internal PermissionValue GetPermission(int userId, int entityId, int ownerId, EntryType?entryType, params PermissionTypeBase[] permissions) { if (userId == _securityContext.SecuritySystem.Configuration.SystemUserId) { return(PermissionValue.Allowed); } _entityManager.EnterReadLock(); try { return(GetPermissionSafe(userId, entityId, ownerId, entryType, permissions)); } finally { _entityManager.ExitReadLock(); } }
/// <summary> /// Returns all entities in the predefined axis (All, ParentChain, Subtree) of the specified entity. /// The collection is empty if the entity was not found. /// This operation is thread safe. The thread safety uses system resources, so to minimize these, /// it's strongly recommended processing as fast as possible. /// </summary> /// <param name="entityId">The Id of the focused entity.</param> /// <param name="handleBreaks">Controls the permission inheritance handling.</param> /// <returns>The IEnumerable<SecurityEntity> to further filtering.</returns> public IEnumerable <SecurityEntity> GetEntities(int entityId, BreakOptions handleBreaks = BreakOptions.Default) { _entityManager.EnterReadLock(); try { var root = _entityManager.GetEntitySafe(entityId, false); IEnumerable <SecurityEntity> collection; switch (_axis) { case Axis.All: collection = GetEntitiesFromParentChain(root, handleBreaks) .Union(GetEntitiesFromSubtree(root, handleBreaks)); break; case Axis.ParentChain: collection = GetEntitiesFromParentChain(root, handleBreaks); break; case Axis.Subtree: collection = GetEntitiesFromSubtree(root, handleBreaks); break; default: throw new ArgumentOutOfRangeException("Unknown axis: " + _axis); } foreach (var entity in collection) { yield return(entity); } } finally { _entityManager.ExitReadLock(); } }
public Dictionary <PermissionTypeBase, int> GetExplicitPermissionsInSubtree(SecurityContext context, int entityId, int[] identities, bool includeRoot) { _entityManager.EnterReadLock(); try { var counters = new int[PermissionTypeBase.PermissionCount]; var root = _entityManager.GetEntitySafe(entityId, true); foreach (var entity in new EntityTreeWalker(root)) { // step forward if there is no any setting if (!entity.HasExplicitAcl || entity.Id == entityId && !includeRoot) { continue; } // if broken, adding existing parent-s effective identities because all identities are related. var localBits = new PermissionBitMask(); if (!entity.IsInherited && entity.Parent != null && (includeRoot || entity.Parent.Id != entityId)) { CollectPermissionsFromLocalAces(context.Evaluator.GetEffectiveEntriesSafe(entity.Parent.Id, identities, EntryType.Normal), localBits); } // adding explicit identities CollectPermissionsFromAces(context.Evaluator.GetExplicitEntriesSafe(entity.Id, identities, EntryType.Normal), PermissionLevel.AllowedOrDenied, counters, localBits); } var result = new Dictionary <PermissionTypeBase, int>(); for (var i = 0; i < PermissionTypeBase.PermissionCount; i++) { result.Add(PermissionTypeBase.GetPermissionTypeByIndex(i), counters[i]); } return(result); } finally { _entityManager.ExitReadLock(); } }