/// <summary>
/// Updates a Item in the database with the the values provided. A new Item is created if one does not already exist.
/// </summary>
/// <param name="changedItem">The item content to be modified.</param>
/// <returns>The modified database item.</returns>
public CFItem UpdateStoredItem(CFItem changedItem)
{
CFItem dbModel = new CFItem();
if (changedItem.Id > 0)
{
dbModel = Db.XmlModels.Find(changedItem.Id) as CFItem;
}
else
{
dbModel = CreateEntity <CFItem>(changedItem.EntityTypeId.Value);
}
//updating the "value" text elements
dbModel.UpdateValues(changedItem);
//Processing any file attachments that have been submitted
UpdateFiles(changedItem, dbModel);
if (changedItem.Id > 0)
{//update Item
Db.Entry(dbModel).State = EntityState.Modified;
}
else
{
dbModel.Serialize();
Db.XmlModels.Add(dbModel);
}
return(dbModel);
}
public void CreateItems()
{
int COUNT = 50;
CatfishDbContext db = new CatfishDbContext();
List <CFEntityType> itemTypes = db.EntityTypes.Where(t => t.TargetTypes.Contains(CFEntityType.eTarget.Items.ToString())).ToList(); //db.EntityTypes.Where(t => t.TargetType == EntityType.eTarget.Items).ToList();
if (itemTypes.Count == 0)
{
throw new Exception("No entity types have been defined for collections.");
}
var rand = new Random();
ItemService srv = new ItemService(db);
for (int i = 0; i < COUNT; ++i)
{
CFEntityType cType = itemTypes[rand.Next(0, itemTypes.Count)];
CFItem c = srv.CreateEntity <CFItem>(cType.Id);
string name = TestData.LoremIpsum(5, 10);
c.SetDescription(TestData.LoremIpsum(20, 100, 1, 10));
c.SetName("Item: " + name);
c.Serialize();
db.Items.Add(c);
}
db.SaveChanges();
}
/// <summary>
/// Updates a Item in the database with the the values provided. A new Item is created if one does not already exist.
/// </summary>
/// <param name="changedItem">The item content to be modified.</param>
/// <returns>The modified database item.</returns>
public CFItem UpdateStoredItem(CFItem changedItem)
{
CFItem dbModel = new CFItem();
if (changedItem.Id > 0)
{
//dbModel = Db.XmlModels.Find(changedItem.Id) as CFItem;
dbModel = GetItem(changedItem.Id, AccessMode.Write);
if (dbModel == null)
{
throw new UnauthorizedAccessException("User does not have WRITE access to item " + changedItem.Id);
}
}
else
{
dbModel = CreateEntity <CFItem>(changedItem.EntityTypeId.Value);
}
//updating the "value" text elements
dbModel.UpdateValues(changedItem);
//oct 10 2018 -- attemp to add attchment in the metadtaset to item.Attachment -- this might be wrong approach!
foreach (CFMetadataSet ms in changedItem.MetadataSets)
{
foreach (FormField field in ms.Fields)
{
if (field.GetType().FullName == "Catfish.Core.Models.Forms.Attachment")
{
if (!string.IsNullOrEmpty((field as Catfish.Core.Models.Forms.Attachment).FileGuids))
{
if (string.IsNullOrEmpty(changedItem.AttachmentField.FileGuids))
{
changedItem.AttachmentField.FileGuids = (field as Catfish.Core.Models.Forms.Attachment).FileGuids;
}
else
{
changedItem.AttachmentField.FileGuids += "|" + (field as Catfish.Core.Models.Forms.Attachment).FileGuids;
}
}
}
}
}
//Processing any file attachments that have been submitted
UpdateFiles(changedItem, dbModel);
if (changedItem.Id > 0)
{//update Item
Db.Entry(dbModel).State = EntityState.Modified;
}
else
{
dbModel.Serialize();
Db.XmlModels.Add(dbModel);
}
return(dbModel);
}
public void TestDenyInheritanceFlag()
{
SecurityServiceBase srv = new TestSecurityService(Db);
string itemName = "TestUserIsAdminItem";
string itemDesciption = "Test item description";
AccessMode defaultAccess = GetDefaultPermissions();
CFAccessDefinition ad1 = new CFAccessDefinition()
{
Name = "Test 1",
AccessModes = AccessMode.Read | AccessMode.Write
};
CFAccessDefinition ad2 = new CFAccessDefinition()
{
Name = "Test 2",
AccessModes = AccessMode.Control | AccessMode.Append
};
int entityType = mDh.Ets.GetEntityTypes(CFEntityType.eTarget.Items).FirstOrDefault().Id;
CFItem i1 = mDh.CreateItem(mDh.Is, entityType, itemName, itemDesciption, true);
List <CFAccessGroup> groups = new List <CFAccessGroup>()
{
new CFAccessGroup()
{
AccessGuids = new List <Guid>()
{
Guid.Parse(Groups[0])
}, AccessDefinition = ad1
},
new CFAccessGroup()
{
AccessGuids = new List <Guid>()
{
Guid.Parse(Users[1].Guid)
}, AccessDefinition = ad2
}
};
i1.AccessGroups = groups;
i1.BlockInheritance = true;
i1.Serialize();
Db.SaveChanges();
AccessMode modes1 = srv.GetPermissions(Users[0].Guid, i1);
AccessMode modes2 = srv.GetPermissions(Users[1].Guid, i1);
AccessMode modes3 = srv.GetPermissions(Users[2].Guid, i1);
AccessMode modes4 = srv.GetPermissions(Users[3].Guid, i1);
Assert.AreEqual(ad1.AccessModes, modes1);
Assert.AreEqual(ad1.AccessModes | ad2.AccessModes, modes2);
Assert.AreEqual(AccessMode.None, modes3);
Assert.AreEqual(AccessMode.None, modes4);
}
public void TestNoAccessDefinitionNoParents()
{
SecurityServiceBase srv = new TestSecurityService(Db);
string collectionName = "TestUserIsAdminCollection";
string collectionDesciption = "Test collection description";
string itemName = "TestUserIsAdminItem";
string itemDesciption = "Test item description";
AccessMode defaultAccess = GetDefaultPermissions();
AccessMode modes;
int entityType = mDh.Ets.GetEntityTypes(CFEntityType.eTarget.Collections).FirstOrDefault().Id;
CFCollection c1 = mDh.CreateCollection(mDh.Cs, entityType, collectionName, collectionDesciption, true);
entityType = mDh.Ets.GetEntityTypes(CFEntityType.eTarget.Items).FirstOrDefault().Id;
CFItem i1 = mDh.CreateItem(mDh.Is, entityType, itemName + "1", itemDesciption, true);
CFItem i2 = mDh.CreateItem(mDh.Is, entityType, itemName + "2", itemDesciption, true);
Db.SaveChanges();
c1.ChildMembers.Add(i1);
c1.Serialize();
Db.Entry(c1).State = System.Data.Entity.EntityState.Modified;
i2.ChildMembers.Add(i1);
i2.Serialize();
Db.Entry(i2).State = System.Data.Entity.EntityState.Modified;
Db.SaveChanges();
foreach (TestUser user in Users)
{
modes = srv.GetPermissions(user.Guid, c1);
Assert.AreEqual(defaultAccess, modes);
Assert.AreNotEqual(AccessMode.All, modes);
modes = srv.GetPermissions(user.Guid, i2);
Assert.AreEqual(defaultAccess, modes);
Assert.AreNotEqual(AccessMode.All, modes);
modes = srv.GetPermissions(user.Guid, i1);
Assert.AreEqual(defaultAccess, modes);
Assert.AreNotEqual(AccessMode.All, modes);
}
}
public ActionResult AddUserAccessDefinition(EntityAccessDefinitionsViewModel entityAccessVM)
{
CFItem item = ItemService.GetItem(entityAccessVM.Id);
AccessGroupService accessGroupService = new AccessGroupService(Db);
item = accessGroupService.UpdateEntityAccessGroups(item, entityAccessVM) as CFItem;
item = EntityService.UpdateEntity(item) as CFItem;
item.Serialize();
Db.SaveChanges();
return(RedirectToAction("AccessGroup", new { id = entityAccessVM.Id }));
}
public ActionResult AccessGroup(int id, EntityAccessDefinitionsViewModel entityAccessVM)
{
SecurityService.CreateAccessContext();
CFItem item = ItemService.GetItem(entityAccessVM.Id);
AccessGroupService accessGroupService = new AccessGroupService(Db);
item = accessGroupService.UpdateEntityAccessGroups(item, entityAccessVM) as CFItem;
item = EntityService.UpdateEntity(item) as CFItem;
item.Serialize();
Db.SaveChanges();
// commit changes to solr
SuccessMessage(Catfish.Resources.Views.Shared.EntityAccessGroup.SaveSuccess);
return(AccessGroup(entityAccessVM.Id));
}
public void TestCircularParents()
{
SecurityServiceBase srv = new TestSecurityService(Db);
string collectionName = "TestUserIsAdminCollection";
string collectionDesciption = "Test collection description";
string itemName = "TestUserIsAdminItem";
string itemDesciption = "Test item description";
AccessMode defaultAccess = GetDefaultPermissions();
CFAccessDefinition ad1 = new CFAccessDefinition()
{
Name = "Test 1",
AccessModes = AccessMode.Write
};
CFAccessDefinition ad2 = new CFAccessDefinition()
{
Name = "Test 2",
AccessModes = AccessMode.Control | AccessMode.Append
};
CFAccessDefinition ad3 = new CFAccessDefinition()
{
Name = "Test 3",
AccessModes = AccessMode.Discover
};
int entityType = mDh.Ets.GetEntityTypes(CFEntityType.eTarget.Items).FirstOrDefault().Id;
CFItem i1 = mDh.CreateItem(mDh.Is, entityType, itemName, itemDesciption, true);
entityType = mDh.Ets.GetEntityTypes(CFEntityType.eTarget.Collections).FirstOrDefault().Id;
CFCollection c1 = mDh.CreateCollection(mDh.Cs, entityType, collectionName, collectionDesciption, true);
entityType = mDh.Ets.GetEntityTypes(CFEntityType.eTarget.Items).FirstOrDefault().Id;
CFItem i2 = mDh.CreateItem(mDh.Is, entityType, itemName, itemDesciption, true);
List <CFAccessGroup> groups = new List <CFAccessGroup>()
{
new CFAccessGroup()
{
AccessGuids = new List <Guid>()
{
Guid.Parse(Groups[0])
}, AccessDefinition = ad1
},
};
c1.AccessGroups = groups;
c1.Serialize();
groups = new List <CFAccessGroup>()
{
new CFAccessGroup()
{
AccessGuids = new List <Guid>()
{
Guid.Parse(Groups[1])
}, AccessDefinition = ad2
},
new CFAccessGroup()
{
AccessGuids = new List <Guid>()
{
Guid.Parse(Groups[2])
}, AccessDefinition = ad3
}
};
i2.AccessGroups = groups;
i2.Serialize();
i1.Serialize();
c1.ChildMembers.Add(i1);
c1.ChildMembers.Add(i2); //NOTE: Here is our circular relationship
i2.ChildMembers.Add(i1);
Db.SaveChanges();
AccessMode modes1 = srv.GetPermissions(Users[0].Guid, i1);
AccessMode modes2 = srv.GetPermissions(Users[1].Guid, i1);
AccessMode modes3 = srv.GetPermissions(Users[2].Guid, i1);
AccessMode modes4 = srv.GetPermissions(Users[3].Guid, i1);
Assert.AreEqual(defaultAccess | ad1.AccessModes | ad3.AccessModes, modes1);
Assert.AreEqual(defaultAccess | ad1.AccessModes | ad2.AccessModes, modes2);
Assert.AreEqual(defaultAccess | ad2.AccessModes, modes3);
Assert.AreEqual(defaultAccess | ad2.AccessModes | ad3.AccessModes, modes4);
modes1 = srv.GetPermissions(Users[0].Guid, i2);
modes2 = srv.GetPermissions(Users[1].Guid, i2);
modes3 = srv.GetPermissions(Users[2].Guid, i2);
modes4 = srv.GetPermissions(Users[3].Guid, i2);
Assert.AreEqual(defaultAccess | ad1.AccessModes | ad3.AccessModes, modes1);
Assert.AreEqual(defaultAccess | ad1.AccessModes | ad2.AccessModes, modes2);
Assert.AreEqual(defaultAccess | ad2.AccessModes, modes3);
Assert.AreEqual(defaultAccess | ad2.AccessModes | ad3.AccessModes, modes4);
modes1 = srv.GetPermissions(Users[0].Guid, c1);
modes2 = srv.GetPermissions(Users[1].Guid, c1);
modes3 = srv.GetPermissions(Users[2].Guid, c1);
modes4 = srv.GetPermissions(Users[3].Guid, c1);
Assert.AreEqual(defaultAccess | ad1.AccessModes, modes1);
Assert.AreEqual(defaultAccess | ad1.AccessModes, modes2);
Assert.AreEqual(defaultAccess, modes3);
Assert.AreEqual(defaultAccess, modes4);
}