Beispiel #1
0
        /// <summary>
        /// Returns the OCL.Permission for the current Object
        /// Returns NULL if AccessingUser doesn't have sufficient priviledge to complete operation
        /// </summary>
        /// <param name="QueryGroup"></param>
        /// <param name="AccessingUser"></param>
        /// <param name="TargetUser"></param>
        /// <param name="QueryObject"></param>
        /// <returns></returns>
        internal OCL.Permission GetPermission(OCL.Group QueryGroup, OCL.User AccessingUser,OCL.User TargetUser, object QueryObject)
        {
            int ObjectTypeId = 0;
            int ObjectId = 0;

            OCL.Permission PP = GetPermission(QueryGroup,AccessingUser,TargetUser);
            if(!PP.mvarIsUsable) //Can operate on this Users Permissions
            {
                if(!AccessingUser.mvarIsSuperUser)
                {
                    return new Permission();//null;  //returns a Permission object with all fields set to false;
                }
            }

            if(QueryObject is OCL.User)
            {
                OCL.User U = (OCL.User)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.User);
                ObjectId = U.ID;
            }
            else if(QueryObject is OCL.Group)
            {
                OCL.Group G = (OCL.Group)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Group);
                ObjectId = G.mvarID;
            }
            else if(QueryObject is OCL.Recording)
            {
                OCL.Recording R = (OCL.Recording)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Recording);
                ObjectId = R.ID;
            }
            else if(QueryObject is OCL.Source)
            {
                OCL.Source S = (OCL.Source)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Source);
                ObjectId = S.ID;
            }
            else if(QueryObject is OCL.Control)
            {
                OCL.Control C = (OCL.Control)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Control);
                ObjectId = C.ID;
            }
            else if(QueryObject is OCL.Scene)
            {
                OCL.Scene S = (OCL.Scene)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Scene);
                ObjectId = S.ID;
            }
            else if(QueryObject is OCL.Note)
            {
                OCL.Note N = (OCL.Note)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Note);
                ObjectId = N.ID;
            }
            else if(QueryObject is OCL.RecordingSession)
            {
                OCL.RecordingSession RS = (OCL.RecordingSession)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.RecordingSession);
                ObjectId = RS.mvarID;
            }
            else if(QueryObject is OCL.Attachment)
            {
                OCL.Attachment A = (OCL.Attachment)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Attachment);
                ObjectId = A.mvarID;
            }
            else if(QueryObject is OCL.VideoStorageServer)
            {
                OCL.VideoStorageServer V = (OCL.VideoStorageServer)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Group);
                ObjectId = V.mvarID;
            }
            else
                throw new Exception("Unknown Object Type");

            string sSQL = "SELECT * FROM tblGroupTokens Where " +
                " GroupId = " + QueryGroup.ID +
                " AND UserId = " + TargetUser.ID +
                " AND ObjectTypeId = " + ObjectTypeId +
                " AND ObjectId = " + ObjectId;

            DataSet DS = RF.GetDataSet(sSQL);

            if(DS.Tables[0].Rows.Count == 0)
            {
                OCL.Permission EmptyPP = new Permission();
                return EmptyPP;
            }
                //throw new Exception("Permissions not found for requested object in database!");

            return FillPermission(DS.Tables[0].Rows[0]);
        }
Beispiel #2
0
 public void Add(Permission X)
 {
     List.Add(X);
 }
Beispiel #3
0
        /// <summary>
        /// Returns the OCL.Permission for the current Object
        /// Returns NULL if AccessingUser doesn't have sufficient priviledge to complete operation
        /// </summary>
        /// <param name="QueryGroup"></param>
        /// <param name="AccessingUser"></param>
        /// <param name="QueryObject"></param>
        /// <returns></returns>
        internal OCL.Permission GetPermission(OCL.Group QueryGroup, OCL.User AccessingUser, object QueryObject)
        {
            int ObjectTypeId = 0;
            int ObjectId = 0;

            if(QueryObject is OCL.User)
            {
                OCL.User U = (OCL.User)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.User);
                ObjectId = U.ID;
            }
            else if(QueryObject is OCL.Group)
            {
                OCL.Group G = (OCL.Group)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Group);
                ObjectId = G.mvarID;
            }
            else if(QueryObject is OCL.Recording)
            {
                OCL.Recording R = (OCL.Recording)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Recording);
                ObjectId = R.ID;
            }
            else if(QueryObject is OCL.Source)
            {
                OCL.Source S = (OCL.Source)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Source);
                ObjectId = S.ID;
            }
            else if(QueryObject is OCL.Control)
            {
                OCL.Control C = (OCL.Control)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Control);
                ObjectId = C.ID;
            }
            else if(QueryObject is OCL.Scene)
            {
                OCL.Scene S = (OCL.Scene)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Scene);
                ObjectId = S.ID;
            }
            else if(QueryObject is OCL.Note)
            {
                OCL.Note N = (OCL.Note)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Note);
                ObjectId = N.ID;
            }
            else if(QueryObject is OCL.RecordingSession)
            {
                OCL.RecordingSession RS = (OCL.RecordingSession)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.RecordingSession);
                ObjectId = RS.mvarID;
            }
            else if(QueryObject is OCL.Attachment)
            {
                OCL.Attachment A = (OCL.Attachment)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Attachment);
                ObjectId = A.mvarID;
            }
            else if(QueryObject is OCL.VideoStorageServer)
            {
                OCL.VideoStorageServer V = (OCL.VideoStorageServer)QueryObject;
                ObjectTypeId = Convert.ToInt32(OCL.OysterObjectType.Group);
                ObjectId = V.mvarID;
            }
            else
                throw new Exception("Unknown Object Type");

            string sSQL = "SELECT * FROM tblGroupTokens Where " +
                " GroupId = " + QueryGroup.ID +
                " AND UserId = " + AccessingUser.ID +
                " AND ObjectTypeId = " + ObjectTypeId +
                " AND ObjectId = " + ObjectId;

            DataSet DS = RF.GetDataSet(sSQL);

            if(DS.Tables[0].Rows.Count == 0)
            {
                /// I used to return null but it makes more logical since to return a Permission with no permissions
                /// enabled with denotes that the Accessing User has no permission to this object in this group which
                /// is true even when the object does not exist
                //return null;
                //throw new Exception("Permissions not found for requested object in database!");

                //A new permission has all privileges set to denied by default.
                OCL.Permission DeniedPermission = new Permission();
                return DeniedPermission;
            }

            return FillPermission(DS.Tables[0].Rows[0]);
        }