Beispiel #1
0
        public static void ReplicateItems(DbConnection sqlConnection, int[] articleIds, int[] fieldIds)
        {
            var dbType = DatabaseTypeHelper.ResolveDatabaseType(sqlConnection);
            var sql    = (dbType == DatabaseType.SqlServer) ? "qp_replicate_items" : "call qp_replicate_items(@ids, @attr_ids);";

            using (var cmd = DbCommandFactory.Create(sql, sqlConnection))
            {
                if (dbType == DatabaseType.SqlServer)
                {
                    cmd.CommandType = CommandType.StoredProcedure;
                    cmd.Parameters.Add(new SqlParameter("@ids", SqlDbType.NVarChar, -1)
                    {
                        Value = string.Join(",", articleIds)
                    });
                    cmd.Parameters.Add(new SqlParameter("@attr_ids", SqlDbType.NVarChar, -1)
                    {
                        Value = string.Join(",", fieldIds)
                    });
                }
                else
                {
                    cmd.Parameters.Add(SqlQuerySyntaxHelper.GetIdsDatatableParam("@ids", articleIds, dbType));
                    cmd.Parameters.Add(SqlQuerySyntaxHelper.GetIdsDatatableParam("@attr_ids", fieldIds, dbType));
                }

                cmd.Parameters.AddWithValue("@modification_update_interval", -1);
                cmd.ExecuteNonQuery();
            }
        }
Beispiel #2
0
        private static Dictionary <int, int?> GetPermissionLevels(DbConnection sqlConnection, int[] ids, int userId, int groupId, string entityTypeName, string parentEntityTypeName = "", int parentId = 0)
        {
            var result      = new Dictionary <int, int?>();
            var securitySql = Common.GetPermittedItemsAsQuery(sqlConnection, userId, groupId, PermissionLevel.Deny, PermissionLevel.FullAccess,
                                                              entityTypeName, parentEntityTypeName, parentId);

            var dbType = DatabaseTypeHelper.ResolveDatabaseType(sqlConnection);

            var sql = $@" select i.id, pi.permission_level from {SqlQuerySyntaxHelper.IdList(dbType, "@ids", "i")}
				left join ({securitySql}) as pi on pi.{entityTypeName}_id = i.id "                ;

            using (var cmd = DbCommandFactory.Create(sql, sqlConnection))
            {
                cmd.Parameters.Add(SqlQuerySyntaxHelper.GetIdsDatatableParam("@ids", ids, dbType));

                using (var reader = cmd.ExecuteReader())
                {
                    while (reader.Read())
                    {
                        result[Convert.ToInt32(reader["id"])] = Converter.ToNullableInt32(reader["permission_level"]);
                    }
                }
            }

            return(result);
        }
Beispiel #3
0
        private static Dictionary <int, bool> CheckSecurity(DbConnection sqlConnection, int parentId, IEnumerable <int> testIds, int userId, int startLevel, string entityName, string parentEntityName, string columnName)
        {
            var granted     = new Dictionary <int, bool>();
            var securitySql = Common.GetPermittedItemsAsQuery(sqlConnection, userId, 0, startLevel, PermissionLevel.FullAccess,
                                                              entityName, parentEntityName, parentId);

            var dbType     = DatabaseTypeHelper.ResolveDatabaseType(sqlConnection);
            var trueValue  = SqlQuerySyntaxHelper.ToBoolSql(dbType, true);
            var falseValue = SqlQuerySyntaxHelper.ToBoolSql(dbType, false);

            var sql = $@" select
                i.id,
                {SqlQuerySyntaxHelper.CastToBool(dbType, $"case when pi.{columnName} is null then {falseValue} else {trueValue} end")} as granted
                from  {SqlQuerySyntaxHelper.IdList(dbType, "@ids", "i")}
				left join ({securitySql}) as pi on pi.{columnName} = i.id "                ;

            using (var cmd = DbCommandFactory.Create(sql, sqlConnection))
            {
                cmd.Parameters.Add(SqlQuerySyntaxHelper.GetIdsDatatableParam("@ids", testIds, dbType));

                using (var reader = cmd.ExecuteReader())
                {
                    while (reader.Read())
                    {
                        granted[Convert.ToInt32(reader["id"])] = (bool)reader["granted"];
                    }
                }
            }

            return(granted);
        }
Beispiel #4
0
        public static void UpdateNotForReplication(DbConnection sqlConnection, int[] ids, int userId)
        {
            var dbType  = DatabaseTypeHelper.ResolveDatabaseType(sqlConnection);
            var setTrue = dbType == DatabaseType.SqlServer ? "1" : "true";
            var sql     = $@"
            UPDATE CONTENT_ITEM SET NOT_FOR_REPLICATION = {setTrue}, MODIFIED = {SqlQuerySyntaxHelper.Now(dbType)}, LAST_MODIFIED_BY = @userId
            WHERE {SqlQuerySyntaxHelper.IsFalse(dbType, "NOT_FOR_REPLICATION")} AND CONTENT_ITEM_ID IN (select id from {Common.IdList(dbType, "@ids")});
            ";

            using (var cmd = DbCommandFactory.Create(sql, sqlConnection))
            {
                cmd.Parameters.Add(SqlQuerySyntaxHelper.GetIdsDatatableParam("@ids", ids, dbType));
                cmd.Parameters.AddWithValue("@userId", userId);
                cmd.ExecuteNonQuery();
            }
        }
Beispiel #5
0
        public static RelationSecurityInfo GetRelationSecurityInfo(DbConnection dbConnection, int contentId, int[] ids)
        {
            var dbType   = DatabaseTypeHelper.ResolveDatabaseType(dbConnection);
            var result   = new RelationSecurityInfo();
            var pathRows = GetRelationSecurityFields(dbConnection);

            var securityPathes = new List <List <RelationSecurityPathItem> >();
            var finder         = new RelationSecurityPathFinder(pathRows.ToList(), contentId);

            finder.Compute();
            securityPathes.Add(finder.CurrentPath);


            foreach (var extra in finder.ExtraFinders)
            {
                extra.Compute();
                securityPathes.Add(extra.CurrentPath);
            }

            foreach (var securityPath in securityPathes)
            {
                if (securityPath.Count <= 0)
                {
                    var isEndNode = finder.PathRows.Any(n => (Converter.ToNullableInt32(n["rel_content_id"]) ?? 0) == contentId);
                    if (!isEndNode)
                    {
                        result.MakeEmpty();
                    }
                    else
                    {
                        result.AddContentInItemMapping(contentId, ids.ToDictionary(n => n, m => Enumerable.Repeat(m, 1).ToArray()));
                    }

                    return(result);
                }

                var lastItem = securityPath.Last();
                var lastItemWithSecondary = Enumerable.Repeat(lastItem, 1).Concat(lastItem.Secondary).ToList();
                var contentIds            = lastItemWithSecondary.Where(n => !n.IsClassifier).Select(n => n.RelContentId).ToArray();
                var attNames = lastItemWithSecondary.Where(n => n.IsClassifier).Select(n => n.AttributeName).ToArray();
                foreach (var item in contentIds)
                {
                    result.AddContentInItemMapping(item, new Dictionary <int, int[]>());
                }

                var sql = GetSecurityPathSql(dbType, securityPath, contentId);
                using (var cmd = DbCommandFactory.Create(sql, dbConnection))
                {
                    cmd.Parameters.Add(SqlQuerySyntaxHelper.GetIdsDatatableParam("@ids", ids, dbType));
                    using (var reader = cmd.ExecuteReader())
                    {
                        while (reader.Read())
                        {
                            ProcessSecurityPathSqlReader(reader, contentIds, attNames, result);
                        }
                    }
                }

                AppendNotFound(ids, contentIds, result);
            }

            return(result);
        }
Beispiel #6
0
 internal static DbParameter GetIdsDatatableParam(string paramName, IEnumerable <int> ids, DatabaseType databaseType = DatabaseType.SqlServer) => SqlQuerySyntaxHelper.GetIdsDatatableParam(paramName, ids, databaseType);