Beispiel #1
0
        private void AddParentRules(List <AuthRule> itemRules, List <MyAuthRule> parentRules, ISecured parent, string action)
        {
            if (parent != null)
            {
                var entityType = Rock.Web.Cache.EntityTypeCache.Read(parent.TypeId);
                foreach (AuthRule rule in Authorization.AuthRules(parent.TypeId, parent.Id, action))
                {
                    if (!itemRules.Exists(r =>
                                          r.SpecialRole == rule.SpecialRole &&
                                          r.PersonId == rule.PersonId &&
                                          r.GroupId == rule.GroupId) &&
                        !parentRules.Exists(r =>
                                            r.SpecialRole == rule.SpecialRole &&
                                            r.PersonId == rule.PersonId &&
                                            r.GroupId == rule.GroupId))
                    {
                        var myRule = new MyAuthRule(rule);
                        myRule.EntityTitle = string.Format("{0} ({1})", parent.ToString(), entityType.FriendlyName ?? entityType.Name).TrimStart();
                        parentRules.Add(myRule);
                    }
                }

                AddParentRules(itemRules, parentRules, parent.ParentAuthority, action);
            }
        }
Beispiel #2
0
        private void AddParentRules( List<MyAuthRule> rules, ISecured parent, string action )
        {
            if ( parent != null )
            {
                var entityType = Rock.Web.Cache.EntityTypeCache.Read( parent.TypeId );
                foreach ( AuthRule rule in Authorization.AuthRules( parent.TypeId, parent.Id, action ) )
                    if ( !rules.Exists( r =>
                        r.SpecialRole == rule.SpecialRole &&
                        r.PersonId == rule.PersonId &&
                        r.GroupId == rule.GroupId ) )
                    {
                        var myRule = new MyAuthRule( rule );
                        myRule.EntityTitle = string.Format( "{0} ({1})", parent.ToString(), entityType.FriendlyName ?? entityType.Name ).TrimStart();
                        rules.Add( myRule );
                    }

                AddParentRules( rules, parent.ParentAuthority, action );
            }
        }
Beispiel #3
0
        /// <summary>
        /// Raises the <see cref="E:System.Web.UI.Control.Init" /> event.
        /// </summary>
        /// <param name="e">An <see cref="T:System.EventArgs" /> object that contains the event data.</param>
        protected override void OnInit(EventArgs e)
        {
            int?   entityTypeId   = PageParameter("EntityTypeId").AsIntegerOrNull();
            string entityTypeName = string.Empty;
            Type   type           = null;

            // Get Entity Type
            if (entityTypeId.HasValue)
            {
                var entityType = EntityTypeCache.Read(entityTypeId.Value);
                if (entityType != null)
                {
                    entityTypeName = entityType.FriendlyName;
                    type           = entityType.GetEntityType();
                }
            }

            // Get Entity Id
            int entityId = PageParameter("EntityId").AsIntegerOrNull() ?? 0;

            // Get object type
            if (type != null)
            {
                if (entityId == 0)
                {
                    iSecured = (ISecured)Activator.CreateInstance(type);
                }
                else
                {
                    // Get the context type since this may be for a non-rock core object
                    Type contextType = null;
                    var  contexts    = Rock.Reflection.SearchAssembly(type.Assembly, typeof(Rock.Data.DbContext));
                    if (contexts.Any())
                    {
                        contextType = contexts.First().Value;
                    }
                    else
                    {
                        contextType = typeof(RockContext);
                    }

                    Type   serviceType = typeof(Rock.Data.Service <>);
                    Type[] modelType   = { type };
                    Type   service     = serviceType.MakeGenericType(modelType);
                    var    getMethod   = service.GetMethod("Get", new Type[] { typeof(int) });

                    var context         = Activator.CreateInstance(contextType);
                    var serviceInstance = Activator.CreateInstance(service, new object[] { context });
                    iSecured = getMethod.Invoke(serviceInstance, new object[] { entityId }) as ISecured;
                }

                var block = iSecured as Rock.Model.Block;
                if (block != null)
                {
                    // If the entity is a block, get any actions that were updated or added by the block type using
                    // one or more SecurityActionAttributes.
                    var blockCache = BlockCache.Read(block.Id);
                    if (blockCache != null && blockCache.BlockType != null)
                    {
                        foreach (var action in BlockCache.Read(block.Id).BlockType.SecurityActions)
                        {
                            if (block.SupportedActions.ContainsKey(action.Key))
                            {
                                block.SupportedActions[action.Key] = action.Value;
                            }
                            else
                            {
                                block.SupportedActions.Add(action.Key, action.Value);
                            }
                        }
                    }

                    iSecured = block;
                }

                if (iSecured != null)
                {
                    if (iSecured.IsAuthorized(Authorization.ADMINISTRATE, CurrentPerson))
                    {
                        if (iSecured.SupportedActions.Any())
                        {
                            lActionDescription.Text = iSecured.SupportedActions.FirstOrDefault().Value;
                        }

                        rptActions.DataSource = iSecured.SupportedActions;
                        rptActions.DataBind();

                        rGrid.DataKeyNames        = new string[] { "Id" };
                        rGrid.GridReorder        += new GridReorderEventHandler(rGrid_GridReorder);
                        rGrid.GridRebind         += new GridRebindEventHandler(rGrid_GridRebind);
                        rGrid.RowDataBound       += new GridViewRowEventHandler(rGrid_RowDataBound);
                        rGrid.ShowHeaderWhenEmpty = false;
                        rGrid.EmptyDataText       = string.Empty;
                        rGrid.ShowActionRow       = false;

                        rGridParentRules.DataKeyNames        = new string[] { "Id" };
                        rGridParentRules.ShowHeaderWhenEmpty = false;
                        rGridParentRules.EmptyDataText       = string.Empty;
                        rGridParentRules.ShowActionRow       = false;

                        BindRoles();

                        string scriptFormat = @"
                    Sys.Application.add_load(function () {{
                        $('#modal-popup div.modal-header h3 small', window.parent.document).html('{0}');
                    }});
                ";
                        string script       = string.Format(scriptFormat, HttpUtility.JavaScriptStringEncode(iSecured.ToString()));

                        this.Page.ClientScript.RegisterStartupScript(this.GetType(), string.Format("set-html-{0}", this.ClientID), script, true);
                    }
                    else
                    {
                        nbMessage.Text = "Unfortunately, you are not able to edit security because you do not belong to a role that has been configured to allow administration of this item.";
                    }
                }
                else
                {
                    nbMessage.Text = "The item you are trying to secure does not exist or does not implement ISecured.";
                }
            }
            else
            {
                nbMessage.Text = string.Format("The requested entity type ('{0}') could not be loaded to determine security attributes.", entityTypeName);
            }

            base.OnInit(e);
        }
Beispiel #4
0
        /// <summary>
        /// Adds the parent rules.
        /// </summary>
        /// <param name="authService">The authentication service.</param>
        /// <param name="itemRules">The item rules.</param>
        /// <param name="parentRules">The parent rules.</param>
        /// <param name="parent">The parent.</param>
        /// <param name="action">The action.</param>
        /// <param name="recurse">if set to <c>true</c> [recurse].</param>
        private void AddParentRules(AuthService authService, List <AuthRule> itemRules, List <MyAuthRule> parentRules, ISecured parent, string action, bool recurse)
        {
            if (parent != null)
            {
                var entityType = EntityTypeCache.Get(parent.TypeId);
                foreach (var auth in authService.GetAuths(parent.TypeId, parent.Id, action))
                {
                    var rule = new AuthRule(auth);

                    if (!itemRules.Exists(r =>
                                          r.SpecialRole == rule.SpecialRole &&
                                          r.PersonId == rule.PersonId &&
                                          r.GroupId == rule.GroupId) &&
                        !parentRules.Exists(r =>
                                            r.AuthRule.SpecialRole == rule.SpecialRole &&
                                            r.AuthRule.PersonId == rule.PersonId &&
                                            r.AuthRule.GroupId == rule.GroupId))
                    {
                        var myRule = new MyAuthRule(rule);
                        myRule.EntityTitle = string.Format("{0} <small>({1})</small>", parent.ToString(), entityType.FriendlyName ?? entityType.Name).TrimStart();
                        parentRules.Add(myRule);
                    }
                }

                if (recurse)
                {
                    AddParentRules(authService, itemRules, parentRules, parent.ParentAuthority, action, true);
                }
            }
        }
Beispiel #5
0
        protected override void OnInit(EventArgs e)
        {
            string entityParam = PageParameter("EntityTypeId");
            Type   type        = null;

            // Get Entity Type
            int entityTypeId = 0;

            if (Int32.TryParse(entityParam, out entityTypeId))
            {
                var entityType = EntityTypeCache.Read(entityTypeId);
                if (entityType != null)
                {
                    entityParam = entityType.FriendlyName;
                    type        = entityType.GetEntityType();
                }
            }

            // Get Entity Id
            int entityId = 0;

            if (!Int32.TryParse(PageParameter("EntityId"), out entityId))
            {
                entityId = 0;
            }

            // Get object type
            if (type != null)
            {
                if (entityId == 0)
                {
                    iSecured = (ISecured)Activator.CreateInstance(type);
                }
                else
                {
                    // Get the context type since this may be for a non-rock core object
                    Type contextType = null;
                    var  contexts    = Rock.Reflection.SearchAssembly(type.Assembly, typeof(System.Data.Entity.DbContext));
                    if (contexts.Any())
                    {
                        contextType = contexts.First().Value;
                    }

                    Type   serviceType = typeof(Rock.Data.Service <>);
                    Type[] modelType   = { type };
                    Type   service     = serviceType.MakeGenericType(modelType);
                    var    getMethod   = service.GetMethod("Get", new Type[] { typeof(int) });

                    if (contextType != null)
                    {
                        var context         = Activator.CreateInstance(contextType);
                        var serviceInstance = Activator.CreateInstance(service, new object[] { context });
                        iSecured = getMethod.Invoke(serviceInstance, new object[] { entityId }) as ISecured;
                    }
                    else
                    {
                        var serviceInstance = Activator.CreateInstance(service);
                        iSecured = getMethod.Invoke(serviceInstance, new object[] { entityId }) as ISecured;
                    }
                }

                var block = iSecured as Rock.Model.Block;
                if (block != null)
                {
                    // If the entity is a block, get the cachedblock's supported action, as the RockPage may have
                    // added additional actions when the cache was created.
                    foreach (var action in BlockCache.Read(block.Id).SupportedActions)
                    {
                        if (!block.SupportedActions.Contains(action))
                        {
                            block.SupportedActions.Add(action);
                        }
                    }

                    iSecured = block;
                }

                if (iSecured != null && iSecured.IsAuthorized("Administrate", CurrentPerson))
                {
                    rptActions.DataSource = iSecured.SupportedActions;
                    rptActions.DataBind();

                    rGrid.DataKeyNames        = new string[] { "id" };
                    rGrid.GridReorder        += new GridReorderEventHandler(rGrid_GridReorder);
                    rGrid.GridRebind         += new GridRebindEventHandler(rGrid_GridRebind);
                    rGrid.RowDataBound       += new GridViewRowEventHandler(rGrid_RowDataBound);
                    rGrid.ShowHeaderWhenEmpty = false;
                    rGrid.EmptyDataText       = string.Empty;
                    rGrid.ShowActionRow       = false;

                    rGridParentRules.DataKeyNames        = new string[] { "id" };
                    rGridParentRules.ShowHeaderWhenEmpty = false;
                    rGridParentRules.EmptyDataText       = string.Empty;
                    rGridParentRules.ShowActionRow       = false;

                    BindRoles();

                    string script = string.Format(@"
                    Sys.Application.add_load(function () {{
                        $('#modal-popup div.modal-header h3 small', window.parent.document).html('{0}');
                    }});
                ", HttpUtility.JavaScriptStringEncode(iSecured.ToString()));
                    this.Page.ClientScript.RegisterStartupScript(this.GetType(), string.Format("set-html-{0}", this.ClientID), script, true);
                }
                else
                {
                    rGrid.Visible            = false;
                    rGridParentRules.Visible = false;
                    nbMessage.Text           = "Unfortunately, you are not able to edit security because you do not belong to a role that has been configured to allow administration of this item.";
                    nbMessage.Visible        = true;
                }
            }
            else
            {
                rGrid.Visible            = false;
                rGridParentRules.Visible = false;
                nbMessage.Text           = string.Format("The requested entity type ('{0}') could not be loaded to determine security attributes.", entityParam);
                nbMessage.Visible        = true;
            }
            base.OnInit(e);
        }
Beispiel #6
0
        /// <summary>
        /// Adds the parent rules.
        /// </summary>
        /// <param name="authService">The authentication service.</param>
        /// <param name="itemRules">The item rules.</param>
        /// <param name="parentRules">The parent rules.</param>
        /// <param name="parent">The parent.</param>
        /// <param name="action">The action.</param>
        /// <param name="recurse">if set to <c>true</c> [recurse].</param>
        private void AddParentRules( AuthService authService, List<AuthRule> itemRules, List<MyAuthRule> parentRules, ISecured parent, string action, bool recurse )
        {
            if ( parent != null )
            {
                var entityType = Rock.Web.Cache.EntityTypeCache.Read( parent.TypeId );
                foreach ( var auth in authService.GetAuths( parent.TypeId, parent.Id, action ) )
                {
                    var rule = new AuthRule( auth );

                    if ( !itemRules.Exists( r =>
                            r.SpecialRole == rule.SpecialRole &&
                            r.PersonId == rule.PersonId &&
                            r.GroupId == rule.GroupId ) &&
                        !parentRules.Exists( r =>
                            r.AuthRule.SpecialRole == rule.SpecialRole &&
                            r.AuthRule.PersonId == rule.PersonId &&
                            r.AuthRule.GroupId == rule.GroupId ) )
                    {
                        var myRule = new MyAuthRule( rule );
                        myRule.EntityTitle = string.Format( "{0} <small>({1})</small>", parent.ToString(), entityType.FriendlyName ?? entityType.Name ).TrimStart();
                        parentRules.Add( myRule );
                    }
                }

                if ( recurse )
                {
                    AddParentRules( authService, itemRules, parentRules, parent.ParentAuthority, action, true );
                }
            }
        }
Beispiel #7
0
        protected override void OnInit(EventArgs e)
        {
            // Read parameter values
            string entityName = Authorization.DecodeEntityTypeName(PageParameter("EntityType"));

            int entityId = 0;

            if (!Int32.TryParse(PageParameter("EntityId"), out entityId))
            {
                entityId = 0;
            }

            // Get object type
            Type type = Type.GetType(entityName);

            if (type != null)
            {
                if (entityId == 0)
                {
                    iSecured = (ISecured)Activator.CreateInstance(type);
                }
                else
                {
                    iSecured = type.InvokeMember("Read", System.Reflection.BindingFlags.InvokeMethod, null, type, new object[] { entityId }) as ISecured;
                }

                if (iSecured.IsAuthorized("Administrate", CurrentPerson))
                {
                    rptActions.DataSource = iSecured.SupportedActions;
                    rptActions.DataBind();

                    rGrid.DataKeyNames        = new string[] { "id" };
                    rGrid.GridReorder        += new GridReorderEventHandler(rGrid_GridReorder);
                    rGrid.GridRebind         += new GridRebindEventHandler(rGrid_GridRebind);
                    rGrid.RowDataBound       += new GridViewRowEventHandler(rGrid_RowDataBound);
                    rGrid.ShowHeaderWhenEmpty = false;
                    rGrid.EmptyDataText       = string.Empty;
                    rGrid.ShowActionRow       = false;

                    rGridParentRules.DataKeyNames        = new string[] { "id" };
                    rGridParentRules.ShowHeaderWhenEmpty = false;
                    rGridParentRules.EmptyDataText       = string.Empty;
                    rGridParentRules.ShowActionRow       = false;

                    BindRoles();

                    string script = string.Format(@"
                    Sys.Application.add_load(function () {{
                        $('#modal-popup div.modal-header h3 small', window.parent.document).html('{0}');
                    }});
                ", iSecured.ToString());

                    this.Page.ClientScript.RegisterStartupScript(this.GetType(), string.Format("set-html-{0}", this.ClientID), script, true);
                }
            }
            else
            {
                rGrid.Visible            = false;
                rGridParentRules.Visible = false;
                nbMessage.Text           = string.Format("Could not load the requested entity type ('{0}') to determine security attributes", entityName);
                nbMessage.Visible        = true;
            }
            base.OnInit(e);
        }