private void UpdateExistingRole(string roleName) { IGalleryServerRole role = Factory.LoadGalleryServerRole(roleName); if (role == null) { throw new GalleryServerPro.ErrorHandler.CustomExceptions.InvalidGalleryServerRoleException(); } role.AllowAddChildAlbum = chkAddAlbum.Checked; role.AllowAddMediaObject = chkAddMediaObject.Checked; role.AllowAdministerSite = chkAdministerSite.Checked; role.AllowDeleteChildAlbum = chkDeleteChildAlbum.Checked; role.AllowDeleteMediaObject = chkDeleteMediaObject.Checked; role.AllowEditAlbum = chkEditAlbum.Checked; role.AllowEditMediaObject = chkEditMediaObject.Checked; role.AllowSynchronize = chkSynchronize.Checked; role.AllowViewOriginalImage = chkViewHiResImage.Checked; role.AllowViewAlbumOrMediaObject = chkViewObject.Checked; role.HideWatermark = chkHideWatermark.Checked; RoleController.UpdateRoleAlbumRelationships(role, tvUC.TopLevelCheckedAlbumIds); role.Save(); }
/// <summary> /// Verify that any role needed for album ownership exists and is properly configured. If an album owner /// is specified and the album is new (IsNew == true), the album is persisted to the data store. This is /// required because the ID is not assigned until it is saved, and a valid ID is required to configure the /// role. /// </summary> /// <param name="album">The album to validate for album ownership. If a null value is passed, the function /// returns without error or taking any action.</param> public static void ValidateRoleExistsForAlbumOwner(IAlbum album) { // For albums, verify that any needed roles for album ownership are present. Create/update as needed. if (album == null) { return; } if (String.IsNullOrEmpty(album.OwnerUserName)) { // If owner role is specified, delete it. if (!String.IsNullOrEmpty(album.OwnerRoleName)) { DeleteGalleryServerProRole(album.OwnerRoleName); album.OwnerRoleName = String.Empty; } } else { // If this is a new album, save it before proceeding. We will need its album ID to configure the role, // and it is not assigned until it is saved. if (album.IsNew) { album.Save(); } // Verify that a role exists that corresponds to the owner. IGalleryServerRole role = Factory.LoadGalleryServerRoles().GetRoleByRoleName(album.OwnerRoleName); if (role == null) { // No role exists. Create it. album.OwnerRoleName = CreateAlbumOwnerRole(album); } else { // Role exists. Make sure album is assigned to role and owner is a member. if (!role.RootAlbumIds.Contains(album.Id)) { // Current album is not a member. This should not typically occur, but just in case // it does let's add the current album to it and save it. role.RootAlbumIds.Add(album.Id); role.Save(); } string[] rolesForUser = GetRolesForUser(album.OwnerUserName); if (Array.IndexOf <string>(rolesForUser, role.RoleName) < 0) { // Owner is not a member. Add. AddUserToRole(album.OwnerUserName, role.RoleName); } } } }
/// <summary> /// Create a Gallery Server Pro role corresponding to the specified parameters. Also creates the corresponding ASP.NET role. /// Throws an exception if a role with the specified name already exists in the data store. The role is persisted to the data store. /// </summary> /// <param name="roleName">A string that uniquely identifies the role.</param> /// <param name="allowViewAlbumOrMediaObject">A value indicating whether the user assigned to this role has permission to view albums /// and media objects.</param> /// <param name="allowViewOriginalImage">A value indicating whether the user assigned to this role has permission to view the original, /// high resolution version of an image. This setting applies only to images. It has no effect if there are no /// high resolution images in the album or albums to which this role applies.</param> /// <param name="allowAddMediaObject">A value indicating whether the user assigned to this role has permission to add media objects to an album.</param> /// <param name="allowAddChildAlbum">A value indicating whether the user assigned to this role has permission to create child albums.</param> /// <param name="allowEditMediaObject">A value indicating whether the user assigned to this role has permission to edit a media object.</param> /// <param name="allowEditAlbum">A value indicating whether the user assigned to this role has permission to edit an album.</param> /// <param name="allowDeleteMediaObject">A value indicating whether the user assigned to this role has permission to delete media objects within an album.</param> /// <param name="allowDeleteChildAlbum">A value indicating whether the user assigned to this role has permission to delete child albums.</param> /// <param name="allowSynchronize">A value indicating whether the user assigned to this role has permission to synchronize an album.</param> /// <param name="allowAdministerSite">A value indicating whether the user has administrative permission for all albums. This permission /// automatically applies to all albums; it cannot be selectively applied.</param> /// <param name="hideWatermark">A value indicating whether the user assigned to this role has a watermark applied to images. /// This setting has no effect if watermarks are not used. A true value means the user does not see the watermark; /// a false value means the watermark is applied.</param> /// <param name="topLevelCheckedAlbumIds">The top level checked album ids. May be null.</param> /// <returns>Returns an <see cref="IGalleryServerRole" /> object corresponding to the specified parameters.</returns> /// <exception cref="InvalidGalleryServerRoleException">Thrown when a role with the specified role name already exists in the data store.</exception> public static IGalleryServerRole CreateRole(string roleName, bool allowViewAlbumOrMediaObject, bool allowViewOriginalImage, bool allowAddMediaObject, bool allowAddChildAlbum, bool allowEditMediaObject, bool allowEditAlbum, bool allowDeleteMediaObject, bool allowDeleteChildAlbum, bool allowSynchronize, bool allowAdministerSite, bool hideWatermark, IIntegerCollection topLevelCheckedAlbumIds) { CreateRole(roleName); IGalleryServerRole role = Factory.CreateGalleryServerRoleInstance(roleName, allowViewAlbumOrMediaObject, allowViewOriginalImage, allowAddMediaObject, allowAddChildAlbum, allowEditMediaObject, allowEditAlbum, allowDeleteMediaObject, allowDeleteChildAlbum, allowSynchronize, allowAdministerSite, hideWatermark); UpdateRoleAlbumRelationships(role, topLevelCheckedAlbumIds); role.Save(); return(role); }
/// <summary> /// Make sure the list of ASP.NET roles is synchronized with the Gallery Server roles. If any are missing from /// either, add it. /// </summary> public static void ValidateRoles() { List <IGalleryServerRole> validatedRoles = new List <IGalleryServerRole>(); IGalleryServerRoleCollection galleryRoles = Factory.LoadGalleryServerRoles(); bool needToPurgeCache = false; foreach (string roleName in GetAllRoles()) { IGalleryServerRole galleryRole = galleryRoles.GetRoleByRoleName(roleName); if (galleryRole == null) { // This is an ASP.NET role that doesn't exist in our list of gallery server roles. Add it with minimum permissions // applied to zero albums. IGalleryServerRole newRole = Factory.CreateGalleryServerRoleInstance(roleName, false, false, false, false, false, false, false, false, false, false, false); newRole.Save(); needToPurgeCache = true; } validatedRoles.Add(galleryRole); } // Now check to see if there are gallery roles that are not ASP.NET roles. Add if necessary. foreach (IGalleryServerRole galleryRole in galleryRoles) { if (!validatedRoles.Contains(galleryRole)) { // Need to create an ASP.NET role for this gallery role. CreateRole(galleryRole.RoleName); needToPurgeCache = true; } } if (needToPurgeCache) { HelperFunctions.PurgeCache(); } }
/// <summary> /// Persist the <paramref name="roleToSave" /> to the data store, associating any album IDs listed in <paramref name="topLevelCheckedAlbumIds" /> /// with it. Prior to saving, validation is performed and a <see cref="GallerySecurityException" /> is thrown if a business rule /// is violated. /// </summary> /// <param name="roleToSave">The role to save.</param> /// <param name="topLevelCheckedAlbumIds">The top level album IDs. May be null.</param> /// <exception cref="ArgumentNullException">Thrown when <paramref name="roleToSave" /> is null.</exception> /// <exception cref="GallerySecurityException">Thrown when the role cannot be saved because doing so would violate a business rule.</exception> /// <exception cref="InvalidGalleryServerRoleException">Thrown when an existing role cannot be found in the database that matches the /// role name of the <paramref name="roleToSave" /> parameter.</exception> public static void Save(IGalleryServerRole roleToSave, IIntegerCollection topLevelCheckedAlbumIds) { if (roleToSave == null) throw new ArgumentNullException("roleToSave"); ValidateSaveRole(roleToSave); UpdateRoleAlbumRelationships(roleToSave, topLevelCheckedAlbumIds); roleToSave.Save(); }
/// <summary> /// In certain cases, the web-based installer creates a text file in the App Data directory that is meant as a signal to this /// code that additional setup steps are required. If this file is found, carry out the additional actions. This file is /// created in the SetFlagForMembershipConfiguration() method of pages\install.ascx.cs. /// </summary> internal static void ProcessInstallerFile() { string filePath = Path.Combine(AppSetting.Instance.PhysicalApplicationPath, Path.Combine(GlobalConstants.AppDataDirectory, GlobalConstants.InstallerFileName)); if (!File.Exists(filePath)) { return; } string adminUserName; string adminPwd; string adminEmail; using (StreamReader sw = File.OpenText(filePath)) { adminUserName = sw.ReadLine(); adminPwd = sw.ReadLine(); adminEmail = sw.ReadLine(); } HelperFunctions.BeginTransaction(); #region Create the Sys Admin role. // Create the Sys Admin role. If it already exists, make sure it has AllowAdministerSite permission. string sysAdminRoleName = Resources.GalleryServerPro.Installer_Sys_Admin_Role_Name; if (!RoleController.RoleExists(sysAdminRoleName)) { RoleController.CreateRole(sysAdminRoleName); } IGalleryServerRole role = Factory.LoadGalleryServerRole(sysAdminRoleName); if (role == null) { role = Factory.CreateGalleryServerRoleInstance(sysAdminRoleName, true, true, true, true, true, true, true, true, true, true, false); role.RootAlbumIds.Add(Factory.LoadRootAlbumInstance().Id); role.Save(); } else { // Role already exists. Make sure it has Sys Admin permission. if (!role.AllowAdministerSite) { role.AllowAdministerSite = true; role.Save(); } } #endregion #region Create the Sys Admin user account. // Create the Sys Admin user account. Will throw an exception if the name is already in use. try { CreateUser(adminUserName, adminPwd, adminEmail); } catch (MembershipCreateUserException ex) { if (ex.StatusCode == MembershipCreateStatus.DuplicateUserName) { // The user already exists. Update the password and email address to our values. UserEntity user = GetUser(adminUserName, true); ChangePassword(user.UserName, GetPassword(user.UserName), adminPwd); user.Email = adminEmail; UpdateUser(user); } } // Add the Sys Admin user to the Sys Admin role. if (!RoleController.IsUserInRole(adminUserName, sysAdminRoleName)) { RoleController.AddUserToRole(adminUserName, sysAdminRoleName); } #endregion #region Create sample album and image if (!Config.GetCore().MediaObjectPathIsReadOnly) { DateTime currentTimestamp = DateTime.Now; IAlbum sampleAlbum = null; foreach (IAlbum album in Factory.LoadRootAlbumInstance().GetChildGalleryObjects(GalleryObjectType.Album)) { if (album.DirectoryName == "Samples") { sampleAlbum = album; break; } } if (sampleAlbum == null) { // Create sample album. sampleAlbum = Factory.CreateAlbumInstance(); sampleAlbum.Parent = Factory.LoadRootAlbumInstance(); sampleAlbum.Title = "Samples"; sampleAlbum.DirectoryName = "Samples"; sampleAlbum.Summary = "Welcome to Gallery Server Pro!"; sampleAlbum.CreatedByUserName = adminUserName; sampleAlbum.DateAdded = currentTimestamp; sampleAlbum.LastModifiedByUserName = adminUserName; sampleAlbum.DateLastModified = currentTimestamp; sampleAlbum.Save(); } // Look for sample image in sample album. IGalleryObject sampleImage = null; foreach (IGalleryObject image in sampleAlbum.GetChildGalleryObjects(GalleryObjectType.Image)) { if (image.Original.FileName == Constants.SAMPLE_IMAGE_FILENAME) { sampleImage = image; break; } } if (sampleImage == null) { // Sample image not found. Pull image from assembly, save to disk, and create a media object from it. string sampleDirPath = Path.Combine(AppSetting.Instance.MediaObjectPhysicalPath, sampleAlbum.DirectoryName); string sampleImageFilename = HelperFunctions.ValidateFileName(sampleDirPath, Constants.SAMPLE_IMAGE_FILENAME); string sampleImageFilepath = Path.Combine(sampleDirPath, sampleImageFilename); System.Reflection.Assembly asm = Assembly.GetExecutingAssembly(); using (Stream stream = asm.GetManifestResourceStream(String.Concat("GalleryServerPro.Web.gs.images.", Constants.SAMPLE_IMAGE_FILENAME))) { if (stream != null) { BinaryWriter bw = new BinaryWriter(File.Create(sampleImageFilepath)); byte[] buffer = new byte[stream.Length]; stream.Read(buffer, 0, (int)stream.Length); bw.Write(buffer); bw.Flush(); bw.Close(); } } if (File.Exists(sampleImageFilepath)) { IGalleryObject image = Factory.CreateImageInstance(new FileInfo(sampleImageFilepath), sampleAlbum); image.Title = "Margaret, Skyler and Roger Martin (December 2008)"; image.CreatedByUserName = adminUserName; image.DateAdded = currentTimestamp; image.LastModifiedByUserName = adminUserName; image.DateLastModified = currentTimestamp; image.Save(); } } } #endregion HelperFunctions.CommitTransaction(); HelperFunctions.PurgeCache(); File.Delete(filePath); }
/// <summary> /// Create a role to manage the ownership permissions for the <paramref name="album"/> and user specified in the OwnerUserName /// property of the album. The permissions of the new role are copied from the album owner role template. The new role /// is persisted to the data store and the user specified as the album owner is added as its sole member. The album is updated /// so that the OwnerRoleName property contains the role's name, but the album is not persisted to the data store. /// </summary> /// <param name="album">The album for which a role to represent owner permissions is to be created.</param> /// <returns>Returns the name of the role that is created.</returns> public static string CreateAlbumOwnerRole(IAlbum album) { // Create a role modeled after the template owner role, attach it to the album, then add the specified user as its member. // Role name: Album Owner - rdmartin - rdmartin's album (album 193) if (album == null) { throw new ArgumentNullException("album"); } if (album.IsNew) { throw new ArgumentException("Album must be persisted to data store before calling Util.CreateAlbumOwnerRole."); } // Get the album title, shortened if necessary const int maxAlbumTitleLengthToUseInAlbumOwnerRole = 100; string albumTitle = album.Title; if (albumTitle.Length > maxAlbumTitleLengthToUseInAlbumOwnerRole) { albumTitle = albumTitle.Substring(0, maxAlbumTitleLengthToUseInAlbumOwnerRole); } // Get the user name, shortened if necessary const int maxUsernameLengthToUseInAlbumOwnerRole = 100; string userName = album.OwnerUserName; if (userName.Length > maxUsernameLengthToUseInAlbumOwnerRole) { userName = userName.Substring(0, maxUsernameLengthToUseInAlbumOwnerRole); } string roleName = String.Format("{0} - {1} - {2} (album {3})", GlobalConstants.AlbumOwnerRoleNamePrefix, userName, albumTitle, album.Id); if (!RoleExists(roleName)) { CreateRole(roleName); } if (!IsUserInRole(album.OwnerUserName, roleName)) { AddUserToRole(album.OwnerUserName, roleName); } // Remove the roles from the cache. We do this because may may have just created a user album (that is, // AlbumController.CreateUserAlbum() is in the call stack) and we want to make sure the AllAlbumIds property // of the album owner template role has the latest list of albums, including potentially the new album // (which will be the case if the administrator has selected a parent album of the user album in the template // role). HelperFunctions.RemoveCache(CacheItem.GalleryServerRoles); IGalleryServerRole role = Factory.LoadGalleryServerRole(roleName); if (role == null) { IGalleryServerRole roleSource = Factory.LoadGalleryServerRole(GlobalConstants.AlbumOwnerRoleTemplateName); if (roleSource == null) { roleSource = CreateAlbumOwnerRoleTemplate(); } role = roleSource.Copy(); role.RoleName = roleName; } if (!role.AllAlbumIds.Contains(album.Id)) { role.RootAlbumIds.Add(album.Id); } role.Save(); return(roleName); }