/****************************************************************************************************** Related Permissions */
public static Dictionary <PermissionTypeBase, int> GetRelatedPermissions(SecurityContext context, int entityId, PermissionLevel level, bool explicitOnly, int identityId, Func <int, bool> isEnabled)
{
if (!explicitOnly)
{
throw new NotSupportedException("Not supported in this version. Use explicitOnly = true");
}
SecurityEntity.EnterReadLock();
try
{
var counters = new int[PermissionTypeBase.PermissionCount];
var identities = new[] { identityId };
var root = SecurityEntity.GetEntitySafe(context, entityId, true);
foreach (var entity in new EntityTreeWalker(root))
{
// step forward if there is no any setting
if (!entity.HasExplicitAcl)
{
continue;
}
if (!isEnabled(entity.Id))
{
continue;
}
// if breaked, adding existing parent-s effective identities because all identities are related.
var localBits = new PermissionBitMask();
if (!entity.IsInherited && entity.Parent != null)
{
CollectPermissionsFromLocalAces(context.Evaluator.GetEffectiveEntriesSafe(entity.Parent.Id, identities), localBits);
}
// adding explicite identities
CollectPermissionsFromAces(context.Evaluator.GetExplicitEntriesSafe(entity.Id, identities), level, counters, localBits);
}
var result = new Dictionary <PermissionTypeBase, int>();
for (var i = 0; i < PermissionTypeBase.PermissionCount; i++)
{
result.Add(PermissionTypeBase.GetPermissionTypeByIndex(i), counters[i]);
}
return(result);
}
finally
{
SecurityEntity.ExitReadLock();
}
}
private AccessControlEntry CreateEmptyAce(AceInfo aceInfo)
{
var perms = new Permission[PermissionTypeBase.PermissionCount];
for (var i = 0; i < perms.Length; i++)
{
perms[i] = new Permission {
Name = PermissionTypeBase.GetPermissionTypeByIndex(i).Name
}
}
;
return(new AccessControlEntry
{
IdentityId = aceInfo.IdentityId,
LocalOnly = aceInfo.LocalOnly,
Permissions = perms
});
}
public static Dictionary <PermissionTypeBase, int> GetExplicitPermissionsInSubtree(SecurityContext context, int entityId, int[] identities, bool includeRoot)
{
SecurityEntity.EnterReadLock();
try
{
var counters = new int[PermissionTypeBase.PermissionCount];
var root = SecurityEntity.GetEntitySafe(context, entityId, true);
foreach (var entity in new EntityTreeWalker(root))
{
// step forward if there is no any setting
if (!entity.HasExplicitAcl || (entity.Id == entityId && !includeRoot))
{
continue;
}
// if breaked, adding existing parent-s effective identities because all identities are related.
var localBits = new PermissionBitMask();
if (!entity.IsInherited && entity.Parent != null && (includeRoot || entity.Parent.Id != entityId))
{
CollectPermissionsFromLocalAces(context.Evaluator.GetEffectiveEntriesSafe(entity.Parent.Id, identities), localBits);
}
// adding explicite identities
CollectPermissionsFromAces(context.Evaluator.GetExplicitEntriesSafe(entity.Id, identities), PermissionLevel.AllowedOrDenied, counters, localBits);
}
var result = new Dictionary <PermissionTypeBase, int>();
for (var i = 0; i < PermissionTypeBase.PermissionCount; i++)
{
result.Add(PermissionTypeBase.GetPermissionTypeByIndex(i), counters[i]);
}
return(result);
}
finally
{
SecurityEntity.ExitReadLock();
}
}
