private DocumentOpenLevel GetDocumentLevel(int nodeId)
{
var userId = _userId;
if (userId == -1)
{
return(DocumentOpenLevel.OpenMinor);
}
if (userId < -1)
{
return(DocumentOpenLevel.Denied);
}
List <int> identities;
try
{
identities = SecurityHandler.GetIdentitiesByMembership(_user, nodeId);
}
catch (EntityNotFoundException)
{
return(DocumentOpenLevel.Denied);
}
List <AceInfo> entries;
try
{
using (new SystemAccount())
entries = SecurityHandler.GetEffectiveEntries(nodeId);
}
catch (Exception ex) // LOGGED
{
//TODO: collect aggregated errors per query instead of logging every error
SnLog.WriteWarning($"GetEffectiveEntries threw an exception for id {nodeId}. Error: {ex}");
return(DocumentOpenLevel.Denied);
}
var allowBits = 0UL;
var denyBits = 0UL;
foreach (var entry in entries)
{
if (identities.Contains(entry.IdentityId))
{
allowBits |= entry.AllowBits;
denyBits |= entry.DenyBits;
}
}
allowBits = allowBits & ~denyBits;
var docLevel = DocumentOpenLevel.Denied;
if ((allowBits & PermissionType.See.Mask) > 0)
{
docLevel = DocumentOpenLevel.See;
}
if ((allowBits & PermissionType.Preview.Mask) > 0)
{
docLevel = DocumentOpenLevel.Preview;
}
if ((allowBits & PermissionType.PreviewWithoutRedaction.Mask) > 0)
{
docLevel = DocumentOpenLevel.Open;
}
if ((allowBits & PermissionType.OpenMinor.Mask) > 0)
{
docLevel = DocumentOpenLevel.OpenMinor;
}
return(docLevel);
}
