/// <summary>
/// Copies any auths for the original pages and blocks over to the copied pages and blocks.
/// </summary>
/// <param name="pageGuidDictionary">The dictionary containing the original page guids and the corresponding copied page guids.</param>
/// <param name="blockGuidDictionary">The dictionary containing the original block guids and the corresponding copied block guids.</param>
/// <param name="rockContext">The rock context.</param>
/// <param name="currentPersonAliasId">The current person alias identifier.</param>
private void GeneratePageBlockAuths(Dictionary <Guid, Guid> pageGuidDictionary, Dictionary <Guid, Guid> blockGuidDictionary, RockContext rockContext, int?currentPersonAliasId = null)
{
var authService = new AuthService(rockContext);
var pageService = new PageService(rockContext);
var blockService = new BlockService(rockContext);
var pageGuid = Rock.SystemGuid.EntityType.PAGE.AsGuid();
var blockGuid = Rock.SystemGuid.EntityType.BLOCK.AsGuid();
Dictionary <Guid, int> pageIntDictionary = pageService.Queryable()
.Where(p => pageGuidDictionary.Keys.Contains(p.Guid) || pageGuidDictionary.Values.Contains(p.Guid))
.ToDictionary(p => p.Guid, p => p.Id);
Dictionary <Guid, int> blockIntDictionary = blockService.Queryable()
.Where(p => blockGuidDictionary.Keys.Contains(p.Guid) || blockGuidDictionary.Values.Contains(p.Guid))
.ToDictionary(p => p.Guid, p => p.Id);
var pageAuths = authService.Queryable().Where(a =>
a.EntityType.Guid == pageGuid && pageIntDictionary.Values.Contains(a.EntityId.Value))
.ToList();
var blockAuths = authService.Queryable().Where(a =>
a.EntityType.Guid == blockGuid && blockIntDictionary.Values.Contains(a.EntityId.Value))
.ToList();
foreach (var pageAuth in pageAuths)
{
var newPageAuth = pageAuth.Clone(false);
newPageAuth.CreatedByPersonAlias = null;
newPageAuth.CreatedByPersonAliasId = currentPersonAliasId;
newPageAuth.CreatedDateTime = RockDateTime.Now;
newPageAuth.ModifiedByPersonAlias = null;
newPageAuth.ModifiedByPersonAliasId = currentPersonAliasId;
newPageAuth.ModifiedDateTime = RockDateTime.Now;
newPageAuth.Id = 0;
newPageAuth.Guid = Guid.NewGuid();
newPageAuth.EntityId = pageIntDictionary[pageGuidDictionary[pageIntDictionary.Where(d => d.Value == pageAuth.EntityId.Value).FirstOrDefault().Key]];
authService.Add(newPageAuth);
}
foreach (var blockAuth in blockAuths)
{
var newBlockAuth = blockAuth.Clone(false);
newBlockAuth.CreatedByPersonAlias = null;
newBlockAuth.CreatedByPersonAliasId = currentPersonAliasId;
newBlockAuth.CreatedDateTime = RockDateTime.Now;
newBlockAuth.ModifiedByPersonAlias = null;
newBlockAuth.ModifiedByPersonAliasId = currentPersonAliasId;
newBlockAuth.ModifiedDateTime = RockDateTime.Now;
newBlockAuth.Id = 0;
newBlockAuth.Guid = Guid.NewGuid();
newBlockAuth.EntityId = blockIntDictionary[blockGuidDictionary[blockIntDictionary.Where(d => d.Value == blockAuth.EntityId.Value).FirstOrDefault().Key]];
authService.Add(newBlockAuth);
}
rockContext.SaveChanges();
}
/// <summary>
/// Handles the Delete event of the gGroups control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="RowEventArgs" /> instance containing the event data.</param>
protected void gGroups_Delete( object sender, RowEventArgs e )
{
RockTransactionScope.WrapTransaction( () =>
{
GroupService groupService = new GroupService();
AuthService authService = new AuthService();
Group group = groupService.Get( (int)e.RowKeyValue );
if ( group != null )
{
string errorMessage;
if ( !groupService.CanDelete( group, out errorMessage ) )
{
mdGridWarning.Show( errorMessage, ModalAlertType.Information );
return;
}
bool isSecurityRoleGroup = group.IsSecurityRole;
if ( isSecurityRoleGroup )
{
foreach ( var auth in authService.Queryable().Where( a => a.GroupId.Equals( group.Id ) ).ToList() )
{
authService.Delete( auth, CurrentPersonId );
authService.Save( auth, CurrentPersonId );
}
}
groupService.Delete( group, CurrentPersonId );
groupService.Save( group, CurrentPersonId );
if ( isSecurityRoleGroup )
{
Rock.Security.Authorization.Flush();
Rock.Security.Role.Flush( group.Id );
}
}
} );
BindGrid();
}
/// <summary>
/// Load the static Authorizations object
/// </summary>
public static void Load()
{
Authorizations = new Dictionary<int, Dictionary<int, Dictionary<string, List<AuthRule>>>>();
AuthService authService = new AuthService();
foreach ( Auth auth in authService.Queryable().
OrderBy( A => A.EntityTypeId ).ThenBy( A => A.EntityId ).ThenBy( A => A.Action ).ThenBy( A => A.Order ) )
{
if ( !Authorizations.ContainsKey( auth.EntityTypeId ) )
Authorizations.Add( auth.EntityTypeId, new Dictionary<int, Dictionary<string, List<AuthRule>>>() );
Dictionary<int, Dictionary<string, List<AuthRule>>> entityAuths = Authorizations[auth.EntityTypeId];
if ( !entityAuths.ContainsKey( auth.EntityId ?? 0 ) )
entityAuths.Add( auth.EntityId ?? 0, new Dictionary<string, List<AuthRule>>() );
Dictionary<string, List<AuthRule>> instanceAuths = entityAuths[auth.EntityId ?? 0];
if ( !instanceAuths.ContainsKey( auth.Action ) )
instanceAuths.Add( auth.Action, new List<AuthRule>() );
List<AuthRule> actionPermissions = instanceAuths[auth.Action];
actionPermissions.Add( new AuthRule( auth ) );
}
}
/// <summary>
/// Copies any auths for the original pages and blocks over to the copied pages and blocks.
/// </summary>
/// <param name="pageGuidDictionary">The dictionary containing the original page guids and the corresponding copied page guids.</param>
/// <param name="blockGuidDictionary">The dictionary containing the original block guids and the corresponding copied block guids.</param>
/// <param name="rockContext">The rock context.</param>
/// <param name="currentPersonAliasId">The current person alias identifier.</param>
private void GeneratePageBlockAuths( Dictionary<Guid, Guid> pageGuidDictionary, Dictionary<Guid, Guid> blockGuidDictionary, RockContext rockContext, int? currentPersonAliasId = null )
{
var authService = new AuthService( rockContext );
var pageService = new PageService( rockContext );
var blockService = new BlockService( rockContext );
var pageGuid = Rock.SystemGuid.EntityType.PAGE.AsGuid();
var blockGuid = Rock.SystemGuid.EntityType.BLOCK.AsGuid();
Dictionary<Guid, int> pageIntDictionary = pageService.Queryable()
.Where( p => pageGuidDictionary.Keys.Contains( p.Guid ) || pageGuidDictionary.Values.Contains( p.Guid ) )
.ToDictionary( p => p.Guid, p => p.Id );
Dictionary<Guid, int> blockIntDictionary = blockService.Queryable()
.Where( p => blockGuidDictionary.Keys.Contains( p.Guid ) || blockGuidDictionary.Values.Contains( p.Guid ) )
.ToDictionary( p => p.Guid, p => p.Id );
var pageAuths = authService.Queryable().Where( a =>
a.EntityType.Guid == pageGuid && pageIntDictionary.Values.Contains( a.EntityId.Value ) )
.ToList();
var blockAuths = authService.Queryable().Where( a =>
a.EntityType.Guid == blockGuid && blockIntDictionary.Values.Contains( a.EntityId.Value ) )
.ToList();
foreach ( var pageAuth in pageAuths )
{
var newPageAuth = pageAuth.Clone( false );
newPageAuth.CreatedByPersonAlias = null;
newPageAuth.CreatedByPersonAliasId = currentPersonAliasId;
newPageAuth.CreatedDateTime = RockDateTime.Now;
newPageAuth.ModifiedByPersonAlias = null;
newPageAuth.ModifiedByPersonAliasId = currentPersonAliasId;
newPageAuth.ModifiedDateTime = RockDateTime.Now;
newPageAuth.Id = 0;
newPageAuth.Guid = Guid.NewGuid();
newPageAuth.EntityId = pageIntDictionary[pageGuidDictionary[pageIntDictionary.Where( d => d.Value == pageAuth.EntityId.Value ).FirstOrDefault().Key]];
authService.Add( newPageAuth );
}
foreach ( var blockAuth in blockAuths )
{
var newBlockAuth = blockAuth.Clone( false );
newBlockAuth.CreatedByPersonAlias = null;
newBlockAuth.CreatedByPersonAliasId = currentPersonAliasId;
newBlockAuth.CreatedDateTime = RockDateTime.Now;
newBlockAuth.ModifiedByPersonAlias = null;
newBlockAuth.ModifiedByPersonAliasId = currentPersonAliasId;
newBlockAuth.ModifiedDateTime = RockDateTime.Now;
newBlockAuth.Id = 0;
newBlockAuth.Guid = Guid.NewGuid();
newBlockAuth.EntityId = blockIntDictionary[blockGuidDictionary[blockIntDictionary.Where( d => d.Value == blockAuth.EntityId.Value ).FirstOrDefault().Key]];
authService.Add( newBlockAuth );
}
rockContext.SaveChanges();
}
/// <summary>
/// Handles the Delete event of the gGroups control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="RowEventArgs" /> instance containing the event data.</param>
protected void gGroups_Delete( object sender, RowEventArgs e )
{
var rockContext = new RockContext();
GroupService groupService = new GroupService( rockContext );
AuthService authService = new AuthService( rockContext );
Group group = groupService.Get( e.RowKeyId );
if ( group != null )
{
if ( !group.IsAuthorized( Authorization.EDIT, this.CurrentPerson ) )
{
mdGridWarning.Show( "You are not authorized to delete this group", ModalAlertType.Information );
return;
}
string errorMessage;
if ( !groupService.CanDelete( group, out errorMessage ) )
{
mdGridWarning.Show( errorMessage, ModalAlertType.Information );
return;
}
bool isSecurityRoleGroup = group.IsSecurityRole || group.GroupType.Guid.Equals( Rock.SystemGuid.GroupType.GROUPTYPE_SECURITY_ROLE.AsGuid() );
if ( isSecurityRoleGroup )
{
Rock.Security.Role.Flush( group.Id );
foreach ( var auth in authService.Queryable().Where( a => a.GroupId == group.Id ).ToList() )
{
authService.Delete( auth );
}
}
groupService.Delete( group );
rockContext.SaveChanges();
if ( isSecurityRoleGroup )
{
Rock.Security.Authorization.Flush();
}
}
BindGrid();
}
/// <summary>
/// Handles the Click event of the btnDelete control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="EventArgs" /> instance containing the event data.</param>
protected void btnDelete_Click( object sender, EventArgs e )
{
int? parentGroupId = null;
RockContext rockContext = new RockContext();
GroupService groupService = new GroupService( rockContext );
AuthService authService = new AuthService( rockContext );
Group group = groupService.Get( int.Parse( hfGroupId.Value ) );
if ( group != null )
{
if ( !group.IsAuthorized( Authorization.EDIT, this.CurrentPerson ) )
{
mdDeleteWarning.Show( "You are not authorized to delete this group.", ModalAlertType.Information );
return;
}
parentGroupId = group.ParentGroupId;
string errorMessage;
if ( !groupService.CanDelete( group, out errorMessage ) )
{
mdDeleteWarning.Show( errorMessage, ModalAlertType.Information );
return;
}
bool isSecurityRoleGroup = group.IsSecurityRole || group.GroupType.Guid.Equals( Rock.SystemGuid.GroupType.GROUPTYPE_SECURITY_ROLE.AsGuid() );
if ( isSecurityRoleGroup )
{
Rock.Security.Role.Flush( group.Id );
foreach ( var auth in authService.Queryable().Where( a => a.GroupId == group.Id ).ToList() )
{
authService.Delete( auth );
}
}
groupService.Delete( group );
rockContext.SaveChanges();
if ( isSecurityRoleGroup )
{
Rock.Security.Authorization.Flush();
}
}
// reload page, selecting the deleted group's parent
var qryParams = new Dictionary<string, string>();
if ( parentGroupId != null )
{
qryParams["GroupId"] = parentGroupId.ToString();
}
NavigateToPage( RockPage.Guid, qryParams );
}
/// <summary>
/// Updates the bulk update security.
/// </summary>
private static void UpdateBulkUpdateSecurity()
{
var rockContext = new RockContext();
var authService = new Rock.Model.AuthService(rockContext);
var bulkUpdateBlockType = BlockTypeCache.Get(Rock.SystemGuid.BlockType.BULK_UPDATE.AsGuid());
var bulkUpdateBlocks = new BlockService(rockContext).Queryable().Where(a => a.BlockTypeId == bulkUpdateBlockType.Id).ToList();
foreach (var bulkUpdateBlock in bulkUpdateBlocks)
{
var alreadyUpdated = authService.Queryable().Where(a =>
(a.Action == "EditConnectionStatus" || a.Action == "EditRecordStatus") &&
a.EntityTypeId == bulkUpdateBlock.TypeId &&
a.EntityId == bulkUpdateBlock.Id).Any();
if (alreadyUpdated)
{
// EditConnectionStatus and/or EditRecordStatus has already been set, so don't copy VIEW auth to it
continue;
}
var groupIdAuthRules = new HashSet <int>();
var personIdAuthRules = new HashSet <int>();
var specialRoleAuthRules = new HashSet <SpecialRole>();
var authRulesToAdd = new List <AuthRule>();
Dictionary <ISecured, List <AuthRule> > parentAuthRulesList = new Dictionary <ISecured, List <AuthRule> >();
ISecured secured = bulkUpdateBlock;
while (secured != null)
{
var entityType = secured.TypeId;
List <AuthRule> authRules = Authorization.AuthRules(secured.TypeId, secured.Id, Authorization.VIEW).OrderBy(a => a.Order).ToList();
foreach (var rule in authRules)
{
if (rule.GroupId.HasValue)
{
if (!groupIdAuthRules.Contains(rule.GroupId.Value))
{
groupIdAuthRules.Add(rule.GroupId.Value);
authRulesToAdd.Add(rule);
}
}
else if (rule.PersonId.HasValue)
{
if (!personIdAuthRules.Contains(rule.PersonId.Value))
{
personIdAuthRules.Add(rule.PersonId.Value);
authRulesToAdd.Add(rule);
}
}
else if (rule.SpecialRole != SpecialRole.None)
{
if (!specialRoleAuthRules.Contains(rule.SpecialRole))
{
specialRoleAuthRules.Add(rule.SpecialRole);
authRulesToAdd.Add(rule);
}
}
}
secured = secured.ParentAuthority;
}
List <Auth> authsToAdd = new List <Auth>();
foreach (var auth in authRulesToAdd)
{
authsToAdd.Add(AddAuth(bulkUpdateBlock, auth, "EditConnectionStatus"));
authsToAdd.Add(AddAuth(bulkUpdateBlock, auth, "EditRecordStatus"));
}
int authOrder = 0;
authsToAdd.ForEach(a => a.Order = authOrder++);
authService.AddRange(authsToAdd);
Authorization.RefreshAction(bulkUpdateBlock.TypeId, bulkUpdateBlock.Id, "EditConnectionStatus");
Authorization.RefreshAction(bulkUpdateBlock.TypeId, bulkUpdateBlock.Id, "EditRecordStatus");
}
rockContext.SaveChanges();
}
/// <summary>
/// Handles the Click event of the btnDelete control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="EventArgs" /> instance containing the event data.</param>
protected void btnDelete_Click( object sender, EventArgs e )
{
int? parentGroupId = null;
// NOTE: Very similar code in GroupList.gGroups_Delete
RockTransactionScope.WrapTransaction( () =>
{
GroupService groupService = new GroupService();
AuthService authService = new AuthService();
Group group = groupService.Get( int.Parse( hfGroupId.Value ) );
if ( group != null )
{
parentGroupId = group.ParentGroupId;
string errorMessage;
if ( !groupService.CanDelete( group, out errorMessage ) )
{
mdDeleteWarning.Show( errorMessage, ModalAlertType.Information );
return;
}
bool isSecurityRoleGroup = group.IsSecurityRole || group.GroupType.Guid.Equals( Rock.SystemGuid.GroupType.GROUPTYPE_SECURITY_ROLE.AsGuid() );
if ( isSecurityRoleGroup )
{
Rock.Security.Role.Flush( group.Id );
foreach ( var auth in authService.Queryable().Where( a => a.GroupId.Equals( group.Id ) ).ToList() )
{
authService.Delete( auth, CurrentPersonId );
authService.Save( auth, CurrentPersonId );
}
}
groupService.Delete( group, CurrentPersonId );
groupService.Save( group, CurrentPersonId );
if ( isSecurityRoleGroup )
{
Rock.Security.Authorization.Flush();
}
}
} );
// reload page, selecting the deleted group's parent
var qryParams = new Dictionary<string, string>();
if ( parentGroupId != null )
{
qryParams["groupId"] = parentGroupId.ToString();
}
NavigateToPage( RockPage.Guid, qryParams );
}
/// <summary>
/// Handles the Click event of the btnDelete control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="EventArgs" /> instance containing the event data.</param>
protected void btnDelete_Click( object sender, EventArgs e )
{
int? parentGroupId = null;
RockContext rockContext = new RockContext();
GroupService groupService = new GroupService( rockContext );
AuthService authService = new AuthService( rockContext );
Group group = groupService.Get( hfGroupId.Value.AsInteger() );
if ( group != null )
{
if ( !group.IsAuthorized( Authorization.EDIT, this.CurrentPerson ) )
{
mdDeleteWarning.Show( "You are not authorized to delete this group.", ModalAlertType.Information );
return;
}
parentGroupId = group.ParentGroupId;
string errorMessage;
if ( !groupService.CanDelete( group, out errorMessage ) )
{
mdDeleteWarning.Show( errorMessage, ModalAlertType.Information );
return;
}
bool isSecurityRoleGroup = group.IsActive && ( group.IsSecurityRole || group.GroupType.Guid.Equals( Rock.SystemGuid.GroupType.GROUPTYPE_SECURITY_ROLE.AsGuid() ) );
if ( isSecurityRoleGroup )
{
Rock.Security.Role.Flush( group.Id );
foreach ( var auth in authService.Queryable().Where( a => a.GroupId == group.Id ).ToList() )
{
authService.Delete( auth );
}
}
// If group has a non-named schedule, delete the schedule record.
if ( group.ScheduleId.HasValue )
{
var scheduleService = new ScheduleService( rockContext );
var schedule = scheduleService.Get( group.ScheduleId.Value );
if ( schedule != null && schedule.ScheduleType != ScheduleType.Named )
{
// Make sure this is the only group trying to use this schedule.
if ( !groupService.Queryable().Where( g => g.ScheduleId == schedule.Id && g.Id != group.Id ).Any() )
{
scheduleService.Delete( schedule );
}
}
}
groupService.Delete( group );
rockContext.SaveChanges();
if ( isSecurityRoleGroup )
{
Rock.Security.Authorization.Flush();
}
}
// reload page, selecting the deleted group's parent
var qryParams = new Dictionary<string, string>();
if ( parentGroupId != null )
{
qryParams["GroupId"] = parentGroupId.ToString();
}
qryParams["ExpandedIds"] = PageParameter( "ExpandedIds" );
NavigateToPage( RockPage.Guid, qryParams );
}
/// <summary>
/// Handles the Delete event of the gGroups control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="RowEventArgs" /> instance containing the event data.</param>
protected void gGroups_Delete( object sender, RowEventArgs e )
{
// NOTE: Very similar code in GroupDetail.btnDelete_Click
RockTransactionScope.WrapTransaction( () =>
{
GroupService groupService = new GroupService();
AuthService authService = new AuthService();
Group group = groupService.Get( (int)e.RowKeyValue );
if ( group != null )
{
string errorMessage;
if ( !groupService.CanDelete( group, out errorMessage ) )
{
mdGridWarning.Show( errorMessage, ModalAlertType.Information );
return;
}
bool isSecurityRoleGroup = group.IsSecurityRole || group.GroupType.Guid.Equals( Rock.SystemGuid.GroupType.GROUPTYPE_SECURITY_ROLE.AsGuid() );
if (isSecurityRoleGroup)
{
Rock.Security.Role.Flush( group.Id );
foreach ( var auth in authService.Queryable().Where( a => a.GroupId == group.Id ).ToList() )
{
authService.Delete( auth, CurrentPersonId );
authService.Save( auth, CurrentPersonId );
}
}
groupService.Delete( group, CurrentPersonId );
groupService.Save( group, CurrentPersonId );
if ( isSecurityRoleGroup )
{
Rock.Security.Authorization.Flush();
}
}
} );
BindGrid();
}
