private static void Step2(HttpRequest request, Literal rolesexport)
{
rolesexport.Text += "Export preview<br><br>";
var allright = CurrentRights.GetAllRightsMaster();
var rols = request.Form.Get("rol");
if (rols != null)
{
foreach (var rol in rols.Split(','))
{
rolesexport.Text += "<strong>" + rol + "</strong> :<br> ";
var account = Sitecore.Security.Accounts.Role.FromName(rol);
if (account == null)
{
break;
}
foreach (var itemWithRights in allright)
{
var accessRules = itemWithRights.Security.GetAccessRules();
if (accessRules != null)
{
foreach (var rule in accessRules)
{
if (rule.Account == account)
{
AccessRuleCollection ruleCollection = new AccessRuleCollection();
ruleCollection.Add(rule);
rolesexport.Text += itemWithRights.Paths.FullPath + " " + RightsHelper.RightToHtml(rule) + " " + rule.AccessRight.Name + " " + rule.SecurityPermission.ToString() + "<br>";
}
}
}
}
rolesexport.Text += "<br>\n";
}
rolesexport.Text += "<form method=\"post\" action=\"/sitecore modules/Shell/Security-Rights-Reporting/Download.aspx?rolesexport=1\" enctype=\"multipart/form-data\"><input type=\"hidden\" id=\"rol\" name=\"rol\" value=\"" + "" + HttpUtility.HtmlAttributeEncode(rols) + "\"><input type=\"submit\" value=\"Download\" name=\"submit\" ></form>";
}
}
public static void DisplayAccountRight(Literal userrights, Database db, string account, bool showdefaultrights)
{
if (account == "all")
{
userrights.Text += string.Format("<h2 id=\"{0}\">Item Rights set on all users and roles on {0} Database</h2>", db.Name);
}
else
{
userrights.Text += string.Format("<h2 id=\"{1}\">Item Rights set on account {0} on {1} Database</h2>", System.Web.HttpUtility.HtmlEncode(account), db.Name);
}
//We use a query instead of index search because, security field data is not in query, will be slower by large resultset.
var itemList = CurrentRights.GetAllRights(db);
if (itemList.Count.ToString() == Settings.GetSetting("Query.MaxItems"))
{
userrights.Text += "<p style=\"color:#FF3333;\">Alert Query limit is: " + itemList.Count + " looks like we don't have all data because this limit see Query.MaxItems in config </p>";
}
var count = 0;
var checkAccount = new CheckAccount();
string outmessage;
var defaultRights = Reporting.Shell.RightsData.RightsData.GetDefaultRights(db.Name, account, out outmessage);
if (!string.IsNullOrEmpty(outmessage))
{
userrights.Text += "<p>" + outmessage + "</p>";
}
userrights.Text += "<table id=\"table-accountrights\">";
foreach (var item in itemList)
{
var accessRules = item.Security.GetAccessRules();
if (accessRules != null)
{
if (account == "devexport")
{
userrights.Text += string.Format(",new[] {{\"{0}\",@\"{1}\"}}\n<br>", item.Paths.FullPath, item.Fields["__Security"].Value);
if (item.Paths.FullPath.StartsWith("[orphan]"))
{
userrights.Text += string.Format("orphan id={0} template={1}\n<br>", item.ID, item.TemplateID);
}
}
else
{
foreach (var rule in accessRules)
{
var defaultRight = defaultRights.FirstOrDefault(x => x.Path == item.Paths.FullPath && x.Account == rule.Account.Name && x.Right == rule.SecurityPermission.ToString() && x.Name == rule.AccessRight.Name && x.PropagationType == rule.PropagationType.ToString());
var style = "";
var message = "";
if (defaultRight != null)
{
defaultRight.Hit = true;
style = " style=\"color:#008800;\" class=\"green\"";
message = string.Format(", ({0})", defaultRight.Message);
if (!showdefaultrights)
{
continue;
}
}
var accountExsist = true;
if (rule.Account.AccountType == AccountType.Role)
{
accountExsist = checkAccount.IsRolExsisting(rule.Account.Name);
}
else
{
accountExsist = checkAccount.IsUserExsisting(rule.Account.Name);
}
if (!accountExsist)
{
message += ", Account unknown";
style = " style=\"color:#FFA500;\" class=\"orange\"";
}
if (rule.Account.Name == account)
{
userrights.Text += string.Format("<tr{3}><td>{0}</td><td>{1}</td><td>{6}</td><td>{7}</td><td>{2}{4}</td><td>{5}</td></tr>\n", item.Paths.FullPath, rule.AccessRight.Comment, rule.SecurityPermission, style, message, rule.PropagationType, rule.AccessRight.Name, RightsHelper.RightToHtml(rule));
count++;
}
else if (account == "all")
{
userrights.Text += string.Format("<tr{4}><td>{0}</td><td>{8} : {1}</td><td>{7}</td><td>{9}</td><td>{2}{5}</td><td>{3}</td><td>{6}</td></tr>\n", item.Paths.FullPath, rule.Account.Name, rule.AccessRight.Comment, rule.SecurityPermission, style, message, rule.PropagationType, rule.AccessRight.Name, rule.Account.AccountType.ToString(), RightsHelper.RightToHtml(rule));
count++;
}
else if (account == "alldevexport")
{
userrights.Text += string.Format(",new[] {{\"{0}\",\"{1}\",\"{2}\",\"{3}\"}}\n<br>", item.Paths.FullPath, rule.Account.Name.Replace("\\", "\\\\"), rule.SecurityPermission, rule.PropagationType);
count++;
}
}
}
}
}
if (count == 0)
{
if (showdefaultrights)
{
userrights.Text += "<tr><td>No rights found in this Database for the user or role.</td></tr>";
}
else
{
userrights.Text += "<tr><td>No custom rights found in this Database.</td></tr>";
}
}
userrights.Text += "</table>";
var warningRights = defaultRights.Where(x => x.Hit == false).ToList();
if (warningRights.Any())
{
userrights.Text += "<br><span style=\"color:#880000;\">WARNING:</span> Expected rights not found, or no Access:<br><table style=\"color:#880000;\">";
foreach (var warningRight in warningRights)
{
userrights.Text += string.Format("<tr><td>{0}</td><td>{1}</td><td>{2}</td><td>{3}</td><td>{4}</td><td>{5}</td></tr>\n", warningRight.Path, warningRight.Account, warningRight.Name, warningRight.Message, warningRight.Right, warningRight.PropagationType);
}
userrights.Text += "</table>";
}
}
