public ResponseObject BreakRootMapInheritance(string webUrl, GlymaSecurableObject securableObject)
{
ResponseObject result = new ResponseObject() { HasError = false };
try
{
SecurityContextManager context = new SecurityContextManager(webUrl);
result = context.BreakRootMapInheritance(securableObject);
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
return result;
}
internal ResponseObject BreakRootMapInheritance(GlymaSecurableObject securableObject)
{
ResponseObject response = new ResponseObject() { HasError = false };
try
{
GetSecurableContextIdResponse securableContextIdResponse = GetSecurableContextId();
if (!securableContextIdResponse.HasError)
{
int securableContextId = securableContextIdResponse.Result;
SecurableObject obj = GetSecurableObject(securableContextId, securableObject.SecurableObjectUid);
GlymaSecurableObjectContext securableObjectContext = new GlymaSecurableObjectContext(this, securableContextId, securableObject);
if (obj == null)
{
obj = securableObjectContext.CreateSecurableObject(true);
}
if (!obj.BreaksInheritance)
{
securableObjectContext.SetSecurableObjectInheritance(true);
}
CopyGroupAssociationsToRootMap(securableObject);
}
}
catch (Exception ex)
{
response.HasError = true;
response.ErrorMessage = ex.Message;
}
return response;
}
/// <summary>
/// This method is called by a Glyma Project Manager when they create a new project, it will associate any Glyma Project Manager group the user belongs to
/// with the newly created project.
/// </summary>
/// <param name="webUrl">The URL for the SP site</param>
/// <param name="securableObject">Describes the project that was just added</param>
/// <returns>A response object indicating if the operation completed without error.</returns>
public ResponseObject SetProjectManagerGroupAssociations(string webUrl, GlymaSecurableObject securableObject)
{
ResponseObject result = new ResponseObject() { HasError = false };
try
{
SecurityContextManager context = new SecurityContextManager(webUrl);
result = context.CurrentUser.SetProjectManagerGroupAssociations(securableObject);
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
return result;
}
/// <summary>
/// Adds or Removes security associations for a batch of groups.
/// </summary>
/// <param name="webUrl">The URL for the SP site</param>
/// <param name="securityAssociations">The details of the group and the securable object and whether it's an add or remove operation</param>
/// <returns>A response object to indicate if it completd without error.</returns>
public ResponseObject UpdateSecurityAssociations(string webUrl, IList<GlymaSecurityAssociation> securityAssociations)
{
ResponseObject result = new ResponseObject() { HasError = false };
SecurityContextManager securityContext = new SecurityContextManager(webUrl);
if (securityContext.CurrentUser.IsUserSecurityManager())
{
try
{
foreach (GlymaSecurityAssociation securityAssociation in securityAssociations)
{
GlymaSecurityAssociationContext securityAssociationContext = new GlymaSecurityAssociationContext(securityContext, securityAssociation.GlymaSecurityGroup, securityAssociation.SecurableObject);
if (securityAssociation.Value)
{
securityAssociationContext.SetSecurityAssociation(securityAssociation.BreakInheritance);
}
else
{
securityAssociationContext.RemoveSecurityAssociation();
}
}
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
}
else
{
result.HasError = true;
result.ErrorMessage = "Access Denied. User does not have permissions to access this web service.";
}
return result;
}
/// <summary>
/// This method is called by a Glyma Project Manager when they create a new project, it will associate any Glyma Project Manager group the user belongs to
/// with the newly created project.
/// </summary>
/// <param name="securableObject">Describes the project that was just added</param>
/// <returns>A response object indicating if the operation completed without error.</returns>
internal ResponseObject SetProjectManagerGroupAssociations(GlymaSecurableObject securableObject)
{
ResponseObject result = new ResponseObject() { HasError = false };
try
{
if (this.IsUserProjectManager()) //ensure they are a project manager
{
using (SPSite site = new SPSite(Context.WebUrl))
{
using (SPWeb currentWeb = site.OpenWeb())
{
GetSecurityGroupsResponse response = Context.GetSecurityGroups(GlymaPermissionLevel.GlymaProjectManager);
if (!response.HasError)
{
IList<GlymaSecurityGroup> pmGroupsToAssociate = new List<GlymaSecurityGroup>();
IList<GlymaSecurityGroup> pmGroups = response.Result;
//for any group that is a Glyma Project Manager group
foreach (SPGroup group in CurrentSPUser.Groups)
{
foreach (GlymaSecurityGroup projectManagerGroup in pmGroups)
{
Group glGroup = Context.GetGroup(projectManagerGroup);
if (group.ID == glGroup.GroupSPID)
{
pmGroupsToAssociate.Add(projectManagerGroup);
}
}
}
//Add the security association for every Glyma Project Manager group the current user belongs to.
foreach (GlymaSecurityGroup glGroup in pmGroupsToAssociate)
{
GlymaSecurityAssociationContext securityAssociationContext = new GlymaSecurityAssociationContext(Context, glGroup, securableObject);
ResponseObject addResponse = securityAssociationContext.SetSecurityAssociation(false);
if (addResponse.HasError)
{
//if an error occurs adding the security association for any of the groups stop and return the error
result.HasError = true;
result.ErrorMessage = addResponse.ErrorMessage;
break;
}
}
}
else
{
//there was an error get the groups that have been assigned the permission level of Glyma Project Manager
result.HasError = true;
result.ErrorMessage = response.ErrorMessage;
}
}
}
}
else
{
//Only a Glyma Project Manager can call this method
result.HasError = true;
result.ErrorMessage = "Access Denied. User does not have permissions to access this web service method.";
}
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
return result;
}
/// <summary>
/// Removes the group association if it exists
/// </summary>
/// <returns>A response object indicating if completed without error</returns>
internal ResponseObject RemoveSecurityAssociation()
{
ResponseObject result = new ResponseObject() { HasError = false };
if (Group != null)
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
try
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(Context.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
Group sgroup = Context.GetGroup(Group);
if (sgroup != null)
{
IEnumerable<GroupAssociation> groupAssociations = null;
if (SecurableObject.SecurableParentUid != Guid.Empty)
{
//removing a root map group association
groupAssociations = from ga in dataContext.GroupAssociations
where
ga.SecurableObjectUid == SecurableObject.SecurableObjectUid &&
ga.SecurableParentUid == SecurableObject.SecurableParentUid
&& ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == sgroup.GroupId
select ga;
}
else
{
//removing a project group association
groupAssociations = from ga in dataContext.GroupAssociations
where
ga.SecurableObjectUid == SecurableObject.SecurableObjectUid &&
ga.SecurableParentUid.HasValue == false
&& ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == sgroup.GroupId
select ga;
}
if (groupAssociations.Any())
{
dataContext.GroupAssociations.DeleteAllOnSubmit(groupAssociations.ToList());
dataContext.SubmitChanges();
}
}
}
}
}
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
});
}
else
{
result.HasError = true;
result.ErrorMessage = "The Glyma security group was not known.";
}
return result;
}
/// <summary>
/// Adds a security association for a SharePoint group to the security DB
/// </summary>
/// <param name="breakInheritance">Whether it should have inheritance broken or not</param>
/// <returns>A response object indicating if completed without error</returns>
internal ResponseObject SetSecurityAssociation(bool breakInheritance)
{
ResponseObject result = new ResponseObject() { HasError = false };
try
{
if (Group != null)
{
Group group = Context.GetGroup(Group);
//if (group == null)
//{
// //Create the Group since it doesn't exist
// group = this.CreateGroup();
//}
bool response = this.HasAssociation();
if (!response)
{
SecurableObject so = Context.GetSecurableObject(Group.SecurableContextId, SecurableObject.SecurableObjectUid);
GlymaSecurableObjectContext securableObjectContext = new GlymaSecurableObjectContext(Context, Group.SecurableContextId, SecurableObject);
if (so == null)
{
so = securableObjectContext.CreateSecurableObject(breakInheritance);
}
//Create the group association since it doesn't exist
this.CreateGroupAssociation(group.GroupId);
}
}
else
{
result.HasError = true;
result.ErrorMessage = "The Glyma security group was not known.";
}
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
return result;
}
