Ejemplo n.º 1
0
        // list acls I share to other
        public List <CACLEntity> ListMyAcls()
        {
            String            filter   = "this.Acl_Creator=" + Usr_Id.ToString();
            List <CACLEntity> userAcls = new CACLEntity(ConnString).GetObjectList(filter);

            return(userAcls);
        }
Ejemplo n.º 2
0
        /// <summary>
        /// 批准归档申请——赵英武
        /// </summary>
        /// <param name="apply"></param>
        /// <param name="archiveResource"></param>
        public void PermitApply(int apply, int archiveResource)
        {
            CACLEntity acl = new CACLEntity();

            acl.Acl_Operation = (int)ACLOPERATION.AUDITAPPLY;
            acl.Acl_Resource  = this.Usr_Organize;

            if (!CheckPrivilege(acl))
            {
                throw new Exception("没有管理归档申请的权限!");
            }

            CApplyEntity aRes = new CApplyEntity().Load(apply);

            if (aRes.App_Audited == (int)AUDITE.AUDITED || aRes.App_Audited == (int)AUDITE.UNAUDITED)
            {
                throw new Exception("该资源已审核!");
            }

            try
            {
                this.CopyResource(aRes.App_ResId, archiveResource);
                aRes.Permit();
            }
            catch (Exception ex)
            {
                throw (ex);
            }
        }
Ejemplo n.º 3
0
        public void DeleteACLs()
        {
            String     filter = "this.Acl_Resource=" + Res_Id;
            CACLEntity en     = new CACLEntity(ConnString);

            en.Delete(filter);
        }
Ejemplo n.º 4
0
        public COrganizeEntity CreateOrganize(String organizeName)
        {
            try
            {
                // Check privilege
                CACLEntity acl = new CACLEntity();
                acl.Acl_Resource  = 0;
                acl.Acl_Operation = (int)ACLOPERATION.CREATEORGANIZE;
                if (!CheckPrivilege(acl))
                {
                    throw new Exception("当前用户无创建组织权限");
                }

                // create resource for this organize
                CResourceEntity res = new CResourceEntity(ConnString);
                res.Res_Name   = organizeName;
                res.Res_Parent = 0;
                res.Res_Type   = (int)RESOURCETYPE.ORGANIZERESOURCE;
                res.Res_Id     = res.Insert();

                // create default storage folder named as organize resource id
                String organizePath = Path.Combine(MidLayerSettings.AppPath, res.Res_Id.ToString() + organizeName);
                Directory.CreateDirectory(organizePath);

                // create resource for default folder of organize
                CResourceEntity folderRes = new CResourceEntity(ConnString);
                folderRes.Res_Name   = res.Res_Id.ToString() + organizeName;
                folderRes.Res_Parent = 0;
                folderRes.Res_Type   = (int)RESOURCETYPE.FOLDERRESOURCE;
                folderRes.Res_Id     = folderRes.Insert();

                // Create organize entity
                COrganizeEntity organize = new COrganizeEntity(ConnString);
                organize.Org_Name = organizeName;
                //organize = res.Res_Id;
                organize.Org_Resource = res.Res_Id;
                organize.Insert();

                // create archive folder for organzie
                String archivePath = Path.Combine(organizePath, "Archive");
                Directory.CreateDirectory(archivePath);

                // create resource for archive folder
                CResourceEntity archiveRes = new CResourceEntity(ConnString);
                archiveRes.Res_Name   = "Archive";
                archiveRes.Res_Parent = folderRes.Res_Id;
                archiveRes.Res_Type   = (int)RESOURCETYPE.FOLDERRESOURCE;
                archiveRes.Res_Id     = archiveRes.Insert();

                organize.Org_ArchiveRes = archiveRes.Res_Id;
                organize.Update();

                return(organize);
            }
            catch (Exception ex)
            {
                throw (ex);
            }
        }
Ejemplo n.º 5
0
        public List <CACLEntity> ListMyAcls(int sharedResource)
        {
            String filter = "this.Acl_Creator=" + Usr_Id.ToString();

            filter += " and this.Acl_Resource=" + sharedResource.ToString();
            List <CACLEntity> userAcls = new CACLEntity(ConnString).GetObjectList(filter);

            return(userAcls);
        }
Ejemplo n.º 6
0
        public List <CACLEntity> GetUserACLs()
        {
            String filter = "this.Acl_Role=" + Usr_Id.ToString();

            filter += " and this.Acl_RType=" + ((int)ACLROLETYPE.USERROLE).ToString();
            List <CACLEntity> userAcls = new CACLEntity(ConnString).GetObjectList(filter);

            return(userAcls);
        }
Ejemplo n.º 7
0
        public void Permit(int userId, ACLROLETYPE roleType, int resourceId, ACLOPERATION operation)
        {
            // user have to have write privilege on resource
            CACLEntity acl = new CACLEntity();

            acl.Acl_Resource  = resourceId;
            acl.Acl_Operation = (int)ACLOPERATION.WRITE;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("没有写权限");
            }

            List <CACLEntity> userAcls = new List <CACLEntity>();

            if (roleType == ACLROLETYPE.USERROLE)
            {
                CUserEntity user = new CUserEntity(ConnString).Load(userId);
                userAcls = user.GetUserACLs();
            }
            else if (roleType == ACLROLETYPE.GROUPROLE)
            {
                CGroupEntity group = new CGroupEntity(ConnString).Load(userId);
                userAcls = group.GetGroupACLs();
            }

            // check if this acl conflicts with others
            CResourceEntity resource = new CResourceEntity(ConnString).Load(resourceId);

            foreach (CACLEntity userAcl in userAcls)
            {
                if (resource.IsChild(userAcl.Acl_Resource) && userAcl.Acl_Operation == (int)operation)
                {
                    throw new Exception("与其他权限冲突");
                }
            }

            // create acl
            CACLEntity acl1 = new CACLEntity(ConnString);

            acl1.Acl_Resource   = resourceId;
            acl1.Acl_Role       = userId;
            acl1.Acl_RType      = (int)roleType;
            acl1.Acl_Operation  = (int)operation;
            acl1.Acl_Creator    = this.Usr_Id;
            acl1.Acl_CreateTime = DateTime.Now;
            acl1.Insert();

            // remove all child privileges
            foreach (CACLEntity ua in userAcls)
            {
                resource = new CResourceEntity(ConnString).Load(ua.Acl_Resource);
                if (resource.IsChild(resourceId) && ua.Acl_Operation == (int)operation)
                {
                    ua.Delete();
                }
            }
        }
Ejemplo n.º 8
0
        public List <CACLEntity> GetGroupACLs()
        {
            String filter = "this.Acl_Role=" + Grp_Id.ToString();

            filter += " and this.Acl_RType=" + ((int)ACLROLETYPE.GROUPROLE).ToString();
            List <CACLEntity> acls = new CACLEntity(ConnString).GetObjectList(filter);

            return(acls);
        }
Ejemplo n.º 9
0
        // newUser.Usr_Organize neend be set
        public CUserEntity CreateAdminlUser(CUserEntity newUser)
        {
            try
            {
                // Check privilege
                CACLEntity acl = new CACLEntity();
                acl.Acl_Operation = (int)ACLOPERATION.CRETAEORGANIZEADMIN;
                acl.Acl_Resource  = Usr_Organize;
                if (!CheckPrivilege(acl))
                {
                    throw new Exception("当前用户无创建管理员用户权限");
                }

                // create admin
                newUser.Usr_Type = (int)USERTYPE.ORGANIZEADMIN;
                CUserEntity user = CreateUser(newUser);

                // add acls to admin, organize acl, root dir acl
                COrganizeEntity organize = new COrganizeEntity(ConnString);
                organize = organize.Load(user.Usr_Organize);

/*
 *              CACLEntity acl1 = new CACLEntity(ConnString);
 *              acl1.Acl_CreateTime = DateTime.Now;
 *              acl1.Acl_Creator = Usr_Id;
 *              acl1.Acl_Operation = 0;
 *              acl1.Acl_Resource = organize.Org_Id;
 *              acl1.Acl_Role = user.Usr_Id;
 *              acl1.Acl_RType = (int)ACLROLETYPE.USERROLE;
 *              acl1.Acl_Id = acl1.Insert();
 */
                CACLEntity acl2 = new CACLEntity(ConnString);
                acl2.Acl_CreateTime = DateTime.Now;
                acl2.Acl_Creator    = Usr_Id;
                acl2.Acl_Operation  = (int)ACLOPERATION.WRITE;
                acl2.Acl_Resource   = organize.Org_Resource;
                acl2.Acl_Role       = user.Usr_Id;
                acl2.Acl_RType      = (int)ACLROLETYPE.USERROLE;
                acl2.Acl_Id         = acl2.Insert();

                CACLEntity acl3 = new CACLEntity(ConnString);
                acl3.Acl_CreateTime = DateTime.Now;
                acl3.Acl_Creator    = Usr_Id;
                acl3.Acl_Operation  = (int)ACLOPERATION.READ;
                acl3.Acl_Resource   = organize.Org_Resource;
                acl3.Acl_Role       = user.Usr_Id;
                acl3.Acl_RType      = (int)ACLROLETYPE.USERROLE;
                acl3.Acl_Id         = acl3.Insert();

                return(user);
            }
            catch (Exception e)
            {
                throw e;
            }
        }
Ejemplo n.º 10
0
        public void ModifyGroup(CGroupEntity group)
        {
            // Check privilege
            CACLEntity acl = new CACLEntity();

            acl.Acl_Operation = (int)ACLOPERATION.CREATENORMALUSER;
            acl.Acl_Resource  = Usr_Organize;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("当前用户无修改用户组权限");
            }

            group.ConnString = ConnString;
            group.Update();
        }
Ejemplo n.º 11
0
        public void ModifyUser(CUserEntity user)
        {
            // Check privilege
            CACLEntity acl = new CACLEntity();

            acl.Acl_Operation = (int)ACLOPERATION.CREATENORMALUSER;
            acl.Acl_Resource  = Usr_Organize;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("当前用户无修改用户权限");
            }

            user.ConnString = ConnString;
            user.Update();
        }
Ejemplo n.º 12
0
        // List all Descendants of root that current user can read
        public List <CResourceEntity> ListDescendants(int root)
        {
            CACLEntity acl1 = new CACLEntity(ConnString);

            acl1.Acl_Resource  = root;
            acl1.Acl_Operation = (int)ACLOPERATION.READ;

            CResourceEntity parent = new CResourceEntity(ConnString).Load(root);

            if (CheckPrivilege(acl1))
            {
                return(parent.ListChildResources());
            }

            List <CResourceEntity> resources = new List <CResourceEntity>();
            List <CACLEntity>      acls      = GetAllACLs();

            foreach (CACLEntity acl in acls)
            {
                if (acl.Acl_Operation != (int)ACLOPERATION.READ && acl.Acl_Operation != (int)ACLOPERATION.WRITE)
                {
                    continue;
                }

                CResourceEntity res = new CResourceEntity(ConnString).Load(acl.Acl_Resource);
                if (res.Res_Type != (int)RESOURCETYPE.FILERESOURCE && res.Res_Type != (int)RESOURCETYPE.FOLDERRESOURCE)
                {
                    continue;
                }

                bool existed = false;
                foreach (CResourceEntity r in resources)
                {
                    if (r.Res_Id == res.Res_Id)
                    {
                        existed = true;
                        break;
                    }
                }

                if (!existed && res.IsChild(parent.Res_Id))
                {
                    resources.Add(res);
                }
            }

            return(resources);
        }
Ejemplo n.º 13
0
        public void DeleteGroup(int groupId)
        {
            // Check privilege
            CACLEntity acl = new CACLEntity();

            acl.Acl_Operation = (int)ACLOPERATION.CREATENORMALUSER;
            acl.Acl_Resource  = Usr_Organize;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("当前用户无修改用户组权限");
            }

            CGroupEntity group = new CGroupEntity(ConnString).Load(groupId);

            group.Delete();
        }
Ejemplo n.º 14
0
        public void DeleteUser(int userId)
        {
            // Check privilege
            CACLEntity acl = new CACLEntity();

            acl.Acl_Operation = (int)ACLOPERATION.CREATENORMALUSER;
            acl.Acl_Resource  = Usr_Organize;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("当前用户无删除用户权限");
            }

            CUserEntity user = new CUserEntity(ConnString).Load(userId);

            user.Delete();
        }
Ejemplo n.º 15
0
        public void RemoveUserFromGroup(int groupId, int userId)
        {
            // Check privilege
            CACLEntity acl = new CACLEntity();

            acl.Acl_Operation = (int)ACLOPERATION.CREATENORMALUSER;
            acl.Acl_Resource  = Usr_Organize;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("当前用户无修改用户组权限");
            }

            String filter = "this.Urg_Group=" + groupId + " and this.Urg_User=" + userId;

            new CUserGroupEntity(ConnString).Delete(filter);
        }
Ejemplo n.º 16
0
        public void Deny(int userId, ACLROLETYPE roleType, int resourceId, ACLOPERATION operation)
        {
            // user have to have write privilege on resource
            CACLEntity acl = new CACLEntity();

            acl.Acl_Resource  = resourceId;
            acl.Acl_Operation = (int)ACLOPERATION.WRITE;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("没有写权限");
            }

            String filter = "this.Acl_Resource=" + resourceId + " and this.Acl_Operation=" + (int)operation;

            filter += " and this.Acl_Role=" + userId + " and this.Acl_RType=" + (int)roleType;
            new CACLEntity(ConnString).Delete(filter);
        }
Ejemplo n.º 17
0
        public void CutResource(int srcResId, int dstResId)
        {
            // copy resource
            CACLEntity acl = new CACLEntity(ConnString);

            acl.Acl_Resource  = srcResId;
            acl.Acl_Operation = (int)ACLOPERATION.WRITE;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("没有写权限!");
            }
            acl.Acl_Resource  = dstResId;
            acl.Acl_Operation = (int)ACLOPERATION.WRITE;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("没有写权限!");
            }

            CResourceEntity srcRes  = new CResourceEntity(ConnString).Load(srcResId);
            CResourceEntity dstRes  = new CResourceEntity(ConnString).Load(dstResId);
            String          srcPath = srcRes.MakeFullPath();

            if (dstRes.Res_Type != (int)RESOURCETYPE.FOLDERRESOURCE)
            {
                throw new Exception("粘贴的目标必须是目录!");
            }
            srcRes.MoveTo(dstRes);

            // cut folder/file
            String dstPath = dstRes.MakeFullPath();

            dstPath = Path.Combine(dstPath, srcRes.Res_Name);
            if (Directory.Exists(dstPath) || File.Exists(dstPath))
            {
                throw new Exception(dstPath + "与现有文件名冲突!");
            }
            if (srcRes.Res_Type == (int)RESOURCETYPE.FILERESOURCE)
            {
                File.Move(srcPath, dstPath);
            }
            else
            {
                Directory.Move(srcPath, dstPath);
            }
        }
Ejemplo n.º 18
0
        public void AddUser2Group(int groupId, int userId)
        {
            // Check privilege
            CACLEntity acl = new CACLEntity();

            acl.Acl_Operation = (int)ACLOPERATION.CREATENORMALUSER;
            acl.Acl_Resource  = Usr_Organize;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("当前用户无修改用户组权限");
            }

            CUserGroupEntity userGroup = new CUserGroupEntity(ConnString);

            userGroup.Urg_Group = groupId;
            userGroup.Urg_User  = userId;
            userGroup.Insert();
        }
Ejemplo n.º 19
0
        // List all children that current user can read
        public List <CResourceEntity> ListResources(int parentId)
        {
            CACLEntity acl = new CACLEntity(ConnString);

            acl.Acl_Resource  = parentId;
            acl.Acl_Operation = (int)ACLOPERATION.READ;

            List <CResourceEntity> files = new List <CResourceEntity>();

            if (!CheckPrivilege(acl))
            {
                return(files);
            }

            CResourceEntity parent = new CResourceEntity(ConnString).Load(parentId);

            return(parent.ListChildResources());
        }
Ejemplo n.º 20
0
        /// <summary>
        /// 用户订阅文档——赵英武
        /// </summary>
        /// <param name="resId"></param>
        public void BookRead(int resId)
        {
            CACLEntity acl = new CACLEntity();

            acl.Acl_Resource  = resId;
            acl.Acl_Operation = (int)ACLOPERATION.READ;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("没有阅读权限!");
            }

            CMailEntity book = new CMailEntity();

            book.M_Organize = this.Usr_Organize;
            book.M_Resource = resId;
            book.M_UsrId    = this.Usr_Id;
            book.M_UsrMail  = this._Usr_Email;
            book.Insert();
        }
Ejemplo n.º 21
0
        public void DeleteResource(int resourceId)
        {
            CACLEntity acl = new CACLEntity(ConnString);

            acl.Acl_Resource  = resourceId;
            acl.Acl_Operation = (int)ACLOPERATION.WRITE;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("没有写权限");
            }

            CResourceEntity res = new CResourceEntity(ConnString).Load(resourceId);

            res.Remove();

            CMailEntity mailRes = new CMailEntity();

            mailRes.Remove("this.M_Resource ='" + resourceId + "'");
        }
Ejemplo n.º 22
0
        public CUserEntity CreateNormalUser(CUserEntity newUser)
        {
            try
            {
                // Check privilege
                CACLEntity acl = new CACLEntity();
                acl.Acl_Operation = (int)ACLOPERATION.CREATENORMALUSER;
                acl.Acl_Resource  = Usr_Organize;
                if (!CheckPrivilege(acl))
                {
                    throw new Exception("当前用户无创建新用户权限");
                }

                // create user
                newUser.Usr_Type = (int)USERTYPE.NORMALUSER;
                CUserEntity user = CreateUser(newUser);

                // add acl to user
                CACLEntity acl2 = new CACLEntity(ConnString);
                acl2.Acl_CreateTime = DateTime.Now;
                acl2.Acl_Creator    = Usr_Id;
                acl2.Acl_Operation  = (int)ACLOPERATION.WRITE;
                acl2.Acl_Resource   = user.Usr_Resource;
                acl2.Acl_Role       = user.Usr_Id;
                acl2.Acl_RType      = (int)ACLROLETYPE.USERROLE;
                acl2.Acl_Id         = acl2.Insert();

                CACLEntity acl1 = new CACLEntity(ConnString);
                acl1.Acl_CreateTime = DateTime.Now;
                acl1.Acl_Creator    = Usr_Id;
                acl1.Acl_Operation  = (int)ACLOPERATION.READ;
                acl1.Acl_Resource   = user.Usr_Resource;
                acl1.Acl_Role       = user.Usr_Id;
                acl1.Acl_RType      = (int)ACLROLETYPE.USERROLE;
                acl1.Acl_Id         = acl1.Insert();

                return(user);
            }
            catch (Exception e)
            {
                throw e;
            }
        }
Ejemplo n.º 23
0
        // return new resource id
        public CResourceEntity CreateFile(int parentId, String fileName, out String filePath)
        {
            CACLEntity acl = new CACLEntity();

            acl.Acl_Resource  = parentId;
            acl.Acl_Operation = (int)ACLOPERATION.WRITE;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("没有写权限");
            }

            // create folder
            CResourceEntity parent = new CResourceEntity(MidLayerSettings.ConnectionString).Load(parentId);

            if (parent == null)
            {
                throw new Exception("无法找到资源. ID=" + parentId);
            }

            String path = parent.MakeFullPath();

            if (!Directory.Exists(path))
            {
                throw new Exception("目录不存在: " + path);
            }
            path = Path.Combine(path, fileName);
            if (Directory.Exists(path) || File.Exists(path))
            {
                throw new Exception("名称冲突: " + path);
            }

            filePath = path;

            // create resource
            CResourceEntity res = new CResourceEntity(ConnString);

            res.Res_Name = fileName;
            res.Res_Type = (int)RESOURCETYPE.FILERESOURCE;
            parent.CreateChildResource(res);
            return(res);
        }
Ejemplo n.º 24
0
        /// <summary>
        /// 不批准归档申请——赵英武
        /// </summary>
        /// <param name="apply"></param>
        public void CancelApply(int apply)
        {
            CACLEntity acl = new CACLEntity();

            acl.Acl_Operation = (int)ACLOPERATION.AUDITAPPLY;
            acl.Acl_Resource  = this.Usr_Organize;

            if (!CheckPrivilege(acl))
            {
                throw new Exception("没有管理归档申请的权限!");
            }

            CApplyEntity aRes = new CApplyEntity().Load(apply);

            if (aRes.App_Audited == (int)AUDITE.UNAUDITED || aRes.App_Audited == (int)AUDITE.AUDITED)
            {
                throw new Exception("该资源已审核!");
            }

            aRes.Cancel();
        }
Ejemplo n.º 25
0
        /// <summary>
        /// 更新文件——赵英武
        /// </summary>
        /// <param name="resId"></param>
        /// <param name="fileName"></param>
        /// <param name="filePath"></param>
        /// <returns></returns>
        public CResourceEntity UpdateFile(int resId, String fileName, out String filePath)
        {
            CACLEntity acl = new CACLEntity();

            acl.Acl_Resource  = resId;
            acl.Acl_Operation = (int)ACLOPERATION.WRITE;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("没有写权限");
            }

            CResourceEntity res  = new CResourceEntity().Load(resId);
            string          path = res.MakeFullPath();

            if (!System.IO.File.Exists(path))
            {
                throw new Exception("要更新的文件不存在!");
            }

            filePath     = path;
            res.Res_Name = fileName;
            res.Update();
            return(res);
        }
Ejemplo n.º 26
0
        public bool CheckPrivilege(CACLEntity acl)
        {
            // system admin has all privileges
            if (Usr_Type == (int)USERTYPE.SYSTEMADMIN)
            {
                return(true);
            }

            // if resourceid of acl is 0, it's a system management
            // and no users have the privilege except system admin
            if (acl.Acl_Resource == 0)
            {
                return(false);
            }

            // if resourceid is the organize id of current user,
            // the user must be system admin
            if (acl.Acl_Resource == this.Usr_Organize)
            {
                if (this.Usr_Type == (int)USERTYPE.ORGANIZEADMIN)
                {
                    return(true);
                }
                else
                {
                    return(false);
                }
            }

            // get all groups containing current user
            String                  filter     = "this.Urg_User="******"this.Acl_Operation=" + acl.Acl_Operation.ToString();
                filter += " and this.Acl_Resource=" + resId.ToString();
                filter += " and this.Acl_Role=" + Usr_Id.ToString();
                filter += " and this.Acl_RType=" + ((int)ACLROLETYPE.USERROLE).ToString();
                List <CACLEntity> acls = acl.GetObjectList(filter);
                if (acls.Count > 0)
                {
                    return(true);
                }

                // check if user's groups have right on this resource
                foreach (CUserGroupEntity ug in userGroups)
                {
                    filter  = "this.Acl_Operation=" + acl.Acl_Operation.ToString();
                    filter += " and this.Acl_Resource=" + resId.ToString();
                    filter += " and this.Acl_Role=" + ug.Urg_Group.ToString();
                    filter += " and this.Acl_RType=" + ((int)ACLROLETYPE.GROUPROLE).ToString();
                    acls    = acl.GetObjectList(filter);
                    if (acls.Count > 0)
                    {
                        return(true);
                    }
                }

                // get parent id of this resource
                CResourceEntity resource = new CResourceEntity(ConnString).Load(resId);
                if (resource == null)
                {
                    break;
                }
                else
                {
                    resId = resource.Res_Parent;
                }
            }
            return(false);
        }