internal SecurableObject CreateSecurableObject(bool breaksInheritance)
{
SecurableObject createdSecurableObject = null;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(Context.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
SecurableObject securableObject = new SecurableObject();
securableObject.SecurableObjectUid = SecurableObject.SecurableObjectUid;
securableObject.BreaksInheritance = breaksInheritance;
securableObject.SecurableContextId = SecurableContextId;
dataContext.SecurableObjects.InsertOnSubmit(securableObject);
dataContext.SubmitChanges();
// Return the group that was created
securableObject = (from so in dataContext.SecurableObjects
where so.SecurableObjectUid == SecurableObject.SecurableObjectUid &&
so.SecurableContextId == SecurableContextId
select so).First();
createdSecurableObject = securableObject;
}
}
}
});
return createdSecurableObject;
}
/// <summary>
/// Creates the Group in the database
/// </summary>
/// <param name="glGroup">The details of the group</param>
/// <returns>The group object that was created</returns>
internal Group CreateGroup(string displayName)
{
Group createdGroup = null;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(Context.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
// Create the group
Group group = new Group();
group.SecurableContextId = SecurableContextId;
group.GroupSPID = SPGroupId;
group.WebSPID = WebId;
group.DisplayName = displayName;
dataContext.Groups.InsertOnSubmit(group);
dataContext.SubmitChanges();
// Return the group that was created
group = (from g in dataContext.Groups
where g.DisplayName == displayName && g.GroupSPID == SPGroupId
&& g.SecurableContextId == SecurableContextId && g.WebSPID == WebId
select g).First();
createdGroup = group;
}
}
}
});
return createdGroup;
}
internal void SetSecurableObjectInheritance(bool breaksInheritance)
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(Context.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
SecurableObject securableObject = (from so in dataContext.SecurableObjects
where so.SecurableObjectUid == SecurableObject.SecurableObjectUid &&
so.SecurableContextId == SecurableContextId
select so).First();
securableObject.BreaksInheritance = breaksInheritance;
dataContext.SubmitChanges();
}
}
}
});
}
/// <summary>
/// Gets the group if it exists.
/// </summary>
/// <returns>The group object if it exists or null</returns>
internal Group GetGroup(string displayName)
{
Group result = null;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(Context.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
var groups = from g in dataContext.Groups
where g.GroupSPID == SPGroupId && g.WebSPID == WebId
&& g.SecurableContextId == SecurableContextId
select g;
Group group = null; //default value if it doesn't exist
if (groups.Any())
{
group = groups.First();
if (group != null)
{
//if the display name has changed update it
if (group.DisplayName != displayName)
{
group.DisplayName = displayName;
dataContext.SubmitChanges();
}
}
}
result = group;
}
}
}
});
return result;
}
internal Group GetGroup(GlymaSecurityGroup securityGroup)
{
Group result = null;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(this.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
var groups = from g in dataContext.Groups
where g.GroupId == securityGroup.GroupId
&& g.SecurableContextId == securityGroup.SecurableContextId
select g;
Group group = null; //default value if it doesn't exist
if (groups.Any())
{
group = groups.First();
}
result = group;
}
}
}
});
return result;
}
private void RemoveRootMapGroupAssociations(GlymaSecurableObject rootMapSecurableObject)
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(this.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
var groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableObjectUid == rootMapSecurableObject.SecurableObjectUid &&
ga.SecurableParentUid == rootMapSecurableObject.SecurableParentUid
select ga;
if (groupAssociations.Any())
{
foreach (GroupAssociation groupAssociation in groupAssociations)
{
dataContext.GroupAssociations.DeleteOnSubmit(groupAssociation);
}
dataContext.SubmitChanges();
}
}
}
}
});
}
private void CopyGroupAssociationsToRootMap(GlymaSecurableObject rootMapSecurableObject)
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(this.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
var groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableObjectUid == rootMapSecurableObject.SecurableParentUid
select ga;
if (groupAssociations.Any())
{
foreach (GroupAssociation groupAssociation in groupAssociations)
{
GlymaSecurableObject securableObject = new GlymaSecurableObject();
securableObject.SecurableParentUid = groupAssociation.SecurableObjectUid; //the parent is now the project uid
securableObject.SecurableObjectUid = rootMapSecurableObject.SecurableObjectUid; //the object is now the root map being copied to
GlymaSecurityAssociationContext securityAssocationContext = new GlymaSecurityAssociationContext(this, rootMapSecurableObject);
securityAssocationContext.CreateGroupAssociation(groupAssociation.GroupId);
}
}
}
}
}
});
}
/// <summary>
/// Gets the securable context identifier for the siteID
/// </summary>
/// <returns>The Securable Context ID associated with the SP Site ID or -1 if it doesn't exist</returns>
internal SecurableContext GetSecurableContext()
{
SecurableContext result = null;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(this.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
var securableContext = from sc in dataContext.SecurableContexts
where sc.SecurableContextId == glymaSession.SecurableContextId
select sc;
if (securableContext.Any())
{
result = securableContext.First();
}
}
}
}
});
return result;
}
internal SecurableObject GetSecurableObject(int securableContextId, Guid securableObjectUid)
{
SecurableObject result = null;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(this.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
var securableObjects = from so in dataContext.SecurableObjects
where so.SecurableObjectUid == securableObjectUid &&
so.SecurableContextId == securableContextId
select so;
SecurableObject securableObject = null; //default value if it doesn't exist
if (securableObjects.Any())
{
securableObject = securableObjects.First();
}
result = securableObject;
}
}
}
});
return result;
}
/// <summary>
/// Checks if the association exists
/// </summary>
/// <param name="checkProjectsChildren">If this is true when checking the access to a Project if there are any root maps under that project the user
/// has access to it returns true for the project as well (only true for when working out the filtered lists)</param>
/// <returns>True if the GroupAssociation exists on this particular object for the group</returns>
internal bool HasAssociation(bool checkProjectsChildren = false)
{
bool result = false;
if (Group != null)
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(Context.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
Group glGroup = Context.GetGroup(Group);
if (glGroup != null)
{
IEnumerable<GroupAssociation> groupAssociations = null;
if (SecurableObject.SecurableParentUid == Guid.Empty)
{
//searching for a Project association
groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableObjectUid == SecurableObject.SecurableObjectUid && ga.SecurableParentUid.HasValue == false
&& ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == glGroup.GroupId
select ga;
if (!groupAssociations.Any() && checkProjectsChildren)
{
//check if the user has access to anything under the project which inherintly gives them access to that project
//cross check the project id (sent as the object id) against the parent uid and we don't care about the object uid as any root map
//gives them access to that particular project
groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableParentUid == SecurableObject.SecurableObjectUid
&& ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == glGroup.GroupId
select ga;
}
}
else
{
//searching for a RootMap association
GlymaSecurableObjectContext objectContext = new GlymaSecurableObjectContext(Context, Group.SecurableContextId, SecurableObject);
bool isInherited = objectContext.GetIsInherited();
if (!isInherited)
{
//if not inherited it will have it's own group associations
groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableObjectUid == SecurableObject.SecurableObjectUid && ga.SecurableParentUid == SecurableObject.SecurableParentUid
&& ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == glGroup.GroupId
select ga;
}
else
{
//if it is inherited look fro the parents group associations
groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableObjectUid == SecurableObject.SecurableParentUid && ga.SecurableParentUid.HasValue == false
&& ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == glGroup.GroupId
select ga;
}
}
if (groupAssociations.Any())
{
result = true;
}
}
});
}
}
}
}
return result;
}
/// <summary>
/// Creates the GroupAssociation
/// </summary>
/// <param name="groupId">The ID of the Group object</param>
internal void CreateGroupAssociation(int groupId)
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(Context.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
SecurableContext securableContext = Context.GetSecurableContext();
int securableContextId = securableContext.SecurableContextId;
GroupAssociation groupAssociation = new GroupAssociation();
groupAssociation.GroupId = groupId;
groupAssociation.SecurableContextId = securableContextId;
if (SecurableObject.SecurableParentUid != Guid.Empty)
{
//group association is for a root map (not a project)
groupAssociation.SecurableParentUid = SecurableObject.SecurableParentUid;
}
groupAssociation.SecurableObjectUid = SecurableObject.SecurableObjectUid;
dataContext.GroupAssociations.InsertOnSubmit(groupAssociation);
dataContext.SubmitChanges();
}
}
}
});
}
/// <summary>
/// Removes the group association if it exists
/// </summary>
/// <returns>A response object indicating if completed without error</returns>
internal ResponseObject RemoveSecurityAssociation()
{
ResponseObject result = new ResponseObject() { HasError = false };
if (Group != null)
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
try
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(Context.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
Group sgroup = Context.GetGroup(Group);
if (sgroup != null)
{
IEnumerable<GroupAssociation> groupAssociations = null;
if (SecurableObject.SecurableParentUid != Guid.Empty)
{
//removing a root map group association
groupAssociations = from ga in dataContext.GroupAssociations
where
ga.SecurableObjectUid == SecurableObject.SecurableObjectUid &&
ga.SecurableParentUid == SecurableObject.SecurableParentUid
&& ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == sgroup.GroupId
select ga;
}
else
{
//removing a project group association
groupAssociations = from ga in dataContext.GroupAssociations
where
ga.SecurableObjectUid == SecurableObject.SecurableObjectUid &&
ga.SecurableParentUid.HasValue == false
&& ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == sgroup.GroupId
select ga;
}
if (groupAssociations.Any())
{
dataContext.GroupAssociations.DeleteAllOnSubmit(groupAssociations.ToList());
dataContext.SubmitChanges();
}
}
}
}
}
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
});
}
else
{
result.HasError = true;
result.ErrorMessage = "The Glyma security group was not known.";
}
return result;
}
