private static void PushGroupFromAcl(IPermissionServiceManager p_PermissionPushManager,
string p_ProviderId,
GsaFeedAcl acl)
{
if (acl == null)
{
return;
}
PermissionIdentity denyIdentity = new PermissionIdentity(acl.DocumentUrl + DISALLOW_GROUP, PermissionIdentityType.VirtualGroup);
PermissionIdentity allowIdentity = new PermissionIdentity(acl.DocumentUrl + ALLOW_GROUP, PermissionIdentityType.VirtualGroup);
PermissionIdentityBody denyBody = new PermissionIdentityBody(denyIdentity);
PermissionIdentityBody allowBody = new PermissionIdentityBody(allowIdentity);
foreach (GsaFeedPrincipal principal in acl.Principals)
{
//We create the groups of the document based on the principals elements
PermissionIdentity permission = new PermissionIdentity(principal.Value,
principal.AclScope == GsaFeedAclScope.Group ? PermissionIdentityType.Group : PermissionIdentityType.User);
if (principal.Access == GsaFeedAclAccess.Permit)
{
allowBody.Mappings.Add(permission);
}
else
{
denyBody.Mappings.Add(permission);
}
}
p_PermissionPushManager.AddOrUpdateIdentity(p_ProviderId, null, allowBody);
p_PermissionPushManager.AddOrUpdateIdentity(p_ProviderId, null, denyBody);
}
internal Permission(SPAccess SPAccess, PermissionIdentity perm)
: base(SPAccess)
{
permissionIdentity = perm;
}
private static PushDocument CreateDocumentFromRecord(GsaFeedRecord p_Record,
bool p_DownloadContent, string p_ParentId, string p_fileExt)
{
IDictionary <string, JToken> metadata = p_Record.ConvertMetadata();
if (p_Record.DisplayUrl == null)
{
p_Record.DisplayUrl = p_Record.Url;
}
p_Record.Url = p_Record.Url.Replace("&", "|");
metadata.Add("clickableuri", p_Record.DisplayUrl);
metadata.Add(nameof(p_Record.DisplayUrl), p_Record.DisplayUrl);
metadata.Add(nameof(p_Record.Lock), p_Record.Lock);
metadata.Add(nameof(p_Record.MimeType), p_Record.MimeType);
metadata.Add(nameof(p_Record.PageRank), p_Record.PageRank);
metadata.Add(nameof(p_Record.Scoring), p_Record.Scoring);
metadata.Add(nameof(p_Record.Url), p_Record.Url);
metadata.Add(nameof(p_Record.AuthMethod), p_Record.AuthMethod.ToString());
metadata.Add(nameof(p_Record.CrawlImmediately), p_Record.CrawlImmediately);
metadata.Add(nameof(p_Record.CrawlOnce), p_Record.CrawlOnce);
PushDocument document = new PushDocument(p_Record.Url)
{
ModifiedDate = p_Record.LastModified ?? DateTime.MinValue,
Metadata = metadata,
ParentId = p_ParentId,
FileExtension = p_fileExt
};
if (p_Record.Acl != null)
{
DocumentPermissionSet currentDocSet = new DocumentPermissionSet();
PermissionIdentity denyGroup = new PermissionIdentity(p_Record.Url + DISALLOW_GROUP, PermissionIdentityType.VirtualGroup);
PermissionIdentity allowGroup = new PermissionIdentity(p_Record.Url + ALLOW_GROUP, PermissionIdentityType.VirtualGroup);
currentDocSet.DeniedPermissions.Add(denyGroup);
currentDocSet.AllowedPermissions.Add(allowGroup);
DocumentPermissionLevel currentDocLevel = new DocumentPermissionLevel();
currentDocLevel.PermissionSets.Add(currentDocSet);
if (p_Record.Acl.ParentAcl != null)
{
GsaFeedAcl currentAcl = p_Record.Acl;
List <DocumentPermissionLevel> allLevels = new List <DocumentPermissionLevel>();
allLevels.Add(currentDocLevel);
int currentLevelIndex = 0;
while (currentAcl.ParentAcl != null)
{
GsaFeedAcl curParentAcl = currentAcl.ParentAcl;
DocumentPermissionSet curParentDocSet = new DocumentPermissionSet();
PermissionIdentity parentDenyGroup = new PermissionIdentity(curParentAcl.DocumentUrl + DISALLOW_GROUP, PermissionIdentityType.VirtualGroup);
PermissionIdentity parentAllowGroup = new PermissionIdentity(curParentAcl.DocumentUrl + ALLOW_GROUP, PermissionIdentityType.VirtualGroup);
//We sill always need the parents in a different set
curParentDocSet.DeniedPermissions.Add(parentDenyGroup);
curParentDocSet.AllowedPermissions.Add(parentAllowGroup);
switch (curParentAcl.InheritanceType)
{
case GsaFeedAclInheritance.BothPermit:
//The parent and the document are in two different sets
allLevels.ElementAt(currentLevelIndex).PermissionSets.Add(curParentDocSet);
break;
case GsaFeedAclInheritance.ChildOverrides:
//The parent is in a lower level than the current document
DocumentPermissionLevel parentLowerDocLevel = new DocumentPermissionLevel();
parentLowerDocLevel.PermissionSets.Add(curParentDocSet);
//We are adding our self after the children
currentLevelIndex++;
allLevels.Insert(currentLevelIndex, parentLowerDocLevel);
break;
case GsaFeedAclInheritance.ParentOverrides:
//The parent is in a higher level than the current document
//on doit ajouter avant l'enfant
DocumentPermissionLevel parentHigherDocLevel = new DocumentPermissionLevel();
parentHigherDocLevel.PermissionSets.Add(curParentDocSet);
allLevels.Insert(currentLevelIndex, parentHigherDocLevel);
break;
case GsaFeedAclInheritance.LeafNode:
//The document is not suppose to have inheritance from a leaf node
ConsoleUtilities.WriteLine("> Warning: You are trying to have inheritance on a LeafNode. Document in error: {0}", ConsoleColor.Yellow, p_Record.Url);
curParentAcl.ParentAcl = null;
break;
}
currentAcl = curParentAcl;
}
//Now we push the permissions
foreach (DocumentPermissionLevel documentPermissionLevel in allLevels)
{
document.Permissions.Add(documentPermissionLevel);
}
}
else
{
//We might need to add the parent level before, so we will not default this action.
document.Permissions.Add(currentDocLevel);
}
}
if (p_DownloadContent)
{
string content = s_HttpDownloader.Download(p_Record.Url);
PushDocumentHelper.SetCompressedEncodedContent(document, Compression.GetCompressedBinaryData(content));
}
else
{
if (p_Record.Content.Encoding == GsaFeedContentEncoding.Base64Compressed)
{
PushDocumentHelper.SetCompressedEncodedContent(document, p_Record.Content.Value.Trim(Convert.ToChar("\n")));
}
else
{
PushDocumentHelper.SetContent(document, p_Record.Content.GetDecodedValue());
}
}
return(document);
}
