private SnAccessControlEntry CreateEntry(int principalId, bool propagates) { var entry = SnAccessControlEntry.CreateEmpty(principalId, propagates); //TODO: CreateEmpty(principal); var list = acl.Entries.ToList(); list.Add(entry); acl.Entries = list; return(entry); }
internal void AddEntry(SnAccessControlEntry entry) { var newEntry = CreateEntry(entry.Identity.NodeId, entry.Propagates); uint allowBits, denyBits; entry.GetPermissionBits(out allowBits, out denyBits); PermissionBits.SetBits(ref allowBits, ref denyBits); newEntry.SetPermissionsBits(allowBits, denyBits); var list = acl.Entries.ToList(); list.Add(newEntry); acl.Entries = list.ToArray(); }
internal SnAccessControlList BuildAcl(SnAccessControlList acl) { //var principals = GetEffectedPrincipals(); var aces = new Dictionary <int, SnAccessControlEntry>(); for (var permInfo = this; permInfo != null; permInfo = permInfo.Inherits ? permInfo.Parent : null) { foreach (var permSet in permInfo.PermissionSets) { // get ace by princ var princ = permSet.PrincipalId; SnAccessControlEntry ace; if (!aces.TryGetValue(princ, out ace)) { ace = SnAccessControlEntry.CreateEmpty(princ, permSet.Propagates); aces.Add(princ, ace); } // get permissions and paths int mask = 1; for (int i = 0; i < ActiveSchema.PermissionTypes.Count; i++) { var permission = ace.Permissions.ElementAt(i); if (!permission.Deny) { if ((permSet.DenyBits & mask) != 0) { permission.Deny = true; permission.DenyFrom = SearchFirstPath(acl.Path, permInfo, permSet, mask, true); } } if (!permission.Allow) { var allow = (permSet.AllowBits & mask) != 0; if ((permSet.AllowBits & mask) != 0) { permission.Allow = true; permission.AllowFrom = SearchFirstPath(acl.Path, permInfo, permSet, mask, false); } } mask = mask << 1; } } } acl.Inherits = acl.Path == this.Path ? this.Inherits : true; acl.Entries = aces.Values.ToArray(); return(acl); }
//======================================================================= Event handlers protected void ListViewAcl_ItemDataBound(object sender, ListViewItemEventArgs e) { var dataItem = e.Item as ListViewDataItem; if (dataItem == null) return; var ace = dataItem.DataItem as SnAccessControlEntry; if (ace == null) return; //Pin the current entry. It is used by the //permission list databinding method. _currentAce = ace; var lblName = GetIdentityControl(dataItem); if (lblName != null) { var identity = Node.Load<GenericContent>(ace.Identity.Path); var name = identity is User ? ((User) identity).Username : identity.Name; if (!identity.Path.StartsWith(Repository.ImsFolderPath)) name = name + " " + HttpContext.GetGlobalResourceObject("Portal", "PermissionLocalGroup"); else name = identity.Path.Substring(Repository.ImsFolderPath.Length + 1); lblName.Text = string.Format("{0} ({1})", identity.DisplayName, name); } var lblIcon = GetIdentityIconControl(dataItem); if (lblIcon != null) { try { lblIcon.CssClass += " snIconBig_" + ContentType.GetByName(Enum.GetName(typeof(SnIdentityKind), ace.Identity.Kind)).Icon; } catch (Exception ex) { Logger.WriteException(ex); } } var lvAce = GetPermissionListViewControl(dataItem); if (lvAce != null) { lvAce.ItemDataBound += ListViewAce_ItemDataBound; lvAce.DataSource = ace.Permissions; lvAce.DataBind(); } var lblHidden = GetHiddenAceLabel(dataItem); if (lblHidden != null) lblHidden.Text = this.EntryIds[ace]; RefreshAcePanelVisibility(dataItem); }
private void RemoveEntry(SnAccessControlEntry entry) { acl.Entries = acl.Entries.Except(new SnAccessControlEntry[] { entry }).ToList(); }
private SnPermission GetSnPerm(SnAccessControlEntry entry, PermissionType permType) { return(entry.Permissions.Where(p => p.Name == permType.Name).First()); }
private SnPermission GetSnPerm(SnAccessControlEntry entry, PermissionType permType) { return entry.Permissions.Where(p => p.Name == permType.Name).First(); }
internal void AddEntry(SnAccessControlEntry entry) { var newEntry = CreateEntry(entry.Identity.NodeId, entry.Propagates); int allowBits, denyBits; entry.GetPermissionBits(out allowBits, out denyBits); SecurityHandler.SetBits(ref allowBits, ref denyBits); newEntry.SetPermissionsBits(allowBits, denyBits); var list = acl.Entries.ToList(); list.Add(newEntry); acl.Entries = list.ToArray(); }
private void RemoveEntry(SnAccessControlEntry entry) { acl.Entries = acl.Entries.Except(new SnAccessControlEntry[] { entry }).ToList(); }
private string SetAclTest(int operationNumber, string initial, string readOnlyMask, string set, string expected) { if (readOnlyMask == null) readOnlyMask = initial.Replace("+", "r").Replace("-", "r"); //Trace.WriteLine(String.Format("@> TEST #{0}: {1} | {2} | {3} | {4}", operationNumber, initial, readOnlyMask, set, expected)); var node = TestRoot; var visitor = User.Visitor; var ident = new SnIdentity { Kind = SnIdentityKind.User, Name = "Visitor", NodeId = visitor.Id, Path = visitor.Path }; var permsEd = GetPermsFromString(initial, readOnlyMask); var entryEd = new SnAccessControlEntry { Identity = ident, Propagates = true, Permissions = permsEd }; var aclEd = new SnAccessControlList { NodeId = 9999, Creator = ident, Inherits = true, LastModifier = ident, Path = "asdf", Entries = new[] { entryEd } }; var perms0 = GetPermsFromString(initial, readOnlyMask); var entry0 = new SnAccessControlEntry { Identity = ident, Propagates = true, Permissions = perms0 }; var acl0 = new SnAccessControlList { NodeId = 9999, Creator = ident, Inherits = true, LastModifier = ident, Path = "asdf", Entries = new[] { entry0 } }; var perms1 = GetPermsFromString(set, readOnlyMask); var entry1 = new SnAccessControlEntry { Identity = ident, Propagates = true, Permissions = perms1 }; var acl1 = new SnAccessControlList { NodeId = 9999, Creator = ident, Inherits = true, LastModifier = ident, Path = "asdf", Entries = new[] { entry1 } }; var ed = node.Security.GetAclEditor(); ed.Acl = aclEd; // clone of acl0 var edAcc = new AclEditorAccessor(ed); var secAcc = new SecurityHandlerAccessor(node.Security); var entries = secAcc.GetEntriesFromAcl(ed, acl0, acl1); var resultEntry = SearchEntry(entries, User.Visitor, true); var result = resultEntry.ValuesToString(); if (result == expected) return null; return String.Concat("State is '", result, "', expected '", expected, "' at operation ", operationNumber); }