private static void ParseInfo(string src, PermissionEvaluator newInstance)
{
var sa = src.Trim().Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries);
foreach (var s in sa)
{
var permInfo = PermissionInfo.Parse(s);
var parent = newInstance.GetParentInfo(permInfo.Path);
if (parent != null)
{
parent.Children.Add(permInfo);
}
permInfo.Parent = parent;
newInstance.permissionTable.Add(permInfo.Path, permInfo);
}
}
private void CollectRelatedItemsInSubtree(PermissionInfo permInfo, bool isRoot, int identityId, int permissionMask, Node rootContent, Dictionary <Node, int> contentCounters)
{
if (!isRoot)
{
if (permInfo.Inherits)
{
foreach (var ps in permInfo.PermissionSets)
{
if (ps.PrincipalId == identityId)
{
if ((ps.AllowBits & permissionMask) > 0 || (ps.DenyBits & permissionMask) > 0)
{
contentCounters[rootContent]++;
//Trace.WriteLine(String.Concat("#>", permInfo.Path, ", ", rootContent.Path, ": ", contentCounters[rootContent]));
break;
}
}
}
}
else
{
if (permInfo.Parent != null)
{
foreach (var entry in GetEffectiveEntries(permInfo.Parent.Path))
{
if (entry.PrincipalId == identityId)
{
if (((entry.AllowBits | entry.DenyBits) & permissionMask) != 0)
{
contentCounters[rootContent]++;
//Trace.WriteLine(String.Concat("#>", permInfo.Path, ", ", rootContent.Path, ": ", contentCounters[rootContent]));
break;
}
}
}
}
}
}
foreach (var childPermInfo in permInfo.Children)
{
CollectRelatedItemsInSubtree(childPermInfo, false, identityId, permissionMask, rootContent, contentCounters);
}
}
private void SearchRelatedNodesInTree(PermissionInfo permInfo, int identityId, uint permissionMask, PermissionLevel level, List <int> nodeIds)
{
// If the related identity has any related effective permission setting on the parent of current content,
// the inheritence break gets related the content anyway (the inheritance break is permission setting too).
if (!permInfo.Inherits)
{
if (permInfo.Parent != null)
{
foreach (var entry in GetEffectiveEntries(permInfo.Parent.Path))
{
if (entry.PrincipalId == identityId)
{
if (HasBits(entry, level, permissionMask))
{
if (!nodeIds.Contains(permInfo.Id))
{
nodeIds.Add(permInfo.Id);
}
}
}
}
}
}
// The content is related if it has any related explicit setting
foreach (var ps in permInfo.PermissionSets)
{
if (ps.PrincipalId == identityId)
{
if (HasBits(ps, level, permissionMask))
{
if (!nodeIds.Contains(permInfo.Id))
{
nodeIds.Add(permInfo.Id);
}
}
}
}
foreach (var childNode in permInfo.Children)
{
SearchRelatedNodesInTree(childNode, identityId, permissionMask, level, nodeIds);
}
}
private PermissionInfo CreatePermissionInfo(string path, int id, int creator, int lastModifier, bool inherited)
{
var parent = GetParentInfo(path);
var permInfo = new PermissionInfo
{
Path = path,
Id = id,
Creator = creator,
LastModifier = lastModifier,
Inherits = inherited,
PermissionSets = new List <PermissionSet>(),
Parent = parent,
Children = new List <PermissionInfo>()
};
if (parent != null)
{
parent.Children.Add(permInfo);
}
return(permInfo);
}
/// <summary>
/// Format: [inheritedbit] path space* (| permSet)*
/// inheritedbit: '+' (inherited) or '-' (breaked).
/// path: lowercase string
/// permSet: see PermissionSet.Parse
/// Head info and PermissionSets are separated by '|'
/// For example: "+/root/folder|+1345__+__|+0450__+__"
/// </summary>
/// <param name="src">Source string with the defined format.</param>
/// <returns>Parsed instance of Entry.</returns>
internal static PermissionInfo Parse(string src)
{
var sa = src.Trim().Split(new char[] { '|' }, StringSplitOptions.RemoveEmptyEntries);
var s = sa[0];
var pmax = s.Length;
var p = 0;
var inherited = !(s[p] == '-');
if (s[p] == '+' || s[p] == '-')
{
p++;
}
var id = 0;
var path = s.Substring(p).Trim();
p = 0;
while (Char.IsDigit(path[p]))
{
p++;
}
if (p > 0)
{
id = Int32.Parse(path.Substring(0, p));
path = path.Substring(p);
}
var permInfo = new PermissionInfo {
Inherits = inherited, Path = path, Id = id
};
for (var i = 1; i < sa.Length; i++)
{
permInfo.PermissionSets.Add(PermissionSet.Parse(sa[i]));
}
return(permInfo);
}
private string SearchFirstPath(string aclPath, PermissionInfo basePermInfo, PermissionSet permSet, int mask, bool deny)
{
string lastPath = basePermInfo.Path;
for (var permInfo = basePermInfo; permInfo != null; permInfo = permInfo.Inherits ? permInfo.Parent : null)
{
var entry = permInfo.GetExplicitEntry(permSet.PrincipalId);
if (entry != null)
{
var bit = mask & (deny ? entry.DenyBits : entry.AllowBits);
if (bit == 0)
{
break;
}
if (bit != 0 && !entry.Propagates) // not propagate equals bit == 0
{
break;
}
lastPath = permInfo.Path;
}
}
return(aclPath == lastPath ? null : lastPath);
}
private void SearchRelatedIdentitiesInTree(PermissionLevel level, IdentityKind identityKind, PermissionInfo node, List <int> ids)
{
// if breaked, adding existing parent-s effective identities
if (!node.Inherits)
{
if (node.Parent != null)
{
foreach (var entry in GetEffectiveEntries(node.Parent.Path))
{
if (!ids.Contains(entry.PrincipalId))
{
ids.Add(entry.PrincipalId);
}
}
}
}
// adding explicite identities recursive
foreach (var ps in node.PermissionSets)
{
if (!ids.Contains(ps.PrincipalId))
{
ids.Add(ps.PrincipalId);
}
}
foreach (var childNode in node.Children)
{
SearchRelatedIdentitiesInTree(level, identityKind, childNode, ids);
}
}
