|
public Get ( int entityTypeId, int entityId ) : IQueryable |
||
| entityTypeId | int | A |
| entityId | int | A |
| return | IQueryable |
|
/// <summary>
/// Handles the Delete event of the rGrid control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="RowEventArgs"/> instance containing the event data.</param>
protected void rGrid_Delete(object sender, RowEventArgs e)
{
var rockContext = new RockContext();
var authService = new Rock.Model.AuthService(rockContext);
Rock.Model.Auth auth = authService.Get(e.RowKeyId);
if (auth != null)
{
authService.Delete(auth);
rockContext.SaveChanges();
Authorization.ReloadAction(iSecured.TypeId, iSecured.Id, CurrentAction);
}
BindGrid();
}
/// <summary>
/// Handles the SelectedIndexChanged event of the rblAllowDeny control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param>
protected void rblAllowDeny_SelectedIndexChanged(object sender, EventArgs e)
{
RadioButtonList rblAllowDeny = (RadioButtonList)sender;
GridViewRow selectedRow = rblAllowDeny.NamingContainer as GridViewRow;
if (selectedRow != null)
{
int id = (int)rGrid.DataKeys[selectedRow.RowIndex]["Id"];
var rockContext = new RockContext();
var authService = new Rock.Model.AuthService(rockContext);
Rock.Model.Auth auth = authService.Get(id);
if (auth != null)
{
auth.AllowOrDeny = rblAllowDeny.SelectedValue;
rockContext.SaveChanges();
Authorization.ReloadAction(iSecured.TypeId, iSecured.Id, CurrentAction);
}
}
BindGrid();
}
/// <summary>
/// Handles the SelectedIndexChanged event of the rblAllowDeny control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param>
protected void rblAllowDeny_SelectedIndexChanged( object sender, EventArgs e )
{
RadioButtonList rblAllowDeny = (RadioButtonList)sender;
GridViewRow selectedRow = rblAllowDeny.NamingContainer as GridViewRow;
if ( selectedRow != null )
{
int id = (int)rGrid.DataKeys[selectedRow.RowIndex]["Id"];
var rockContext = new RockContext();
var authService = new Rock.Model.AuthService( rockContext );
Rock.Model.Auth auth = authService.Get( id );
if ( auth != null )
{
auth.AllowOrDeny = rblAllowDeny.SelectedValue;
rockContext.SaveChanges();
Authorization.ReloadAction( iSecured.TypeId, iSecured.Id, CurrentAction );
}
}
BindGrid();
}
/// <summary>
/// Handles the Delete event of the rGrid control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="RowEventArgs"/> instance containing the event data.</param>
protected void rGrid_Delete( object sender, RowEventArgs e )
{
var rockContext = new RockContext();
var authService = new Rock.Model.AuthService( rockContext );
Rock.Model.Auth auth = authService.Get( e.RowKeyId );
if ( auth != null )
{
authService.Delete( auth );
rockContext.SaveChanges();
Authorization.ReloadAction( iSecured.TypeId, iSecured.Id, CurrentAction );
}
BindGrid();
}
/// <summary>
/// Updates authorization rules for the entity so that the current person is allowed to perform the specified action.
/// </summary>
/// <param name="entity">The entity.</param>
/// <param name="action">The action.</param>
/// <param name="person">The person.</param>
/// <param name="rockContext">The rock context.</param>
public static void AllowPerson( ISecured entity, string action, Person person, RockContext rockContext = null )
{
if ( person != null )
{
rockContext = rockContext ?? new RockContext();
// If there's no Authorizations object, create it
if ( Authorizations == null )
{
Load( rockContext );
}
var authService = new AuthService( rockContext );
// If there are not entries in the Authorizations object for this entity type and entity instance, create
// the dictionary entries
if ( !Authorizations.Keys.Contains( entity.TypeId ) )
{
Authorizations.Add( entity.TypeId, new Dictionary<int, Dictionary<string, List<AuthRule>>>() );
}
if ( !Authorizations[entity.TypeId].Keys.Contains( entity.Id ) )
{
Authorizations[entity.TypeId].Add( entity.Id, new Dictionary<string, List<AuthRule>>() );
}
List<AuthRule> rules = null;
if ( Authorizations[entity.TypeId][entity.Id].Keys.Contains( action ) )
{
rules = Authorizations[entity.TypeId][entity.Id][action];
}
else
{
rules = new List<AuthRule>();
Authorizations[entity.TypeId][entity.Id].Add( action, rules );
}
int order = 0;
Auth auth = new Auth();
auth.EntityTypeId = entity.TypeId;
auth.EntityId = entity.Id;
auth.Order = order++;
auth.Action = action;
auth.AllowOrDeny = "A";
auth.SpecialRole = SpecialRole.None;
auth.PersonId = person.Id;
authService.Add( auth );
foreach(var rule in rules)
{
var existingAuth = authService.Get( rule.Id );
existingAuth.Order = order++;
}
rockContext.SaveChanges();
rules.Insert(0, new AuthRule( auth ) );
}
}
/// <summary>
/// Removes that two authorization rules that made the entity private.
/// </summary>
/// <param name="entity">The entity.</param>
/// <param name="action">The action.</param>
/// <param name="person">The person.</param>
/// <param name="rockContext">The rock context.</param>
public static void MakeUnPrivate( ISecured entity, string action, Person person, RockContext rockContext = null )
{
if ( IsPrivate( entity, action, person ) )
{
rockContext = rockContext ?? new RockContext();
var authService = new AuthService( rockContext );
// if is private, then there are only two rules for this action that should be deleted
foreach ( AuthRule authRule in Authorizations[entity.TypeId][entity.Id][action] )
{
var oldAuth = authService.Get( authRule.Id );
authService.Delete( oldAuth );
}
rockContext.SaveChanges();
Authorizations[entity.TypeId][entity.Id][action] = new List<AuthRule>();
}
}
/// <summary>
/// Makes the entity private by setting up two authorization rules, one granting the selected person, and
/// then another that denies all other users.
/// </summary>
/// <param name="entity">The entity.</param>
/// <param name="action">The action.</param>
/// <param name="person">The person.</param>
/// <param name="rockContext">The rock context.</param>
public static void MakePrivate( ISecured entity, string action, Person person, RockContext rockContext = null )
{
if ( !IsPrivate( entity, action, person ) )
{
if ( person != null )
{
rockContext = rockContext ?? new RockContext();
// If there's no Authorizations object, create it
if ( Authorizations == null )
{
Load( rockContext );
}
var authService = new AuthService( rockContext );
// If there are not entries in the Authorizations object for this entity type and entity instance, create
// the dictionary entries
if ( !Authorizations.Keys.Contains( entity.TypeId ) )
{
Authorizations.Add( entity.TypeId, new Dictionary<int, Dictionary<string, List<AuthRule>>>() );
}
if ( !Authorizations[entity.TypeId].Keys.Contains( entity.Id ) )
{
Authorizations[entity.TypeId].Add( entity.Id, new Dictionary<string, List<AuthRule>>() );
}
if ( !Authorizations[entity.TypeId][entity.Id].Keys.Contains( action ) )
{
Authorizations[entity.TypeId][entity.Id].Add( action, new List<AuthRule>() );
}
else
{
// If existing rules exist, delete them.
foreach ( AuthRule authRule in Authorizations[entity.TypeId][entity.Id][action] )
{
var oldAuth = authService.Get( authRule.Id );
authService.Delete( oldAuth );
}
}
var rules = new List<AuthRule>();
Auth auth1 = new Auth();
auth1.EntityTypeId = entity.TypeId;
auth1.EntityId = entity.Id;
auth1.Order = 0;
auth1.Action = action;
auth1.AllowOrDeny = "A";
auth1.SpecialRole = SpecialRole.None;
auth1.PersonId = person.Id;
authService.Add( auth1 );
Auth auth2 = new Auth();
auth2.EntityTypeId = entity.TypeId;
auth2.EntityId = entity.Id;
auth2.Order = 1;
auth2.Action = action;
auth2.AllowOrDeny = "D";
auth2.SpecialRole = SpecialRole.AllUsers;
authService.Add( auth2 );
rockContext.SaveChanges();
rules.Add( new AuthRule( auth1 ) );
rules.Add( new AuthRule( auth2 ) );
Authorizations[entity.TypeId][entity.Id][action] = rules;
}
}
}
/// <summary>
/// Copies the authorizations from one <see cref="ISecured" /> object to another
/// </summary>
/// <param name="sourceEntity">The source entity.</param>
/// <param name="targetEntity">The target entity.</param>
/// <param name="rockContext">The rock context.</param>
/// <remarks>
/// If a rockContext value is included, this method will save any previous changes made to the context
/// </remarks>
public static void CopyAuthorization( ISecured sourceEntity, ISecured targetEntity, RockContext rockContext = null )
{
rockContext = rockContext ?? new RockContext();
// If there's no Authorizations object, create it
if ( Authorizations == null )
{
Load( rockContext );
}
var sourceEntityTypeId = sourceEntity.TypeId;
var targetEntityTypeId = targetEntity.TypeId;
AuthService authService = new AuthService( rockContext );
// Delete the current authorizations for the target entity
foreach ( Auth auth in authService.Get( targetEntityTypeId, targetEntity.Id ) )
{
authService.Delete( auth );
}
Dictionary<string, List<AuthRule>> newActions = new Dictionary<string, List<AuthRule>>();
int order = 0;
if ( Authorizations.ContainsKey( sourceEntityTypeId ) && Authorizations[sourceEntityTypeId].ContainsKey( sourceEntity.Id ) )
{
foreach ( KeyValuePair<string, List<AuthRule>> action in Authorizations[sourceEntityTypeId][sourceEntity.Id] )
{
if ( targetEntity.SupportedActions.ContainsKey( action.Key ) )
{
newActions.Add( action.Key, new List<AuthRule>() );
foreach ( AuthRule rule in action.Value )
{
Auth auth = new Auth();
auth.EntityTypeId = targetEntityTypeId;
auth.EntityId = targetEntity.Id;
auth.Order = order;
auth.Action = action.Key;
auth.AllowOrDeny = rule.AllowOrDeny;
auth.SpecialRole = rule.SpecialRole;
auth.PersonId = rule.PersonId;
auth.GroupId = rule.GroupId;
authService.Add( auth );
newActions[action.Key].Add( new AuthRule( rule.Id, rule.EntityId, rule.AllowOrDeny, rule.SpecialRole, rule.PersonId, rule.GroupId, rule.Order ) );
order++;
}
}
}
}
rockContext.SaveChanges();
if ( !Authorizations.ContainsKey( targetEntityTypeId ) )
{
Authorizations.Add( targetEntityTypeId, new Dictionary<int, Dictionary<string, List<AuthRule>>>() );
}
Dictionary<int, Dictionary<string, List<AuthRule>>> entityType = Authorizations[targetEntityTypeId];
if ( !entityType.ContainsKey( targetEntity.Id ) )
{
entityType.Add( targetEntity.Id, new Dictionary<string, List<AuthRule>>() );
}
entityType[targetEntity.Id] = newActions;
}
/// <summary>
/// Copies the authorizations from one <see cref="ISecured" /> object to another
/// </summary>
/// <param name="sourceEntity">The source entity.</param>
/// <param name="targetEntity">The target entity.</param>
/// <param name="rockContext">The rock context.</param>
/// <param name="action">Optional action (if ommitted or left blank, all actions will be copied).</param>
/// <remarks>
/// This method will save any previous changes made to the context
/// </remarks>
public static void CopyAuthorization( ISecured sourceEntity, ISecured targetEntity, RockContext rockContext, string action = "" )
{
Load();
var sourceEntityTypeId = sourceEntity.TypeId;
var targetEntityTypeId = targetEntity.TypeId;
AuthService authService = new AuthService( rockContext );
// Delete the current authorizations for the target entity
foreach ( Auth auth in authService.Get( targetEntityTypeId, targetEntity.Id ).ToList() )
{
if ( string.IsNullOrWhiteSpace( action ) || auth.Action.Equals( action, StringComparison.OrdinalIgnoreCase ) )
{
authService.Delete( auth );
}
}
rockContext.SaveChanges();
// Copy target auths to source auths
int order = 0;
foreach ( Auth sourceAuth in authService.Get( sourceEntityTypeId, sourceEntity.Id ).ToList() )
{
if ( ( string.IsNullOrWhiteSpace( action ) || sourceAuth.Action.Equals( action, StringComparison.OrdinalIgnoreCase ) ) &&
targetEntity.SupportedActions.ContainsKey( sourceAuth.Action ) )
{
Auth auth = new Auth();
auth.EntityTypeId = targetEntityTypeId;
auth.EntityId = targetEntity.Id;
auth.Action = sourceAuth.Action;
auth.AllowOrDeny = sourceAuth.AllowOrDeny;
auth.GroupId = sourceAuth.GroupId;
auth.PersonAliasId = sourceAuth.PersonAliasId;
auth.SpecialRole = sourceAuth.SpecialRole;
auth.Order = order++;
authService.Add( auth );
rockContext.SaveChanges();
}
}
ReloadEntity( targetEntityTypeId, targetEntity.Id, rockContext );
}
