public static bool IsAvailableForUser(Guid itemId, Guid @for)
{
var id = itemId.ToString();
var result = false;
var key = GetCacheKey();
var dic = cache.Get <Dictionary <string, bool> >(key);
if (dic == null)
{
cache.Insert(key, dic = new Dictionary <string, bool>(), DateTime.UtcNow.Add(TimeSpan.FromMinutes(1)));
}
else
{
lock (dic)
{
if (dic.ContainsKey(id + @for))
{
return(dic[id + @for]);
}
}
}
// can read or administrator
var securityObj = WebItemSecurityObject.Create(id);
if (CoreContext.Configuration.Personal &&
securityObj.WebItemId != WebItemManager.DocumentsProductID)
{
// only files visible in your-docs portal
result = false;
}
else
{
var webitem = WebItemManager.Instance[securityObj.WebItemId];
if (webitem != null)
{
if ((webitem.ID == WebItemManager.CRMProductID ||
webitem.ID == WebItemManager.PeopleProductID ||
webitem.ID == WebItemManager.BirthdaysProductID ||
webitem.ID == WebItemManager.MailProductID) &&
CoreContext.UserManager.GetUsers(@for).IsVisitor())
{
// hack: crm, people, birtthday and mail products not visible for collaborators
result = false;
}
else if ((webitem.ID == WebItemManager.CalendarProductID ||
webitem.ID == WebItemManager.TalkProductID) &&
CoreContext.UserManager.GetUsers(@for).IsOutsider())
{
// hack: calendar and talk products not visible for outsider
result = false;
}
else if (webitem is IModule)
{
result = SecurityContext.PermissionResolver.Check(CoreContext.Authentication.GetAccountByID(@for), securityObj, null, Read) &&
IsAvailableForUser(WebItemManager.Instance.GetParentItemID(webitem.ID), @for);
}
else
{
var hasUsers = CoreContext.AuthorizationManager.GetAces(Guid.Empty, Read.ID, securityObj).Any(a => a.SubjectId != ASC.Core.Users.Constants.GroupEveryone.ID);
result = SecurityContext.PermissionResolver.Check(CoreContext.Authentication.GetAccountByID(@for), securityObj, null, Read) ||
(hasUsers && IsProductAdministrator(securityObj.WebItemId, @for));
}
}
else
{
result = false;
}
}
dic = cache.Get <Dictionary <string, bool> >(key);
if (dic != null)
{
lock (dic)
{
dic[id + @for] = result;
}
}
return(result);
}
public bool IsAvailableForUser(Guid itemId, Guid @for)
{
var id = itemId.ToString();
var result = false;
var tenant = TenantManager.GetCurrentTenant();
var dic = WebItemSecurityCache.GetOrInsert(tenant.TenantId);
if (dic != null)
{
lock (dic)
{
if (dic.ContainsKey(id + @for))
{
return(dic[id + @for]);
}
}
}
// can read or administrator
var securityObj = WebItemSecurityObject.Create(id, WebItemManager);
if (CoreBaseSettings.Personal &&
securityObj.WebItemId != WebItemManager.DocumentsProductID)
{
// only files visible in your-docs portal
result = false;
}
else
{
var webitem = WebItemManager[securityObj.WebItemId];
if (webitem != null)
{
if ((webitem.ID == WebItemManager.CRMProductID ||
webitem.ID == WebItemManager.PeopleProductID ||
webitem.ID == WebItemManager.BirthdaysProductID ||
webitem.ID == WebItemManager.MailProductID) &&
UserManager.GetUsers(@for).IsVisitor(UserManager))
{
// hack: crm, people, birtthday and mail products not visible for collaborators
result = false;
}
else if ((webitem.ID == WebItemManager.CalendarProductID ||
webitem.ID == WebItemManager.TalkProductID) &&
UserManager.GetUsers(@for).IsOutsider(UserManager))
{
// hack: calendar and talk products not visible for outsider
result = false;
}
else if (webitem is IModule)
{
result = PermissionContext.PermissionResolver.Check(Authentication.GetAccountByID(tenant.TenantId, @for), securityObj, null, Read) &&
IsAvailableForUser(WebItemManager.GetParentItemID(webitem.ID), @for);
}
else
{
var hasUsers = AuthorizationManager.GetAces(Guid.Empty, Read.ID, securityObj).Any(a => a.SubjectId != ASC.Core.Users.Constants.GroupEveryone.ID);
result = PermissionContext.PermissionResolver.Check(Authentication.GetAccountByID(tenant.TenantId, @for), securityObj, null, Read) ||
(hasUsers && IsProductAdministrator(securityObj.WebItemId, @for));
}
}
else
{
result = false;
}
}
dic = WebItemSecurityCache.Get(tenant.TenantId);
if (dic != null)
{
lock (dic)
{
dic[id + @for] = result;
}
}
return(result);
}
