsolationLevel.ReadCommitted, "SaveForumActionRights");
// add this collection to the transaction so all actions executed through this collection will be inside the transaction
trans.Add(forumRightsPerRole);
try
{
// first remove the existing rows for the role
forumRightsPerRole.DeleteMulti((ForumRoleForumActionRightFields.RoleID == roleID).And(ForumRoleForumActionRightFields.ForumID == forumID));
// THEN add new ones
foreach(int actionRightID in actionRightIDs)
{
ForumRoleForumActionRightEntity newForumRightPerRole = new ForumRoleForumActionRightEntity();
newForumRightPerRole.ActionRightID = actionRightID;
newForumRightPerRole.ForumID = forumID;
newForumRightPerRole.RoleID = roleID;
forumRightsPerRole.Add(newForumRightPerRole);
}
// save the new entities
forumRightsPerRole.SaveMulti();
// all done, commit transaction
trans.Commit();
return true;
}
catch
{
// failed, rollback transaction
trans.Rollback();
throw;
}
finally
{
trans.Dispose();
}
}
/// <summary>
/// Deletes the given role from the system.
/// </summary>
/// <param name="roleID">ID of role to delete</param>
/// <returns>true if succeeded, false otherwise</returns>
public static bool DeleteRole(int roleID)
{
RoleEntity toDelete = SecurityGuiHelper.GetRole(roleID);
if(toDelete == null)
{
// not found
return false;
}
Transaction trans = new Transaction(IsolationLevel.ReadCommitted, "DeleteRole");
try
{
// remove the role - forum - action right entities
ForumRoleForumActionRightCollection forumRoleActionRights = new ForumRoleForumActionRightCollection();
trans.Add(forumRoleActionRights);
forumRoleActionRights.DeleteMulti(ForumRoleForumActionRightFields.RoleID == roleID);
// Remove role-audit action entities
RoleAuditActionCollection roleAuditActions = new RoleAuditActionCollection();
trans.Add(roleAuditActions);
roleAuditActions.DeleteMulti(RoleAuditActionFields.RoleID == roleID);
// remove Role - systemright entities
RoleSystemActionRightCollection roleSystemRights = new RoleSystemActionRightCollection();
trans.Add(roleSystemRights);
roleSystemRights.DeleteMulti(RoleSystemActionRightFields.RoleID == roleID);
// remove Role - user entities
RoleUserCollection roleUsers = new RoleUserCollection();
trans.Add(roleUsers);
roleUsers.DeleteMulti(RoleUserFields.RoleID == roleID);
// delete the actual role
trans.Add(toDelete);
toDelete.Delete();
trans.Commit();
return true;
}
catch
{
// error occured, rollback
trans.Rollback();
throw;
}
finally
{
trans.Dispose();
}
}
