/// <summary>Gets the permissions for a certain user towards an item.</summary>
 /// <param name="user">The user whose permissoins to get.</param>
 /// <param name="item">The item for which permissions should be retrieved.</param>
 /// <returns>A permission flag.</returns>
 public Permission GetPermissions(IPrincipal user, ContentItem item)
 {
     return(GetPermiossions(user, item, Administrators)
            | GetPermiossions(user, item, Editors)
            | GetPermiossions(user, item, Writers)
            | (item.IsAuthorized(user) ? Permission.Read : Permission.None));
 }
Example #2
0
        public virtual bool Authorizes(IPrincipal user, ContentItem item, Permission permission)
        {
            if(item != null && permission == Permission.Read && !item.IsAuthorized(user))
                return false;

            return MapsTo(permission) && Contains(user);
        }
        public virtual bool Authorizes(IPrincipal user, ContentItem item, Permission permission)
        {
            if (item != null && permission == Permission.Read && !item.IsAuthorized(user))
            {
                return(false);
            }

            return(MapsTo(permission) && Contains(user));
        }
Example #4
0
        public virtual bool Authorizes(IPrincipal user, ContentItem item, Permission permission)
        {
            if (item == null) throw new ArgumentNullException("item");

            if(permission == Permission.Read && !item.IsAuthorized(user))
                return false;

            return MapsTo(permission) && Contains(user);
        }
Example #5
0
        /// <summary>Find out if a principal is allowed to access an item.</summary>
        /// <param name="item">The item to check against.</param>
        /// <param name="user">The principal to check for authorization.</param>
        /// <param name="operation"></param>
        /// <returns>True if the item has public access or the principal is allowed to access it.</returns>
        public virtual bool IsAuthorized(ContentItem item, IPrincipal user, string operation)
        {
            if (user != null && IsAdmin(user))
                return true;

            if (!IsPublished(item) && operation == Operations.Read)
                operation = Operations.ReadUnpublished;

            return item.IsAuthorized(user, operation);
        }
Example #6
0
        public override bool Authorizes(IPrincipal user, ContentItem item, Permission permission)
        {
            if (permission == Permission.None)
            {
                return(true);
            }
            if (!MapsTo(permission))
            {
                return(false);
            }

            bool isContentAuthorized = false;

            foreach (Permission permissionLevel in SplitPermission(permission))
            {
                if (!MapsTo(permissionLevel))
                {
                    continue;
                }

                if ((item.AlteredPermissions & permissionLevel) == Permission.None)
                {
                    continue;
                }

                if (permissionLevel == Permission.Read)
                {
                    if (!item.IsAuthorized(user))
                    {
                        return(false);
                    }

                    isContentAuthorized = true;
                    continue;
                }

                DetailCollection details = item.GetDetailCollection(AuthorizedRolesPrefix + permissionLevel, false);
                if (details != null)
                {
                    string[] rolesAuthorizedByItem = details.ToArray <string>();
                    if (!IsInRoles(user, rolesAuthorizedByItem) && !IsInUsers(user.Identity.Name))
                    {
                        return(false);
                    }

                    isContentAuthorized = true;
                }
            }

            return(isContentAuthorized || base.Authorizes(user, item, permission));
        }
Example #7
0
        public virtual bool Authorizes(IPrincipal user, ContentItem item, Permission permission)
        {
            if (item == null)
            {
                throw new ArgumentNullException("item");
            }

            if (permission == Permission.Read && !item.IsAuthorized(user))
            {
                return(false);
            }

            return(MapsTo(permission) && Contains(user));
        }
 /// <summary>Find out if a principal is allowed to access an item.</summary>
 /// <param name="item">The item to check against.</param>
 /// <param name="user">The principal to check for allowance.</param>
 /// <returns>True if the item has public access or the principal is allowed to access it.</returns>
 public virtual bool IsAuthorized(ContentItem item, IPrincipal user)
 {
     if (!Enabled || !ScopeEnabled || IsAdmin(user))
     {
         // Disabled security manager or Editor means full access
         return(true);
     }
     else if (!IsEditor(user) && !item.IsPublished())
     {
         // Non-editors cannot load unpublished items
         return(false);
     }
     return(item.IsAuthorized(user));
 }
Example #9
0
        public override bool Authorizes(IPrincipal user, ContentItem item, Permission permission)
        {
            if(permission == Permission.None)
                return true;
            if (!MapsTo(permission))
                return false;

            bool isContentAuthorized = false;

            foreach(Permission permissionLevel in SplitPermission(permission))
            {
                if(!MapsTo(permissionLevel))
                    continue;

                if ((item.AlteredPermissions & permissionLevel) == Permission.None)
                    continue;

                if(permissionLevel == Permission.Read)
                {
                    if(!item.IsAuthorized(user))
                        return false;
                    
                    isContentAuthorized = true;
                    continue;
                }

                DetailCollection details = item.GetDetailCollection(AuthorizedRolesPrefix + permissionLevel, false);
                if(details != null)
                {
                    string[] rolesAuthorizedByItem = details.ToArray<string>();
                    if (!IsInRoles(user, rolesAuthorizedByItem) && !IsInUsers(user.Identity.Name))
                        return false;

                    isContentAuthorized = true;
                }
            }

            return isContentAuthorized || base.Authorizes(user, item, permission);
        }
Example #10
0
 /// <summary>Gets the permissions for a certain user towards an item.</summary>
 /// <param name="user">The user whose permissoins to get.</param>
 /// <param name="item">The item for which permissions should be retrieved.</param>
 /// <returns>A permission flag.</returns>
 public virtual Permission GetPermissions(IPrincipal user, ContentItem item)
 {
     return GetPermiossions(user, item, Administrators)
         | GetPermiossions(user, item, Editors)
         | GetPermiossions(user, item, Writers)
         | (item.IsAuthorized(user) ? Permission.Read : Permission.None);
 }
Example #11
0
 /// <summary>Find out if a principal is allowed to access an item.</summary>
 /// <param name="item">The item to check against.</param>
 /// <param name="user">The principal to check for allowance.</param>
 /// <returns>True if the item has public access or the principal is allowed to access it.</returns>
 public virtual bool IsAuthorized(ContentItem item, IPrincipal user)
 {
     if (!Enabled || !ScopeEnabled || IsAdmin(user))
     {
         // Disabled security manager or Editor means full access
         return true;
     }
     else if (!IsEditor(user) && !IsPublished(item))
     {
         // Non-editors cannot load unpublished items
         return false;
     }
     return item.IsAuthorized(user);
 }