Beispiel #1
0
        //helper method looking for the requested view
        private GINGridViewerDriver FindViewConfiguration(string pageName, string viewName)
        {
            var requestedPage = from page in applicationView.Pages
                                where (page.Name == pageName)
                                select page;

            if (requestedPage.Count() > 0)
            {
                GINPage ginPage         = requestedPage.ElementAt(0);
                var     requestedDriver = from driver in ginPage.ViewComponents
                                          where (driver.Name == viewName)
                                          select driver;
                if (requestedDriver.Count() > 0)
                {
                    GINGridViewerDriver driver = requestedDriver.ElementAt(0);
                    AppllySecurityRules(pageName, driver);
                    return(driver);
                }
            }
            return(null);
        }
Beispiel #2
0
        //helper method for applying the security rules of the application
        private void AppllySecurityRules(string pageName, GINGridViewerDriver driver)
        {
            XmlSerializer s = new XmlSerializer(typeof(SecurityResourceConfigurationInfo));
            SecurityResourceConfigurationInfo src = null;

            using (Stream stream = File.OpenRead(HttpContext.Current.Request.PhysicalApplicationPath + ConfigurationManager.AppSettings["SecurityConfigurationFile"]))
            {
                try
                {
                    src = (SecurityResourceConfigurationInfo)s.Deserialize(stream);
                }
                catch (Exception)
                {
                }
            }
            if (src == null)
            {
                return;
            }
            List <string> allRoleNames = new List <string>();

            foreach (SecurityRoleInfo role in src.SecurityRoles)
            {
                allRoleNames.Add(role.Name);
            }
            List <string> userRoleNames = UserBLL.HasRoles(
                UserBLL.GetCurrentUser(),
                allRoleNames.ToArray());

            foreach (SecurityRoleInfo role in
                     (from role in src.SecurityRoles where (from userRole in userRoleNames where role.Name == userRole select userRole).Any() select role))
            {
                SecuredResourceContainerInfo resourceContainer = src.SecuredResourceContainers.Find(cont => cont.Name == pageName);
                if (resourceContainer == null)
                {
                    break;
                }
                foreach (GINColumnDescriptor column in driver.Columns)
                {
                    SecuredResourceInfo securedResource = resourceContainer.SecuredResources.Find(sr => (sr.Scope == driver.Name) && (sr.Name == column.Name));
                    if (securedResource != null)
                    {
                        var minLevel           = securedResource.ConfigurationOptions.Select(option => option.Level).Min();
                        var restrictiveOptions = from option in securedResource.ConfigurationOptions
                                                 where option.Level == minLevel
                                                 select option;

                        List <ConfigurationOptionInfo> applicableOptions = new List <ConfigurationOptionInfo>(restrictiveOptions);
                        var grantedOptions = role.GrantedResourceContainers.Where(grc => grc.Name == resourceContainer.Name)
                                             .SelectMany(grc => grc.GrantedResources.Where(gr => (gr.Scope == securedResource.Scope) && (gr.Name == securedResource.Name))
                                                         .Select(gr => gr.Option)
                                                         .SelectMany(grantedOption => securedResource.ConfigurationOptions.Where(option => option.OptionId == grantedOption)
                                                                     .Select(option => option)));
                        foreach (ConfigurationOptionInfo option in grantedOptions)
                        {
                            if (applicableOptions.RemoveAll(ao => (ao.Property == option.Property) && (ao.Level < option.Level)) > 0)
                            {
                                applicableOptions.Add(option);
                            }
                        }
                        foreach (ConfigurationOptionInfo applicableOption in applicableOptions)
                        {
                            PropertyInfo optionProperty = column.GetType().GetProperty(applicableOption.Property);
                            optionProperty.SetValue(column, Convert.ChangeType(applicableOption.Value, optionProperty.PropertyType), null);
                        }
                    }
                }
            }
        }