/// <summary>
        /// Gets the child content ids for this tree given a <paramref name="parentId"/>.
        /// </summary>
        /// <param name="parentId">The parent id.</param>
        /// <param name="uow">The uow.</param>
        /// <returns></returns>
        protected virtual HiveId[] GetChildContentIds(HiveId parentId, IReadonlyGroupUnit <IContentStore> uow)
        {
            var childIds = uow.Repositories.GetChildRelations(parentId, FixedRelationTypes.DefaultRelationType)
                           .Select(x => x.DestinationId).ToArray();

            return(childIds);
        }
Ejemplo n.º 2
0
        public PermissionResult GetExplicitPermission(Guid permissionId, IEnumerable<HiveId> userGroupIds, IReadonlyGroupUnit<ISecurityStore> securityUow, HiveId entityId = default(HiveId))
        {
            Mandate.ParameterNotNull(userGroupIds, "userGroupIds");

            //get/store the result in scoped cache

            var ids = userGroupIds.ToList();
            ids.Sort((id1, id2) => id1.ToString().CompareTo(id2.ToString())); // Sort the list of ids so that the cache key is the same regardless of order of passed in collection

            var key = "explicit-permission-" + (permissionId.ToString("N") + string.Join("", ids.Select(x => x.ToString())) + entityId).ToMd5();

            return Hive.FrameworkContext.ScopedCache.GetOrCreateTyped<PermissionResult>(key, () =>
            {
                // Get the permission reference
                if (!_permissions.Exists(permissionId))
                    throw new InvalidOperationException("Unable to find a Permission with the id '" + permissionId + "'");

                // If value is null, or permission is not an entity permission, just use the system root
                if (entityId.IsNullValueOrEmpty() || _permissions.Single(x => x.Metadata.Id == permissionId).Metadata.Type != FixedPermissionTypes.EntityAction)
                    entityId = FixedHiveIds.SystemRoot;

                HiveId source;
                var status = GetPermissionStatus(permissionId, ids, entityId, out source, securityUow);
                return new PermissionResult(_permissions.Get(permissionId).Value, source, status);
            });
        }
Ejemplo n.º 3
0
 /// <summary>
 /// Filters a sequence of <see cref="HiveId"/> where user <paramref name="userId"/> has permission <paramref name="permissionIds"/> by checking with <paramref name="securityService"/>.
 /// </summary>
 /// <param name="entityIds">The entity ids.</param>
 /// <param name="permissionsyService">The permissionsy service.</param>
 /// <param name="userId">The user id.</param>
 /// <param name="entityUow">The entity uow.</param>
 /// <param name="securityUow">The security uow.</param>
 /// <param name="permissionIds">The permission ids.</param>
 /// <returns></returns>
 public static IEnumerable <HiveId> FilterWithPermissions(this IEnumerable <HiveId> entityIds,
                                                          IPermissionsService permissionsyService,
                                                          HiveId userId,
                                                          IReadonlyGroupUnit <IContentStore> entityUow,
                                                          IReadonlyGroupUnit <ISecurityStore> securityUow,
                                                          params Guid[] permissionIds)
 {
     return(entityIds.Where(id => permissionsyService.GetEffectivePermissions(userId, entityUow, securityUow, id, permissionIds).AreAllAllowed()));
 }
        /// <summary>
        /// Filters a sequence of <see cref="HiveId"/> where the Anonymous <see cref="UserGroup"/> has permissions <paramref name="permissionIds"/> by checking with <paramref name="securityService"/>.
        /// </summary>
        /// <param name="entityIds">The entity ids.</param>
        /// <param name="securityService">The security service.</param>
        /// <param name="entityUow">The entity uow.</param>
        /// <param name="securityUow">The security uow.</param>
        /// <param name="permissionIds">The permission ids.</param>
        /// <returns></returns>
        public static IEnumerable <HiveId> FilterAnonymousWithPermissions(this IEnumerable <HiveId> entityIds,
                                                                          ISecurityService securityService,
                                                                          IReadonlyGroupUnit <IContentStore> entityUow,
                                                                          IReadonlyGroupUnit <ISecurityStore> securityUow,
                                                                          Guid firstPermission,
                                                                          params Guid[] permissionIds)
        {
            var anonymousUserGroup = securityService.GetAnonymousUserGroup(securityUow);

            if (anonymousUserGroup == null || firstPermission == Guid.Empty)
            {
                return(Enumerable.Empty <HiveId>());
            }
            return(entityIds.Where(id => securityService.GetEffectivePermissions(anonymousUserGroup.Id.AsEnumerableOfOne(), entityUow, securityUow, id, firstPermission.AsEnumerableOfOne().Concat(permissionIds).ToArray()).AreAllAllowed()));
        }
Ejemplo n.º 5
0
        /// <summary>`
        /// Sets up a Member by Member Type alias.
        /// </summary>
        /// <param name="member">The member.</param>
        /// <param name="alias">The alias.</param>
        /// <param name="uow">The uow.</param>
        public static void SetupFromSchema(this Member member, string alias, IReadonlyGroupUnit<ISecurityStore> uow)
        {
            var memberGroupRelations = uow.Repositories.Schemas
                .GetDescendentRelations(FixedHiveIds.MasterMemberProfileSchema, FixedRelationTypes.DefaultRelationType);
            var memberTypes = uow.Repositories.Schemas
                .Get<EntitySchema>(true, memberGroupRelations.Select(x => x.DestinationId).ToArray());
            var memberType = memberTypes.SingleOrDefault(x => x.Alias.Equals(alias, StringComparison.InvariantCultureIgnoreCase));

            if (memberType == null)
                throw new ApplicationException(string.Format("No member type found with the alias '{0}'", alias));

            var compositeMemberType = uow.Repositories.Schemas.GetComposite(memberType);

            member.SetupFromSchema(compositeMemberType);
        }
Ejemplo n.º 6
0
        public static Rebel.Framework.Persistence.Model.IO.File GetPackageFileById(IReadonlyGroupUnit <IFileStore> uow,
                                                                                   HiveId id)
        {
            var folder = uow.Repositories.Get <Rebel.Framework.Persistence.Model.IO.File>(id);

            if (folder == null)
            {
                return(null);
            }

            var fileIds     = uow.Repositories.GetChildRelations(folder.Id).Select(x => x.DestinationId).ToArray();
            var files       = uow.Repositories.Get <Rebel.Framework.Persistence.Model.IO.File>(true, fileIds);
            var packageFile = files.SingleOrDefault(x => x.Name.EndsWith(".nupkg"));

            return(packageFile);
        }
Ejemplo n.º 7
0
        private string GetViewHtml(IRebelRenderModel model)
        {
            using (IReadonlyGroupUnit <IFileStore> uow =
                       _context.Hive.OpenReader <IFileStore>(new Uri("storage://templates")))
            {
                File templateFile = model.CurrentNode.CurrentTemplate != null
                                        ? uow.Repositories.Get <File>(model.CurrentNode.CurrentTemplate.Id)
                                        : null;

                if (templateFile != null)
                {
                    return(RenderRazorViewToString(templateFile, model.CurrentNode));
                }
            }

            return(String.Empty);
        }
Ejemplo n.º 8
0
        /// <summary>`
        /// Sets up a Member by Member Type alias.
        /// </summary>
        /// <param name="member">The member.</param>
        /// <param name="alias">The alias.</param>
        /// <param name="uow">The uow.</param>
        public static void SetupFromSchema(this Member member, string alias, IReadonlyGroupUnit <ISecurityStore> uow)
        {
            var memberGroupRelations = uow.Repositories.Schemas
                                       .GetDescendentRelations(FixedHiveIds.MasterMemberProfileSchema, FixedRelationTypes.DefaultRelationType);
            var memberTypes = uow.Repositories.Schemas
                              .Get <EntitySchema>(true, memberGroupRelations.Select(x => x.DestinationId).ToArray());
            var memberType = memberTypes.SingleOrDefault(x => x.Alias.Equals(alias, StringComparison.InvariantCultureIgnoreCase));

            if (memberType == null)
            {
                throw new ApplicationException(string.Format("No member type found with the alias '{0}'", alias));
            }

            var compositeMemberType = uow.Repositories.Schemas.GetComposite(memberType);

            member.SetupFromSchema(compositeMemberType);
        }
Ejemplo n.º 9
0
        public static PackageDefinition GetPackageDefinitionById(IReadonlyGroupUnit <IFileStore> uow,
                                                                 HiveId id)
        {
            var folder = uow.Repositories.Get <Rebel.Framework.Persistence.Model.IO.File>(id);

            if (folder == null)
            {
                return(null);
            }

            var fileIds        = uow.Repositories.GetChildRelations(folder.Id).Select(x => x.DestinationId).ToArray();
            var files          = uow.Repositories.Get <Rebel.Framework.Persistence.Model.IO.File>(true, fileIds);
            var definitionFile = files.SingleOrDefault(x => x.Name.EndsWith(".definition"));

            if (definitionFile == null)
            {
                return(null);
            }

            var contents = Encoding.UTF8.GetString(definitionFile.ContentBytes);

            if (string.IsNullOrWhiteSpace(contents))
            {
                return(null);
            }

            try
            {
                var def = contents.DeserializeJson <PackageDefinition>();
                def.Id = id;

                return(def);
            }
            catch (global::System.Exception)
            {
                return(null);
            }
        }
Ejemplo n.º 10
0
        public PermissionResult GetExplicitPermission(Guid permissionId, IEnumerable <HiveId> userGroupIds, IReadonlyGroupUnit <ISecurityStore> securityUow, HiveId entityId = default(HiveId))
        {
            Mandate.ParameterNotNull(userGroupIds, "userGroupIds");

            //get/store the result in scoped cache

            var ids = userGroupIds.ToList();

            ids.Sort((id1, id2) => id1.ToString().CompareTo(id2.ToString())); // Sort the list of ids so that the cache key is the same regardless of order of passed in collection

            var key = "explicit-permission-" + (permissionId.ToString("N") + string.Join("", ids.Select(x => x.ToString())) + entityId).ToMd5();

            return(Hive.FrameworkContext.ScopedCache.GetOrCreateTyped <PermissionResult>(key, () =>
            {
                // Get the permission reference
                if (!_permissions.Exists(permissionId))
                {
                    throw new InvalidOperationException("Unable to find a Permission with the id '" + permissionId + "'");
                }

                // If value is null, or permission is not an entity permission, just use the system root
                if (entityId.IsNullValueOrEmpty() || _permissions.Single(x => x.Metadata.Id == permissionId).Metadata.Type != FixedPermissionTypes.EntityAction)
                {
                    entityId = FixedHiveIds.SystemRoot;
                }

                HiveId source;
                var status = GetPermissionStatus(permissionId, ids, entityId, out source, securityUow);
                return new PermissionResult(_permissions.Get(permissionId).Value, source, status);
            }));
        }
Ejemplo n.º 11
0
        /// <summary>
        /// Gets the permission status using an existing, open unit of work.
        /// </summary>
        /// <param name="permissionId">The permission id.</param>
        /// <param name="userGroupIds">The user group ids.</param>
        /// <param name="entityId">The entity id.</param>
        /// <param name="source">The source.</param>
        /// <param name="uow">The unit of work.</param>
        /// <returns></returns>
        protected PermissionStatus GetPermissionStatus(Guid permissionId, IEnumerable <HiveId> userGroupIds, HiveId entityId, out HiveId source, IReadonlyGroupUnit <ISecurityStore> uow)
        {
            // Check for Administrator group membership, and just return true if so
            var adminUserGroup = Hive.FrameworkContext.ScopedCache.GetOrCreateTyped("ss_administrator-group",
                                                                                    () => uow.Repositories.Query <UserGroup>().FirstOrDefault(x => x.Name == "Administrator"));

            //TODO: Had to change to only compare values, as for some reason, the ProviderGroupRoots are different
            var enumeratedGroupIds = userGroupIds.ToArray();

            if (adminUserGroup != null && enumeratedGroupIds.Any(x => x.Value == adminUserGroup.Id.Value))
            {
                source = HiveId.Empty;
                return(PermissionStatus.Allow);
            }

            // Get permission relations for current ancestor
            var parentRelationsKey = "ss_parent-relations-" + entityId + string.Join("|", enumeratedGroupIds.OrderBy(x => x.ToString())).ToMd5();
            var relations          = Hive.FrameworkContext.ScopedCache.GetOrCreateTyped(parentRelationsKey,
                                                                                        () =>
            {
                var relationByIds = uow.Repositories.GetParentRelations(entityId, FixedRelationTypes.PermissionRelationType).ToArray();
                // Comparing by value as schemas are not coming back out of Hive for some reason
                return(relationByIds.Where(x => enumeratedGroupIds.Any(y => y.Value == x.SourceId.Value)).ToArray());
            });

            // Check for an EXPLICIT Deny permission
            // Deny comes first, as if multiple permission definitions at same level have conflicting status, Deny trumps Allow
            var denyRelation = relations.FirstOrDefault(relation => relation.MetaData.Any(x => x.Key.ToLower() == permissionId.ToString().ToLower() && x.Value == PermissionStatus.Deny.ToString()));

            if (denyRelation != null)
            {
                source = denyRelation.DestinationId;
                return(PermissionStatus.Deny);
            }

            // Check for an EXPLICIT Allow permission
            var allowRelation = relations.FirstOrDefault(relation => relation.MetaData.Any(x => x.Key.ToLower() == permissionId.ToString().ToLower() && x.Value == PermissionStatus.Allow.ToString()));

            if (allowRelation != null)
            {
                source = allowRelation.DestinationId;
                return(PermissionStatus.Allow);
            }

            // Check for an EXPLICIT Inherit permission
            var inheritRelation = relations.FirstOrDefault(relation => relation.MetaData.Any(x => x.Key.ToLower() == permissionId.ToString().ToLower() && x.Value == PermissionStatus.Inherit.ToString()));

            if (inheritRelation != null)
            {
                source = inheritRelation.DestinationId;
                return(PermissionStatus.Inherit);
            }

            source = HiveId.Empty;
            return(PermissionStatus.Inherit);
        }
Ejemplo n.º 12
0
        public PermissionResult GetEffectivePermission(Guid permissionId, IEnumerable <HiveId> userGroupIds, IReadonlyGroupUnit <IContentStore> uow, IReadonlyGroupUnit <ISecurityStore> securityUow, HiveId entityId = default(HiveId))
        {
            Mandate.ParameterNotNull(userGroupIds, "userGroupIds");

            var explicitPermission = GetExplicitPermission(permissionId, userGroupIds, securityUow, entityId);

            return(explicitPermission.Status != PermissionStatus.Inherit
                       ? explicitPermission
                       : GetInheritedPermission(permissionId, userGroupIds, uow, entityId));
        }
Ejemplo n.º 13
0
 public PermissionResults GetEffectivePermissions(IEnumerable <HiveId> userGroupIds, IReadonlyGroupUnit <IContentStore> uow, IReadonlyGroupUnit <ISecurityStore> securityUow, HiveId entityId = default(HiveId), params Guid[] permissionIds)
 {
     return(new PermissionResults(permissionIds.Select(permissionId => GetEffectivePermission(permissionId, userGroupIds, uow, securityUow, entityId)).ToArray()));
 }
 /// <summary>
 /// Determines whether the specified entity is media.
 /// </summary>
 /// <param name="entity">The entity.</param>
 /// <param name="uow"></param>
 /// <returns>
 ///   <c>true</c> if the specified entity is media; otherwise, <c>false</c>.
 /// </returns>
 public static bool IsMedia(this TypedEntity entity, IReadonlyGroupUnit <IContentStore> uow)
 {
     return(uow.Repositories.GetAncestorRelations(entity.Id, FixedRelationTypes.DefaultRelationType).Any(x => x.SourceId.Value == FixedHiveIds.MediaVirtualRoot.Value));
 }
Ejemplo n.º 15
0
 /// <summary>
 /// Gets the child content ids for this tree given a <paramref name="parentId"/>.
 /// </summary>
 /// <param name="parentId">The parent id.</param>
 /// <param name="uow">The uow.</param>
 /// <returns></returns>
 protected virtual HiveId[] GetChildContentIds(HiveId parentId, IReadonlyGroupUnit<IContentStore> uow)
 {
     var childIds = uow.Repositories.GetChildRelations(parentId, FixedRelationTypes.DefaultRelationType)
         .Select(x => x.DestinationId).ToArray();
     return childIds;
 }
Ejemplo n.º 16
0
 internal static UserGroup GetAnonymousUserGroup(this ISecurityService securityService, IReadonlyGroupUnit<ISecurityStore> openUnit)
 {
     var group = openUnit.Repositories.Query<UserGroup>().FirstOrDefault(x => x.Name == "Anonymous");
     return group;
 }
Ejemplo n.º 17
0
        public PermissionResult GetInheritedPermission(Guid permissionId, IEnumerable<HiveId> userGroupIds, IReadonlyGroupUnit<IContentStore> uow, HiveId entityId = default(HiveId))
        {

            Mandate.ParameterNotNull(userGroupIds, "userGroupIds");

            //get/store the result in scoped cache

            var ids = userGroupIds.ToList();
            ids.Sort((id1, id2) => id1.ToString().CompareTo(id2.ToString())); // Sort the list of ids so that the cache key is the same regardless of order of passed in collection

            var key = "inherited-permission-" + (permissionId.ToString("N") + string.Join("", ids.Select(x => x.ToString())) + entityId).ToMd5();

            return Hive.FrameworkContext.ScopedCache.GetOrCreateTyped<PermissionResult>(key, () =>
            {
                // Get the permission reference
                if (!_permissions.Exists(permissionId))
                    throw new InvalidOperationException("Unable to find a Permission with the id '" + permissionId + "'");

                if (entityId.IsNullValueOrEmpty())
                    entityId = FixedHiveIds.SystemRoot;

                // Loop through entities ancestors
                var ancestorsIds = uow.Repositories.GetAncestorRelations(entityId, FixedRelationTypes.DefaultRelationType)
                    .Select(x => x.SourceId).ToArray();

                foreach (var ancestorId in ancestorsIds)
                {
                    HiveId source;
                    var status = GetPermissionStatus(permissionId, ids, ancestorId, out source);

                    // We are not interested in inherit permissions, so if we find one, move on
                    if (status != PermissionStatus.Inherit)
                    {
                        return new PermissionResult(_permissions.Get(permissionId).Value, source, status);
                    }

                    // If the ancester is system root, we've reached then end, in which case return a deny result
                    //BUG: We shouldn't have to compare the system root value but NH is returning content:// for the system root
                    if (ancestorId == FixedHiveIds.SystemRoot || ancestorId.Value == FixedHiveIds.SystemRoot.Value)
                    {
                        return new PermissionResult(_permissions.Get(permissionId).Value, source, PermissionStatus.Deny);
                    }
                }

                // We shouldn't get this far, as the last node in ancestors should always be SystemRoot, but we need to supply a fallback
                return new PermissionResult(_permissions.Get(permissionId).Value, HiveId.Empty, PermissionStatus.Deny);
            });
        }
Ejemplo n.º 18
0
 /// <summary>
 /// Determines whether the specified entity is content.
 /// </summary>
 /// <param name="entity">The entity.</param>
 /// <param name="uow"></param>
 /// <returns>
 ///   <c>true</c> if the specified entity is content; otherwise, <c>false</c>.
 /// </returns>
 public static bool IsContent(this TypedEntity entity, IReadonlyGroupUnit<IContentStore> uow)
 {
     var ancestorRelations = uow.Repositories.GetAncestorRelations(entity.Id, FixedRelationTypes.DefaultRelationType).ToArray();
     return ancestorRelations.Any(x => x.SourceId.Value == FixedHiveIds.ContentVirtualRoot.Value);
 }
Ejemplo n.º 19
0
        internal static UserGroup GetAnonymousUserGroup(this ISecurityService securityService, IReadonlyGroupUnit <ISecurityStore> openUnit)
        {
            var group = openUnit.Repositories.Query <UserGroup>().FirstOrDefault(x => x.Name == "Anonymous");

            return(group);
        }
Ejemplo n.º 20
0
 /// <summary>
 /// Determines whether the specified entity is media.
 /// </summary>
 /// <param name="entity">The entity.</param>
 /// <param name="uow"></param>
 /// <returns>
 ///   <c>true</c> if the specified entity is media; otherwise, <c>false</c>.
 /// </returns>
 public static bool IsMedia(this TypedEntity entity, IReadonlyGroupUnit<IContentStore> uow)
 {
     return uow.Repositories.GetAncestorRelations(entity.Id, FixedRelationTypes.DefaultRelationType).Any(x => x.SourceId.Value == FixedHiveIds.MediaVirtualRoot.Value);
 }
Ejemplo n.º 21
0
 public PermissionResults GetEffectivePermissions(IEnumerable<HiveId> userGroupIds, IReadonlyGroupUnit<IContentStore> uow, IReadonlyGroupUnit<ISecurityStore> securityUow, HiveId entityId = default(HiveId), params Guid[] permissionIds)
 {
     return new PermissionResults(permissionIds.Select(permissionId => GetEffectivePermission(permissionId, userGroupIds, uow, securityUow, entityId)).ToArray());
 }
Ejemplo n.º 22
0
        public PermissionResults GetEffectivePermissions(HiveId userId, IReadonlyGroupUnit<IContentStore> uow, IReadonlyGroupUnit<ISecurityStore> securityUow, HiveId entityId = default(HiveId), params Guid[] permissionIds)
        {
            var userGroupIds = GetUserGroupIdsForUser(userId);

            return GetEffectivePermissions(userGroupIds, uow, securityUow, entityId, permissionIds);
        }
Ejemplo n.º 23
0
        /// <summary>
        /// Gets the permission status using an existing, open unit of work.
        /// </summary>
        /// <param name="permissionId">The permission id.</param>
        /// <param name="userGroupIds">The user group ids.</param>
        /// <param name="entityId">The entity id.</param>
        /// <param name="source">The source.</param>
        /// <param name="uow">The unit of work.</param>
        /// <returns></returns>
        protected PermissionStatus GetPermissionStatus(Guid permissionId, IEnumerable<HiveId> userGroupIds, HiveId entityId, out HiveId source, IReadonlyGroupUnit<ISecurityStore> uow)
        {
            // Check for Administrator group membership, and just return true if so
            var adminUserGroup = Hive.FrameworkContext.ScopedCache.GetOrCreateTyped("ss_administrator-group",
                () => uow.Repositories.Query<UserGroup>().FirstOrDefault(x => x.Name == "Administrator"));

            //TODO: Had to change to only compare values, as for some reason, the ProviderGroupRoots are different
            var enumeratedGroupIds = userGroupIds.ToArray();
            if (adminUserGroup != null && enumeratedGroupIds.Any(x => x.Value == adminUserGroup.Id.Value))
            {
                source = HiveId.Empty;
                return PermissionStatus.Allow;
            }

            // Get permission relations for current ancestor
            var parentRelationsKey = "ss_parent-relations-" + entityId + string.Join("|", enumeratedGroupIds.OrderBy(x => x.ToString())).ToMd5();
            var relations = Hive.FrameworkContext.ScopedCache.GetOrCreateTyped(parentRelationsKey,
                () =>
                {
                    var relationByIds = uow.Repositories.GetParentRelations(entityId, FixedRelationTypes.PermissionRelationType).ToArray();
                    // Comparing by value as schemas are not coming back out of Hive for some reason
                    return relationByIds.Where(x => enumeratedGroupIds.Any(y => y.Value == x.SourceId.Value)).ToArray();
                });

            // Check for an EXPLICIT Deny permission
            // Deny comes first, as if multiple permission definitions at same level have conflicting status, Deny trumps Allow
            var denyRelation = relations.FirstOrDefault(relation => relation.MetaData.Any(x => x.Key.ToLower() == permissionId.ToString().ToLower() && x.Value == PermissionStatus.Deny.ToString()));
            if (denyRelation != null)
            {
                source = denyRelation.DestinationId;
                return PermissionStatus.Deny;
            }

            // Check for an EXPLICIT Allow permission
            var allowRelation = relations.FirstOrDefault(relation => relation.MetaData.Any(x => x.Key.ToLower() == permissionId.ToString().ToLower() && x.Value == PermissionStatus.Allow.ToString()));
            if (allowRelation != null)
            {
                source = allowRelation.DestinationId;
                return PermissionStatus.Allow;
            }

            // Check for an EXPLICIT Inherit permission
            var inheritRelation = relations.FirstOrDefault(relation => relation.MetaData.Any(x => x.Key.ToLower() == permissionId.ToString().ToLower() && x.Value == PermissionStatus.Inherit.ToString()));
            if (inheritRelation != null)
            {
                source = inheritRelation.DestinationId;
                return PermissionStatus.Inherit;
            }

            source = HiveId.Empty;
            return PermissionStatus.Inherit;
        }
Ejemplo n.º 24
0
        public PermissionResult GetEffectivePermission(Guid permissionId, IEnumerable<HiveId> userGroupIds, IReadonlyGroupUnit<IContentStore> uow, IReadonlyGroupUnit<ISecurityStore> securityUow, HiveId entityId = default(HiveId))
        {
            Mandate.ParameterNotNull(userGroupIds, "userGroupIds");

            var explicitPermission = GetExplicitPermission(permissionId, userGroupIds, securityUow, entityId);

            return explicitPermission.Status != PermissionStatus.Inherit
                       ? explicitPermission
                       : GetInheritedPermission(permissionId, userGroupIds, uow, entityId);
        }
        protected virtual TreeNode ConvertEntityToTreeNode(TypedEntity entity, HiveId parentId, FormCollection queryStrings, IReadonlyGroupUnit <IContentStore> uow)
        {
            var treeNode = CreateTreeNode(entity.Id,
                                          queryStrings,
                                          GetTreeNodeAlias(entity),
                                          GetEditorUrl(entity.Id, queryStrings),
                                          uow.Repositories.GetChildRelations(entity.Id, FixedRelationTypes.DefaultRelationType).Any());

            var icon = entity.EntitySchema.GetXmlConfigProperty("icon");

            if (!string.IsNullOrEmpty(icon))
            {
                if (icon.Contains("."))
                {
                    //need to get the path
                    //TODO: Load this in from the right hive provider --Aaron
                    treeNode.Icon =
                        Url.Content(
                            BackOfficeRequestContext.Application.Settings.UmbracoFolders.
                            DocTypeIconFolder + "/" + icon);
                }
                else
                {
                    treeNode.Icon = icon;
                }
            }

            //TODO: This is going to make a few calls to the db for each node, is there a better way?
            var snapshot = uow.Repositories.Revisions.GetLatestSnapshot <TypedEntity>(entity.Id);

            if (!snapshot.IsPublished())
            {
                treeNode.Style.DimNode();
            }
            else if (snapshot.IsPublishPending())
            {
                treeNode.Style.HighlightNode();
            }

            //now, check if we're in the recycle bin, if so we need to filter the nodes based on the user's start node
            //and where the nodes originated from.
            if (parentId == RecycleBinId)
            {
                //TODO: Hopefully there's a better way of looking all this up as this will make quite a few queries as well...

                var recycledRelation = uow.Repositories.GetParentRelations(entity, FixedRelationTypes.RecycledRelationType);
                var allowed          = true;
                foreach (var r in recycledRelation)
                {
                    //get the path of the original parent
                    var path = uow.Repositories.GetEntityPath(r.SourceId, FixedRelationTypes.DefaultRelationType).ToList();
                    //append the current node to the path to create the full original path
                    path.Add(r.DestinationId);

                    //BUG: This currently will always be false because NH is not returning the correct Ids for 'system' ids.
                    // so we've commented out the return null below until fixed

                    //now we can determine if this node can be viewed
                    if (!path.Contains(RootNodeId, new HiveIdComparer(true)))
                    {
                        allowed = false;
                    }
                }
                //if (!allowed)
                //    return null;
            }

            //TODO: Check if node has been secured

            // Add additional data
            foreach (var key in queryStrings.AllKeys)
            {
                treeNode.AdditionalData.Add(key, queryStrings[key]);
            }

            return(treeNode);
        }
Ejemplo n.º 26
0
        public PermissionResult GetInheritedPermission(Guid permissionId, IEnumerable <HiveId> userGroupIds, IReadonlyGroupUnit <IContentStore> uow, HiveId entityId = default(HiveId))
        {
            Mandate.ParameterNotNull(userGroupIds, "userGroupIds");

            //get/store the result in scoped cache

            var ids = userGroupIds.ToList();

            ids.Sort((id1, id2) => id1.ToString().CompareTo(id2.ToString())); // Sort the list of ids so that the cache key is the same regardless of order of passed in collection

            var key = "inherited-permission-" + (permissionId.ToString("N") + string.Join("", ids.Select(x => x.ToString())) + entityId).ToMd5();

            return(Hive.FrameworkContext.ScopedCache.GetOrCreateTyped <PermissionResult>(key, () =>
            {
                // Get the permission reference
                if (!_permissions.Exists(permissionId))
                {
                    throw new InvalidOperationException("Unable to find a Permission with the id '" + permissionId + "'");
                }

                if (entityId.IsNullValueOrEmpty())
                {
                    entityId = FixedHiveIds.SystemRoot;
                }

                // Loop through entities ancestors
                var ancestorsIds = uow.Repositories.GetAncestorRelations(entityId, FixedRelationTypes.DefaultRelationType)
                                   .Select(x => x.SourceId).ToArray();

                foreach (var ancestorId in ancestorsIds)
                {
                    HiveId source;
                    var status = GetPermissionStatus(permissionId, ids, ancestorId, out source);

                    // We are not interested in inherit permissions, so if we find one, move on
                    if (status != PermissionStatus.Inherit)
                    {
                        return new PermissionResult(_permissions.Get(permissionId).Value, source, status);
                    }

                    // If the ancester is system root, we've reached then end, in which case return a deny result
                    //BUG: We shouldn't have to compare the system root value but NH is returning content:// for the system root
                    if (ancestorId == FixedHiveIds.SystemRoot || ancestorId.Value == FixedHiveIds.SystemRoot.Value)
                    {
                        return new PermissionResult(_permissions.Get(permissionId).Value, source, PermissionStatus.Deny);
                    }
                }

                // We shouldn't get this far, as the last node in ancestors should always be SystemRoot, but we need to supply a fallback
                return new PermissionResult(_permissions.Get(permissionId).Value, HiveId.Empty, PermissionStatus.Deny);
            }));
        }
Ejemplo n.º 27
0
        public PermissionResults GetEffectivePermissions(HiveId userId, IReadonlyGroupUnit <IContentStore> uow, IReadonlyGroupUnit <ISecurityStore> securityUow, HiveId entityId = default(HiveId), params Guid[] permissionIds)
        {
            var userGroupIds = GetUserGroupIdsForUser(userId);

            return(GetEffectivePermissions(userGroupIds, uow, securityUow, entityId, permissionIds));
        }
Ejemplo n.º 28
0
        protected virtual TreeNode ConvertEntityToTreeNode(TypedEntity entity, HiveId parentId, FormCollection queryStrings, IReadonlyGroupUnit<IContentStore> uow)
        {
            var treeNode = CreateTreeNode(entity.Id,
                queryStrings,
                GetTreeNodeAlias(entity),
                GetEditorUrl(entity.Id, queryStrings),
                uow.Repositories.GetChildRelations(entity.Id, FixedRelationTypes.DefaultRelationType).Any());

            var icon = entity.EntitySchema.GetXmlConfigProperty("icon");
            if (!string.IsNullOrEmpty(icon))
            {
                if (icon.Contains("."))
                {
                    //need to get the path
                    //TODO: Load this in from the right hive provider --Aaron
                    treeNode.Icon =
                        Url.Content(
                            BackOfficeRequestContext.Application.Settings.RebelFolders.
                                DocTypeIconFolder + "/" + icon);
                }
                else
                {
                    treeNode.Icon = icon;
                }
            }

            //TODO: This is going to make a few calls to the db for each node, is there a better way?
            var snapshot = uow.Repositories.Revisions.GetLatestSnapshot<TypedEntity>(entity.Id);
            if (!snapshot.IsPublished())
                treeNode.Style.DimNode();
            else if (snapshot.IsPublishPending())
                treeNode.Style.HighlightNode();
            else
            {
                if (BackOfficeRequestContext.Application.Security.PublicAccess.IsProtected(entity.Id))
                {
                    treeNode.Style.SecureNode();
                }
            }

            //now, check if we're in the recycle bin, if so we need to filter the nodes based on the user's start node
            //and where the nodes originated from.
            if (parentId == RecycleBinId)
            {
                //TODO: Hopefully there's a better way of looking all this up as this will make quite a few queries as well...

                var recycledRelation = uow.Repositories.GetParentRelations(entity, FixedRelationTypes.RecycledRelationType);
                var allowed = true;
                foreach (var r in recycledRelation)
                {
                    //get the path of the original parent
                    var path = uow.Repositories.GetEntityPath(r.SourceId, FixedRelationTypes.DefaultRelationType).ToList();
                    //append the current node to the path to create the full original path
                    path.Add(r.DestinationId);

                    //BUG: This currently will always be false because NH is not returning the correct Ids for 'system' ids.
                    // so we've commented out the return null below until fixed

                    //now we can determine if this node can be viewed
                    if (!path.Contains(RootNodeId, new HiveIdComparer(true)))
                    {
                        allowed = false;
                    }
                }
                //if (!allowed)
                //    return null;
            }

            //TODO: Check if node has been secured

            AddQueryStringsToAdditionalData(treeNode, queryStrings);

            return treeNode;
        }
        /// <summary>
        /// Determines whether the specified entity is content.
        /// </summary>
        /// <param name="entity">The entity.</param>
        /// <param name="uow"></param>
        /// <returns>
        ///   <c>true</c> if the specified entity is content; otherwise, <c>false</c>.
        /// </returns>
        public static bool IsContent(this TypedEntity entity, IReadonlyGroupUnit <IContentStore> uow)
        {
            var ancestorRelations = uow.Repositories.GetAncestorRelations(entity.Id, FixedRelationTypes.DefaultRelationType).ToArray();

            return(ancestorRelations.Any(x => x.SourceId.Value == FixedHiveIds.ContentVirtualRoot.Value));
        }