public IGlymaPermission CreateGlymaPermission(GlymaPermissionLevel permissionLevel)
{
IGlymaPermission permissionObject = null;
switch (permissionLevel)
{
case GlymaPermissionLevel.GlymaSecurityManager:
permissionObject = new GlymaSecurityManager(Context);
break;
case GlymaPermissionLevel.GlymaProjectManager:
permissionObject = new GlymaProjectManager(Context);
break;
case GlymaPermissionLevel.GlymaMapManager:
permissionObject = new GlymaMapManager(Context);
break;
case GlymaPermissionLevel.GlymaMapAuthor:
permissionObject = new GlymaMapAuthor(Context);
break;
case GlymaPermissionLevel.GlymaMapReader:
permissionObject = new GlymaMapReader(Context);
break;
}
return(permissionObject);
}
public static GlymaPermissionLevel GetPermissionLevelByName(string permissionLevel)
{
GlymaPermissionLevel result = GlymaPermissionLevel.None;
if (permissionLevel == Constants.GLYMA_SECURITY_MAGAGERS_PERMISSION_LEVEL)
{
result = GlymaPermissionLevel.GlymaSecurityManager;
}
else if (permissionLevel == Constants.GLYMA_PROJECT_MANAGERS_PERMISSION_LEVEL)
{
result = GlymaPermissionLevel.GlymaProjectManager;
}
else if (permissionLevel == Constants.GLYMA_MAP_MANAGERS_PERMISSION_LEVEL)
{
result = GlymaPermissionLevel.GlymaMapManager;
}
else if (permissionLevel == Constants.GLYMA_MAP_AUTHORS_PERMISSION_LEVEL)
{
result = GlymaPermissionLevel.GlymaMapAuthor;
}
else if (permissionLevel == Constants.GLYMA_MAP_READERS_PERMISSION_LEVEL)
{
result = GlymaPermissionLevel.GlymaMapReader;
}
else if (permissionLevel == Constants.GLYMA_MAP_READERS_OLD_PERMISSION_LEVEL)
{
result = GlymaPermissionLevel.GlymaMapReaderOld;
}
else if (permissionLevel == Constants.GLYMA_MAP_AUTHORS_OLD_PERMISSION_LEVEL)
{
result = GlymaPermissionLevel.GlymaMapAuthorOld;
}
return(result);
}
/// <summary>
/// Helper method used for checking if one Glyma permission is greater than or less than another.
/// </summary>
/// <param name="permissionName">The name of the permission to check</param>
/// <param name="maxPermission">The current maximum permision to check against</param>
/// <returns></returns>
public static bool IsPermissionGreaterOrEqual(string permissionName, string maxPermission)
{
GlymaPermissionLevel permssionLevel = GetPermissionLevelByName(permissionName);
GlymaPermissionLevel maxPermissionLevel = GetPermissionLevelByName(maxPermission);
return(IsPermissionGreaterOrEqual(permssionLevel, maxPermissionLevel));
}
public static string GetPermissionLevelName(GlymaPermissionLevel permissionLevel)
{
string result = null;
switch (permissionLevel)
{
case GlymaPermissionLevel.GlymaSecurityManager:
result = Constants.GLYMA_SECURITY_MAGAGERS_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.GlymaProjectManager:
result = Constants.GLYMA_PROJECT_MANAGERS_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.GlymaMapManager:
result = Constants.GLYMA_MAP_MANAGERS_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.GlymaMapAuthor:
result = Constants.GLYMA_MAP_AUTHORS_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.GlymaMapAuthorOld:
result = Constants.GLYMA_MAP_AUTHORS_OLD_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.GlymaMapReader:
result = Constants.GLYMA_MAP_READERS_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.GlymaMapReaderOld:
result = Constants.GLYMA_MAP_READERS_OLD_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.None:
result = Constants.GLYMA_NO_PERMISSION_LEVEL;
break;
}
return result;
}
internal GetAllSecurityGroupsResponse GetAllGlymaSecurityGroups()
{
GetAllSecurityGroupsResponse result = new GetAllSecurityGroupsResponse()
{
HasError = false
};
IList <string> permissionLevelNames = new List <string>();
permissionLevelNames.Add(GlymaPermissionLevelHelper.GetPermissionLevelName(GlymaPermissionLevel.GlymaProjectManager));
permissionLevelNames.Add(GlymaPermissionLevelHelper.GetPermissionLevelName(GlymaPermissionLevel.GlymaMapManager));
permissionLevelNames.Add(GlymaPermissionLevelHelper.GetPermissionLevelName(GlymaPermissionLevel.GlymaMapAuthor));
permissionLevelNames.Add(GlymaPermissionLevelHelper.GetPermissionLevelName(GlymaPermissionLevel.GlymaMapReader));
permissionLevelNames.Add(GlymaPermissionLevelHelper.GetPermissionLevelName(GlymaPermissionLevel.GlymaMapReaderOld));
permissionLevelNames.Add(GlymaPermissionLevelHelper.GetPermissionLevelName(GlymaPermissionLevel.GlymaMapAuthorOld));
Dictionary <GlymaPermissionLevel, IList <GlymaSecurityGroup> > results = new Dictionary <GlymaPermissionLevel, IList <GlymaSecurityGroup> >();
foreach (string permissionLevelName in permissionLevelNames)
{
GlymaPermissionLevel permissionLevel = GlymaPermissionLevelHelper.GetPermissionLevelByName(permissionLevelName);
GetSecurityGroupsResponse response = GetSecurityGroups(permissionLevel);
if (!response.HasError)
{
IList <GlymaSecurityGroup> groups = response.Result;
if (results.ContainsKey(permissionLevel))
{
foreach (GlymaSecurityGroup group in groups)
{
if (!results[permissionLevel].Contains(group))
{
results[permissionLevel].Add(group);
}
}
}
else
{
results.Add(permissionLevel, groups);
}
}
else
{
result.HasError = true;
result.ErrorMessage = response.ErrorMessage;
break; //an error occurred so stop at this point
}
}
if (!result.HasError)
{
GlymaSecurityGroupCollection groups = new GlymaSecurityGroupCollection(this, results);
IDictionary <GlymaPermissionLevel, IList <GlymaSecurityGroup> > filteredGroups = groups.FilterGroups();
result.Result = filteredGroups;
}
return(result);
}
/// <summary>
/// Gets the highest permission (role) name that the current user has if they have access to the object
/// </summary>
/// <param name="webUrl">The URL for the SP site</param>
/// <param name="securableObject">An object that contains the Parent and Object ID's
/// SecurableParentUid: The ID of the securable parent (Guid.Empty for projects),
/// SecurableObjectUid: The ID of the securable object (root map UID or project UID if securing a project)</param>
/// <returns>The Glyma permission level name if the user has access or null if the user doens't have access</returns>
public GetPermissionLevelResponse GetPermissionLevelForObject(string webUrl, GlymaSecurableObject securableObject)
{
GetPermissionLevelResponse result = new GetPermissionLevelResponse()
{
HasError = false
};
SecurityContextManager securityContext = new SecurityContextManager(webUrl);
if (securityContext.CurrentUser.IsUserMapReader())
{
GlymaPermissionLevel highestPermissionLevel = GlymaPermissionLevel.None;
try
{
GetCurrentUserAccessToObjectResponse response = securityContext.CurrentUser.GetCurrentUserAccessToObject(securableObject, false);
if (!response.HasError)
{
if (response.HasAccess)
{
//if the user has access to the object (project or root map) get there highest permission level
highestPermissionLevel = response.HighestPermissionLevel;
}
else
{
//The user has no access
result.Result = GlymaPermissionLevel.None;
}
}
else
{
result.HasError = true;
result.ErrorMessage = response.ErrorMessage;
}
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
if (!result.HasError)
{
result.Result = highestPermissionLevel;
}
}
else
{
result.HasError = true;
result.ErrorMessage = "Access Denied. User does not have permissions to access this web service method.";
}
return(result);
}
internal GlymaPermissionLevel GetGroupsPermissionLevel(GlymaSecurityGroup glGroup)
{
GlymaPermissionLevel result = GlymaPermissionLevel.None;
IList <GlymaSecurityGroup> pmGroups = _groups[GlymaPermissionLevel.GlymaProjectManager];
IList <GlymaSecurityGroup> mmGroups = _groups[GlymaPermissionLevel.GlymaMapManager];
IList <GlymaSecurityGroup> maGroups = _groups[GlymaPermissionLevel.GlymaMapAuthor];
IList <GlymaSecurityGroup> mrGroups = _groups[GlymaPermissionLevel.GlymaMapReader];
foreach (GlymaSecurityGroup spGroup in pmGroups)
{
if (spGroup.GroupId == glGroup.GroupId)
{
result = GlymaPermissionLevel.GlymaProjectManager;
return(result); // group has project manager permissions
}
}
foreach (GlymaSecurityGroup spGroup in mmGroups)
{
if (spGroup.GroupId == glGroup.GroupId)
{
result = GlymaPermissionLevel.GlymaMapManager;
return(result); // group has map manager permissions
}
}
foreach (GlymaSecurityGroup spGroup in maGroups)
{
if (spGroup.GroupId == glGroup.GroupId)
{
result = GlymaPermissionLevel.GlymaMapAuthor;
return(result); // group has map author permissions
}
}
foreach (GlymaSecurityGroup spGroup in mrGroups)
{
if (spGroup.GroupId == glGroup.GroupId)
{
result = GlymaPermissionLevel.GlymaMapReader;
return(result); // group has map reader permissions
}
}
return(result);
}
private bool IsUserAuthorized(GlymaPermissionLevel permissionLevel)
{
bool hasAccess = false;
try
{
IGlymaPermission highestPermissionLevel = this.GetHighestPermissionLevel();
if (GlymaPermissionLevelHelper.IsPermissionGreaterOrEqual(highestPermissionLevel.PermissionLevel, permissionLevel))
{
hasAccess = true;
}
}
catch (Exception)
{
hasAccess = false;
}
return(hasAccess);
}
public static string GetPermissionLevelName(GlymaPermissionLevel permissionLevel)
{
string result = null;
switch (permissionLevel)
{
case GlymaPermissionLevel.GlymaSecurityManager:
result = Constants.GLYMA_SECURITY_MAGAGERS_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.GlymaProjectManager:
result = Constants.GLYMA_PROJECT_MANAGERS_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.GlymaMapManager:
result = Constants.GLYMA_MAP_MANAGERS_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.GlymaMapAuthor:
result = Constants.GLYMA_MAP_AUTHORS_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.GlymaMapAuthorOld:
result = Constants.GLYMA_MAP_AUTHORS_OLD_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.GlymaMapReader:
result = Constants.GLYMA_MAP_READERS_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.GlymaMapReaderOld:
result = Constants.GLYMA_MAP_READERS_OLD_PERMISSION_LEVEL;
break;
case GlymaPermissionLevel.None:
result = Constants.GLYMA_NO_PERMISSION_LEVEL;
break;
}
return(result);
}
/// <summary>
/// Gets the highest permission level that a user has
/// </summary>
/// <param name="webUrl"></param>
/// <returns></returns>
public GetPermissionLevelResponse GetUsersPermissionLevel(string webUrl)
{
GetPermissionLevelResponse result = new GetPermissionLevelResponse()
{
HasError = false
};
GlymaPermissionLevel permissionLevel = GlymaPermissionLevel.None;
GetIsUserGlymaSecurityManagerResponse isSecurityManager = GetIsUserGlymaSecurityManager(webUrl);
if (!isSecurityManager.HasError)
{
if (isSecurityManager.Result)
{
permissionLevel = GlymaPermissionLevel.GlymaSecurityManager;
result.Result = permissionLevel;
}
else
{
try
{
SecurityContextManager context = new SecurityContextManager(webUrl);
IGlymaPermission permission = context.CurrentUser.GetHighestPermissionLevel();
permissionLevel = permission.PermissionLevel;
result.Result = permissionLevel;
}
catch (Exception e)
{
result.HasError = true;
result.ErrorMessage = e.Message;
}
}
}
else
{
result.HasError = true;
result.ErrorMessage = isSecurityManager.ErrorMessage;
}
return(result);
}
public static PermissionLevel Convert(GlymaPermissionLevel value)
{
switch (value)
{
case GlymaPermissionLevel.GlymaMapAuthor:
return(Author);
case GlymaPermissionLevel.GlymaMapReader:
return(Reader);
case GlymaPermissionLevel.GlymaMapManager:
return(MapManager);
case GlymaPermissionLevel.GlymaProjectManager:
return(ProjectManager);
case GlymaPermissionLevel.GlymaSecurityManager:
return(SecurityManager);
default:
return(None);
}
}
public IGlymaPermission CreateGlymaPermission(GlymaPermissionLevel permissionLevel)
{
IGlymaPermission permissionObject = null;
switch (permissionLevel)
{
case GlymaPermissionLevel.GlymaSecurityManager:
permissionObject = new GlymaSecurityManager(Context);
break;
case GlymaPermissionLevel.GlymaProjectManager:
permissionObject = new GlymaProjectManager(Context);
break;
case GlymaPermissionLevel.GlymaMapManager:
permissionObject = new GlymaMapManager(Context);
break;
case GlymaPermissionLevel.GlymaMapAuthor:
permissionObject = new GlymaMapAuthor(Context);
break;
case GlymaPermissionLevel.GlymaMapReader:
permissionObject = new GlymaMapReader(Context);
break;
}
return permissionObject;
}
/// <summary>
/// Checks if the the group appears in a higher permission level
/// </summary>
/// <param name="group"></param>
/// <param name="currentPermissionLevel"></param>
/// <returns>True if the group is in a higher level</returns>
private bool ExistsInHigherPermissionLevel(GlymaSecurityGroup group, GlymaPermissionLevel currentPermissionLevel)
{
bool result = false;
IList<GlymaSecurityGroup> projectManagerGroups = _groups[GlymaPermissionLevel.GlymaProjectManager];
IList<GlymaSecurityGroup> mapManagersGroups = _groups[GlymaPermissionLevel.GlymaMapManager];
IList<GlymaSecurityGroup> mapAuthorGroups = _groups[GlymaPermissionLevel.GlymaMapAuthor];
IList<GlymaSecurityGroup> oldMapAuthorsGroups = _groups[GlymaPermissionLevel.GlymaMapAuthorOld];
switch (currentPermissionLevel)
{
case GlymaPermissionLevel.GlymaMapManager:
foreach (GlymaSecurityGroup securityGroup in projectManagerGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
break;
case GlymaPermissionLevel.GlymaMapAuthor:
foreach (GlymaSecurityGroup securityGroup in mapManagersGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
foreach (GlymaSecurityGroup securityGroup in projectManagerGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
break;
case GlymaPermissionLevel.GlymaMapReader:
foreach (GlymaSecurityGroup securityGroup in mapAuthorGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
foreach (GlymaSecurityGroup securityGroup in oldMapAuthorsGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
foreach (GlymaSecurityGroup securityGroup in mapManagersGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
foreach (GlymaSecurityGroup securityGroup in projectManagerGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
break;
}
return result;
}
/// <summary>
/// Returns a list presenting the SharePoint Security Groups for the current web that have a specified permission associated with them
/// </summary>
/// <param name="webUrl">The URL for the SP site</param>
/// <param name="permissionLevel">The permission level the groups must have</param>
/// <returns>A list of groups (wrapped by a ResponseObject)</returns>
internal GetSecurityGroupsResponse GetSecurityGroups(GlymaPermissionLevel permissionLevel)
{
GetSecurityGroupsResponse result = new GetSecurityGroupsResponse()
{
HasError = false
};
IList <GlymaSecurityGroup> results = new List <GlymaSecurityGroup>();
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(WebUrl))
{
using (SPWeb web = site.OpenWeb())
{
SPRoleDefinition roleDefinition = null;
try
{
// Check if the role exists, if it does a definition will exist
roleDefinition = web.RoleDefinitions[GlymaPermissionLevelHelper.GetPermissionLevelName(permissionLevel)];
}
catch (Exception)
{
//if unable to find the role definition it will throw an exception
}
if (roleDefinition != null)
{
SPRoleAssignmentCollection roleAssignments = web.RoleAssignments;
foreach (SPRoleAssignment roleAssignment in roleAssignments)
{
bool hasRoleDefinition = false;
foreach (
SPRoleDefinition definition in roleAssignment.RoleDefinitionBindings)
{
if (definition.Id == roleDefinition.Id)
{
//The role exists for this role assignment
hasRoleDefinition = true;
break;
}
}
if (hasRoleDefinition)
{
SPGroup group = roleAssignment.Member as SPGroup;
//we only want to look at groups
if (group != null)
{
GlymaSecurityGroup glymaGroup = new GlymaSecurityGroup();
glymaGroup.DisplayName = group.Name;
SecurableContext securableContext = this.GetSecurableContext();
glymaGroup.SecurableContextId = securableContext.SecurableContextId;
GlymaSecurityGroupContext sgc = new GlymaSecurityGroupContext(this, securableContext.SecurableContextId, group.ID, web.ID);
Group glGroup = sgc.GetGroup(group.Name);
if (glGroup == null)
{
glGroup = sgc.CreateGroup(group.Name);
}
if (glGroup != null)
{
glymaGroup.GroupId = glGroup.GroupId;
results.Add(glymaGroup);
}
else
{
result.HasError = true;
result.ErrorMessage = "Failed to create the Group in the Glyma Security Database.";
break;
}
}
}
}
}
else
{
results = new List <GlymaSecurityGroup>(); //there was no role by this name, it has no groups
}
}
}
});
}
catch (Exception ex)
{
//If an error occurs getting the group listing return no groups
result.HasError = true;
result.ErrorMessage = ex.Message;
}
if (!result.HasError)
{
result.Result = results;
}
return(result);
}
public static PermissionLevel Convert(GlymaPermissionLevel value)
{
switch (value)
{
case GlymaPermissionLevel.GlymaMapAuthor:
return Author;
case GlymaPermissionLevel.GlymaMapReader:
return Reader;
case GlymaPermissionLevel.GlymaMapManager:
return MapManager;
case GlymaPermissionLevel.GlymaProjectManager:
return ProjectManager;
case GlymaPermissionLevel.GlymaSecurityManager:
return SecurityManager;
default:
return None;
}
}
public static bool IsPermissionGreaterOrEqual(GlymaPermissionLevel permissionLevel, GlymaPermissionLevel maxPermissionLevel)
{
bool result = false;
switch (maxPermissionLevel)
{
case GlymaPermissionLevel.GlymaSecurityManager:
if (permissionLevel == GlymaPermissionLevel.GlymaSecurityManager)
{
result = true;
}
else
{
result = false;
}
break;
case GlymaPermissionLevel.GlymaProjectManager:
if (permissionLevel == GlymaPermissionLevel.GlymaSecurityManager ||
permissionLevel == GlymaPermissionLevel.GlymaProjectManager)
{
result = true;
}
else
{
result = false;
}
break;
case GlymaPermissionLevel.GlymaMapManager:
if (permissionLevel == GlymaPermissionLevel.GlymaSecurityManager ||
permissionLevel == GlymaPermissionLevel.GlymaProjectManager ||
permissionLevel == GlymaPermissionLevel.GlymaMapManager)
{
result = true;
}
else
{
result = false;
}
break;
case GlymaPermissionLevel.GlymaMapAuthor:
if (permissionLevel == GlymaPermissionLevel.GlymaSecurityManager ||
permissionLevel == GlymaPermissionLevel.GlymaProjectManager ||
permissionLevel == GlymaPermissionLevel.GlymaMapManager ||
permissionLevel == GlymaPermissionLevel.GlymaMapAuthor ||
permissionLevel == GlymaPermissionLevel.GlymaMapAuthorOld)
{
result = true;
}
else
{
result = false;
}
break;
case GlymaPermissionLevel.GlymaMapReader:
if (permissionLevel == GlymaPermissionLevel.GlymaSecurityManager ||
permissionLevel == GlymaPermissionLevel.GlymaProjectManager ||
permissionLevel == GlymaPermissionLevel.GlymaMapManager ||
permissionLevel == GlymaPermissionLevel.GlymaMapAuthor ||
permissionLevel == GlymaPermissionLevel.GlymaMapAuthorOld ||
permissionLevel == GlymaPermissionLevel.GlymaMapReader ||
permissionLevel == GlymaPermissionLevel.GlymaMapReaderOld)
{
result = true;
}
else
{
result = false;
}
break;
default:
result = false;
break;
}
return(result);
}
private bool IsUserAuthorized(GlymaPermissionLevel permissionLevel)
{
bool hasAccess = false;
try
{
IGlymaPermission highestPermissionLevel = this.GetHighestPermissionLevel();
if (GlymaPermissionLevelHelper.IsPermissionGreaterOrEqual(highestPermissionLevel.PermissionLevel, permissionLevel))
{
hasAccess = true;
}
}
catch (Exception)
{
hasAccess = false;
}
return hasAccess;
}
public static bool IsPermissionGreaterOrEqual(GlymaPermissionLevel permissionLevel, GlymaPermissionLevel maxPermissionLevel)
{
bool result = false;
switch (maxPermissionLevel)
{
case GlymaPermissionLevel.GlymaSecurityManager:
if (permissionLevel == GlymaPermissionLevel.GlymaSecurityManager)
{
result = true;
}
else
{
result = false;
}
break;
case GlymaPermissionLevel.GlymaProjectManager:
if (permissionLevel == GlymaPermissionLevel.GlymaSecurityManager ||
permissionLevel == GlymaPermissionLevel.GlymaProjectManager)
{
result = true;
}
else
{
result = false;
}
break;
case GlymaPermissionLevel.GlymaMapManager:
if (permissionLevel == GlymaPermissionLevel.GlymaSecurityManager ||
permissionLevel == GlymaPermissionLevel.GlymaProjectManager ||
permissionLevel == GlymaPermissionLevel.GlymaMapManager)
{
result = true;
}
else
{
result = false;
}
break;
case GlymaPermissionLevel.GlymaMapAuthor:
if (permissionLevel == GlymaPermissionLevel.GlymaSecurityManager ||
permissionLevel == GlymaPermissionLevel.GlymaProjectManager ||
permissionLevel == GlymaPermissionLevel.GlymaMapManager ||
permissionLevel == GlymaPermissionLevel.GlymaMapAuthor ||
permissionLevel == GlymaPermissionLevel.GlymaMapAuthorOld)
{
result = true;
}
else
{
result = false;
}
break;
case GlymaPermissionLevel.GlymaMapReader:
if (permissionLevel == GlymaPermissionLevel.GlymaSecurityManager ||
permissionLevel == GlymaPermissionLevel.GlymaProjectManager ||
permissionLevel == GlymaPermissionLevel.GlymaMapManager ||
permissionLevel == GlymaPermissionLevel.GlymaMapAuthor ||
permissionLevel == GlymaPermissionLevel.GlymaMapAuthorOld ||
permissionLevel == GlymaPermissionLevel.GlymaMapReader ||
permissionLevel == GlymaPermissionLevel.GlymaMapReaderOld)
{
result = true;
}
else
{
result = false;
}
break;
default:
result = false;
break;
}
return result;
}
/// <summary>
/// Returns a list presenting the SharePoint Security Groups for the current web that have a specified permission associated with them
/// </summary>
/// <param name="webUrl">The URL for the SP site</param>
/// <param name="permissionLevel">The permission level the groups must have</param>
/// <returns>A list of groups (wrapped by a ResponseObject)</returns>
internal GetSecurityGroupsResponse GetSecurityGroups(GlymaPermissionLevel permissionLevel)
{
GetSecurityGroupsResponse result = new GetSecurityGroupsResponse() { HasError = false };
IList<GlymaSecurityGroup> results = new List<GlymaSecurityGroup>();
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(WebUrl))
{
using (SPWeb web = site.OpenWeb())
{
SPRoleDefinition roleDefinition = null;
try
{
// Check if the role exists, if it does a definition will exist
roleDefinition = web.RoleDefinitions[GlymaPermissionLevelHelper.GetPermissionLevelName(permissionLevel)];
}
catch (Exception)
{
//if unable to find the role definition it will throw an exception
}
if (roleDefinition != null)
{
SPRoleAssignmentCollection roleAssignments = web.RoleAssignments;
foreach (SPRoleAssignment roleAssignment in roleAssignments)
{
bool hasRoleDefinition = false;
foreach (
SPRoleDefinition definition in roleAssignment.RoleDefinitionBindings)
{
if (definition.Id == roleDefinition.Id)
{
//The role exists for this role assignment
hasRoleDefinition = true;
break;
}
}
if (hasRoleDefinition)
{
SPGroup group = roleAssignment.Member as SPGroup;
//we only want to look at groups
if (group != null)
{
GlymaSecurityGroup glymaGroup = new GlymaSecurityGroup();
glymaGroup.DisplayName = group.Name;
SecurableContext securableContext = this.GetSecurableContext();
glymaGroup.SecurableContextId = securableContext.SecurableContextId;
GlymaSecurityGroupContext sgc = new GlymaSecurityGroupContext(this, securableContext.SecurableContextId, group.ID, web.ID);
Group glGroup = sgc.GetGroup(group.Name);
if (glGroup == null)
{
glGroup = sgc.CreateGroup(group.Name);
}
if (glGroup != null)
{
glymaGroup.GroupId = glGroup.GroupId;
results.Add(glymaGroup);
}
else
{
result.HasError = true;
result.ErrorMessage = "Failed to create the Group in the Glyma Security Database.";
break;
}
}
}
}
}
else
{
results = new List<GlymaSecurityGroup>(); //there was no role by this name, it has no groups
}
}
}
});
}
catch (Exception ex)
{
//If an error occurs getting the group listing return no groups
result.HasError = true;
result.ErrorMessage = ex.Message;
}
if (!result.HasError)
{
result.Result = results;
}
return result;
}
/// <summary>
/// Checks if the the group appears in a higher permission level
/// </summary>
/// <param name="group"></param>
/// <param name="currentPermissionLevel"></param>
/// <returns>True if the group is in a higher level</returns>
private bool ExistsInHigherPermissionLevel(GlymaSecurityGroup group, GlymaPermissionLevel currentPermissionLevel)
{
bool result = false;
IList <GlymaSecurityGroup> projectManagerGroups = _groups[GlymaPermissionLevel.GlymaProjectManager];
IList <GlymaSecurityGroup> mapManagersGroups = _groups[GlymaPermissionLevel.GlymaMapManager];
IList <GlymaSecurityGroup> mapAuthorGroups = _groups[GlymaPermissionLevel.GlymaMapAuthor];
IList <GlymaSecurityGroup> oldMapAuthorsGroups = _groups[GlymaPermissionLevel.GlymaMapAuthorOld];
switch (currentPermissionLevel)
{
case GlymaPermissionLevel.GlymaMapManager:
foreach (GlymaSecurityGroup securityGroup in projectManagerGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
break;
case GlymaPermissionLevel.GlymaMapAuthor:
foreach (GlymaSecurityGroup securityGroup in mapManagersGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
foreach (GlymaSecurityGroup securityGroup in projectManagerGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
break;
case GlymaPermissionLevel.GlymaMapReader:
foreach (GlymaSecurityGroup securityGroup in mapAuthorGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
foreach (GlymaSecurityGroup securityGroup in oldMapAuthorsGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
foreach (GlymaSecurityGroup securityGroup in mapManagersGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
foreach (GlymaSecurityGroup securityGroup in projectManagerGroups)
{
if (group.GroupId == securityGroup.GroupId)
{
result = true;
break; //found match, break foreach loop early
}
}
break;
}
return(result);
}
