internal ResponseObject BreakRootMapInheritance(GlymaSecurableObject securableObject)
{
ResponseObject response = new ResponseObject()
{
HasError = false
};
try
{
GetSecurableContextIdResponse securableContextIdResponse = GetSecurableContextId();
if (!securableContextIdResponse.HasError)
{
int securableContextId = securableContextIdResponse.Result;
SecurableObject obj = GetSecurableObject(securableContextId, securableObject.SecurableObjectUid);
GlymaSecurableObjectContext securableObjectContext = new GlymaSecurableObjectContext(this, securableContextId, securableObject);
if (obj == null)
{
obj = securableObjectContext.CreateSecurableObject(true);
}
if (!obj.BreaksInheritance)
{
securableObjectContext.SetSecurableObjectInheritance(true);
}
CopyGroupAssociationsToRootMap(securableObject);
}
}
catch (Exception ex)
{
response.HasError = true;
response.ErrorMessage = ex.Message;
}
return(response);
}
internal GetSecurityAssociationsResponse RestoreRootMapInheritance(GlymaSecurableObject securableObject)
{
GetSecurityAssociationsResponse response = new GetSecurityAssociationsResponse()
{
HasError = false
};
try
{
GetSecurableContextIdResponse securableContextIdResponse = GetSecurableContextId();
if (!securableContextIdResponse.HasError)
{
int securableContextId = securableContextIdResponse.Result;
SecurableObject obj = GetSecurableObject(securableContextId, securableObject.SecurableObjectUid);
GlymaSecurableObjectContext securableObjectContext = new GlymaSecurableObjectContext(this, securableContextId, securableObject);
if (obj == null)
{
obj = securableObjectContext.CreateSecurableObject(false);
}
if (obj.BreaksInheritance)
{
securableObjectContext.SetSecurableObjectInheritance(false);
}
RemoveRootMapGroupAssociations(securableObject);
GlymaSecurableObject parentObject = new GlymaSecurableObject();
parentObject.SecurableParentUid = Guid.Empty;
parentObject.SecurableObjectUid = securableObject.SecurableParentUid;
GetAllSecurityGroupsResponse res = GetAllGlymaSecurityGroups();
if (!res.HasError)
{
IList <GlymaSecurityGroup> groups = ConversionUtility.ConvertDictToList(res.Result);
response = GetSecurityAssociations(groups, parentObject);
}
else
{
response.HasError = true;
response.ErrorMessage = "Failed returning the Glyma security groups. " + res.ErrorMessage;
}
}
else
{
response.HasError = true;
response.ErrorMessage = "Failed to restore root map inheritance. " + securableContextIdResponse.ErrorMessage;
}
}
catch (Exception ex)
{
response.HasError = true;
response.ErrorMessage = ex.Message;
}
return(response);
}
/// <summary>
/// Adds a security association for a SharePoint group to the security DB
/// </summary>
/// <param name="breakInheritance">Whether it should have inheritance broken or not</param>
/// <returns>A response object indicating if completed without error</returns>
internal ResponseObject SetSecurityAssociation(bool breakInheritance)
{
ResponseObject result = new ResponseObject()
{
HasError = false
};
try
{
if (Group != null)
{
Group group = Context.GetGroup(Group);
//if (group == null)
//{
// //Create the Group since it doesn't exist
// group = this.CreateGroup();
//}
bool response = this.HasAssociation();
if (!response)
{
SecurableObject so = Context.GetSecurableObject(Group.SecurableContextId, SecurableObject.SecurableObjectUid);
GlymaSecurableObjectContext securableObjectContext = new GlymaSecurableObjectContext(Context, Group.SecurableContextId, SecurableObject);
if (so == null)
{
so = securableObjectContext.CreateSecurableObject(breakInheritance);
}
//Create the group association since it doesn't exist
this.CreateGroupAssociation(group.GroupId);
}
}
else
{
result.HasError = true;
result.ErrorMessage = "The Glyma security group was not known.";
}
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
return(result);
}
/// <summary>
/// Gets the current security associations for a list of groups against a particular securable object
/// </summary>
/// <param name="webUrl">The URL for the SP site</param>
/// <param name="glGroups">A list of groups to get the security assocations for</param>
/// <param name="securableObject">An object that contains the Parent and Object ID's
/// SecurableParentUid: The ID of the securable parent (Guid.Empty for projects),
/// SecurableObjectUid: The ID of the securable object (root map UID or project UID if securing a project)</param>
/// <returns>A dictionary of security association, Key: the group, Value: True if the group has an assocation. (wrapped in a Response Object to indicate if any errors occured)</returns>
internal GetSecurityAssociationsResponse GetSecurityAssociations(IEnumerable <GlymaSecurityGroup> glGroups, GlymaSecurableObject securableObject)
{
GetSecurityAssociationsResponse result = new GetSecurityAssociationsResponse()
{
HasError = false
};
if (this.CurrentUser.IsUserSecurityManager())
{
SecurityAssociations securityAssociations = new SecurityAssociations();
Dictionary <GlymaSecurityGroup, bool> results = new Dictionary <GlymaSecurityGroup, bool>();
SecurableContext securableContext = GetSecurableContext();
int securableContextId = securableContext.SecurableContextId;
GlymaSecurableObjectContext securableObjectContext = new GlymaSecurableObjectContext(this, securableContextId, securableObject);
bool isInherited = securableObjectContext.GetIsInherited();
foreach (GlymaSecurityGroup glymaSecurityGroup in glGroups)
{
try
{
GlymaSecurityAssociationContext securityAssociationContext = new GlymaSecurityAssociationContext(this, glymaSecurityGroup, securableObject);
bool response = securityAssociationContext.HasAssociation();
results.Add(glymaSecurityGroup, response);
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
}
if (!result.HasError)
{
securityAssociations.HasAssociations = results;
securityAssociations.IsInherited = isInherited;
result.Result = securityAssociations;
}
}
else
{
result.HasError = true;
result.ErrorMessage = "Access Denied. User does not have permissions to access this web service method.";
}
return(result);
}
internal GetSecurityAssociationsResponse RestoreRootMapInheritance(GlymaSecurableObject securableObject)
{
GetSecurityAssociationsResponse response = new GetSecurityAssociationsResponse() { HasError = false };
try
{
GetSecurableContextIdResponse securableContextIdResponse = GetSecurableContextId();
if (!securableContextIdResponse.HasError)
{
int securableContextId = securableContextIdResponse.Result;
SecurableObject obj = GetSecurableObject(securableContextId, securableObject.SecurableObjectUid);
GlymaSecurableObjectContext securableObjectContext = new GlymaSecurableObjectContext(this, securableContextId, securableObject);
if (obj == null)
{
obj = securableObjectContext.CreateSecurableObject(false);
}
if (obj.BreaksInheritance)
{
securableObjectContext.SetSecurableObjectInheritance(false);
}
RemoveRootMapGroupAssociations(securableObject);
GlymaSecurableObject parentObject = new GlymaSecurableObject();
parentObject.SecurableParentUid = Guid.Empty;
parentObject.SecurableObjectUid = securableObject.SecurableParentUid;
GetAllSecurityGroupsResponse res = GetAllGlymaSecurityGroups();
if (!res.HasError)
{
IList<GlymaSecurityGroup> groups = ConversionUtility.ConvertDictToList(res.Result);
response = GetSecurityAssociations(groups, parentObject);
}
else
{
response.HasError = true;
response.ErrorMessage = "Failed returning the Glyma security groups. " + res.ErrorMessage;
}
}
else
{
response.HasError = true;
response.ErrorMessage = "Failed to restore root map inheritance. " + securableContextIdResponse.ErrorMessage;
}
}
catch (Exception ex)
{
response.HasError = true;
response.ErrorMessage = ex.Message;
}
return response;
}
internal ResponseObject BreakRootMapInheritance(GlymaSecurableObject securableObject)
{
ResponseObject response = new ResponseObject() { HasError = false };
try
{
GetSecurableContextIdResponse securableContextIdResponse = GetSecurableContextId();
if (!securableContextIdResponse.HasError)
{
int securableContextId = securableContextIdResponse.Result;
SecurableObject obj = GetSecurableObject(securableContextId, securableObject.SecurableObjectUid);
GlymaSecurableObjectContext securableObjectContext = new GlymaSecurableObjectContext(this, securableContextId, securableObject);
if (obj == null)
{
obj = securableObjectContext.CreateSecurableObject(true);
}
if (!obj.BreaksInheritance)
{
securableObjectContext.SetSecurableObjectInheritance(true);
}
CopyGroupAssociationsToRootMap(securableObject);
}
}
catch (Exception ex)
{
response.HasError = true;
response.ErrorMessage = ex.Message;
}
return response;
}
/// <summary>
/// Gets the current security associations for a list of groups against a particular securable object
/// </summary>
/// <param name="webUrl">The URL for the SP site</param>
/// <param name="glGroups">A list of groups to get the security assocations for</param>
/// <param name="securableObject">An object that contains the Parent and Object ID's
/// SecurableParentUid: The ID of the securable parent (Guid.Empty for projects),
/// SecurableObjectUid: The ID of the securable object (root map UID or project UID if securing a project)</param>
/// <returns>A dictionary of security association, Key: the group, Value: True if the group has an assocation. (wrapped in a Response Object to indicate if any errors occured)</returns>
internal GetSecurityAssociationsResponse GetSecurityAssociations(IEnumerable<GlymaSecurityGroup> glGroups, GlymaSecurableObject securableObject)
{
GetSecurityAssociationsResponse result = new GetSecurityAssociationsResponse() { HasError = false };
if (this.CurrentUser.IsUserSecurityManager())
{
SecurityAssociations securityAssociations = new SecurityAssociations();
Dictionary<GlymaSecurityGroup, bool> results = new Dictionary<GlymaSecurityGroup, bool>();
SecurableContext securableContext = GetSecurableContext();
int securableContextId = securableContext.SecurableContextId;
GlymaSecurableObjectContext securableObjectContext = new GlymaSecurableObjectContext(this, securableContextId, securableObject);
bool isInherited = securableObjectContext.GetIsInherited();
foreach (GlymaSecurityGroup glymaSecurityGroup in glGroups)
{
try
{
GlymaSecurityAssociationContext securityAssociationContext = new GlymaSecurityAssociationContext(this, glymaSecurityGroup, securableObject);
bool response = securityAssociationContext.HasAssociation();
results.Add(glymaSecurityGroup, response);
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
}
if (!result.HasError)
{
securityAssociations.HasAssociations = results;
securityAssociations.IsInherited = isInherited;
result.Result = securityAssociations;
}
}
else
{
result.HasError = true;
result.ErrorMessage = "Access Denied. User does not have permissions to access this web service method.";
}
return result;
}
/// <summary>
/// Checks if the association exists
/// </summary>
/// <param name="checkProjectsChildren">If this is true when checking the access to a Project if there are any root maps under that project the user
/// has access to it returns true for the project as well (only true for when working out the filtered lists)</param>
/// <returns>True if the GroupAssociation exists on this particular object for the group</returns>
internal bool HasAssociation(bool checkProjectsChildren = false)
{
bool result = false;
if (Group != null)
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(Context.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
Group glGroup = Context.GetGroup(Group);
if (glGroup != null)
{
IEnumerable <GroupAssociation> groupAssociations = null;
if (SecurableObject.SecurableParentUid == Guid.Empty)
{
//searching for a Project association
groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableObjectUid == SecurableObject.SecurableObjectUid && ga.SecurableParentUid.HasValue == false &&
ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == glGroup.GroupId
select ga;
if (!groupAssociations.Any() && checkProjectsChildren)
{
//check if the user has access to anything under the project which inherintly gives them access to that project
//cross check the project id (sent as the object id) against the parent uid and we don't care about the object uid as any root map
//gives them access to that particular project
groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableParentUid == SecurableObject.SecurableObjectUid &&
ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == glGroup.GroupId
select ga;
}
}
else
{
//searching for a RootMap association
GlymaSecurableObjectContext objectContext = new GlymaSecurableObjectContext(Context, Group.SecurableContextId, SecurableObject);
bool isInherited = objectContext.GetIsInherited();
if (!isInherited)
{
//if not inherited it will have it's own group associations
groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableObjectUid == SecurableObject.SecurableObjectUid && ga.SecurableParentUid == SecurableObject.SecurableParentUid &&
ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == glGroup.GroupId
select ga;
}
else
{
//if it is inherited look fro the parents group associations
groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableObjectUid == SecurableObject.SecurableParentUid && ga.SecurableParentUid.HasValue == false &&
ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == glGroup.GroupId
select ga;
}
}
if (groupAssociations.Any())
{
result = true;
}
}
});
}
}
}
}
return(result);
}
/// <summary>
/// Checks if the association exists
/// </summary>
/// <param name="checkProjectsChildren">If this is true when checking the access to a Project if there are any root maps under that project the user
/// has access to it returns true for the project as well (only true for when working out the filtered lists)</param>
/// <returns>True if the GroupAssociation exists on this particular object for the group</returns>
internal bool HasAssociation(bool checkProjectsChildren = false)
{
bool result = false;
if (Group != null)
{
using (IGlymaSession glymaSession = new WebAppSPGlymaSession(Context.WebUrl))
{
using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection())
{
using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection))
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
Group glGroup = Context.GetGroup(Group);
if (glGroup != null)
{
IEnumerable<GroupAssociation> groupAssociations = null;
if (SecurableObject.SecurableParentUid == Guid.Empty)
{
//searching for a Project association
groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableObjectUid == SecurableObject.SecurableObjectUid && ga.SecurableParentUid.HasValue == false
&& ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == glGroup.GroupId
select ga;
if (!groupAssociations.Any() && checkProjectsChildren)
{
//check if the user has access to anything under the project which inherintly gives them access to that project
//cross check the project id (sent as the object id) against the parent uid and we don't care about the object uid as any root map
//gives them access to that particular project
groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableParentUid == SecurableObject.SecurableObjectUid
&& ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == glGroup.GroupId
select ga;
}
}
else
{
//searching for a RootMap association
GlymaSecurableObjectContext objectContext = new GlymaSecurableObjectContext(Context, Group.SecurableContextId, SecurableObject);
bool isInherited = objectContext.GetIsInherited();
if (!isInherited)
{
//if not inherited it will have it's own group associations
groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableObjectUid == SecurableObject.SecurableObjectUid && ga.SecurableParentUid == SecurableObject.SecurableParentUid
&& ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == glGroup.GroupId
select ga;
}
else
{
//if it is inherited look fro the parents group associations
groupAssociations = from ga in dataContext.GroupAssociations
where ga.SecurableObjectUid == SecurableObject.SecurableParentUid && ga.SecurableParentUid.HasValue == false
&& ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == glGroup.GroupId
select ga;
}
}
if (groupAssociations.Any())
{
result = true;
}
}
});
}
}
}
}
return result;
}
/// <summary>
/// Adds a security association for a SharePoint group to the security DB
/// </summary>
/// <param name="breakInheritance">Whether it should have inheritance broken or not</param>
/// <returns>A response object indicating if completed without error</returns>
internal ResponseObject SetSecurityAssociation(bool breakInheritance)
{
ResponseObject result = new ResponseObject() { HasError = false };
try
{
if (Group != null)
{
Group group = Context.GetGroup(Group);
//if (group == null)
//{
// //Create the Group since it doesn't exist
// group = this.CreateGroup();
//}
bool response = this.HasAssociation();
if (!response)
{
SecurableObject so = Context.GetSecurableObject(Group.SecurableContextId, SecurableObject.SecurableObjectUid);
GlymaSecurableObjectContext securableObjectContext = new GlymaSecurableObjectContext(Context, Group.SecurableContextId, SecurableObject);
if (so == null)
{
so = securableObjectContext.CreateSecurableObject(breakInheritance);
}
//Create the group association since it doesn't exist
this.CreateGroupAssociation(group.GroupId);
}
}
else
{
result.HasError = true;
result.ErrorMessage = "The Glyma security group was not known.";
}
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
return result;
}
