public bool CheckUnique(EntityPermission permission) { return(!QPContext.EFContext.SiteFolderPermissionSet.Any(p => p.FolderId == permission.ParentEntityId && (permission.GroupId.HasValue ? p.GroupId == permission.GroupId.Value : p.GroupId == null) && (permission.UserId.HasValue ? p.UserId == permission.UserId.Value : p.UserId == null))); }
public bool CheckUnique(EntityPermission permission) { return(!QPContext.EFContext.ContentPermissionSet.Where(p => p.ContentId == permission.ParentEntityId) .AsEnumerable() .Any(p => PermissionUserOrGroupEquals(permission, p) )); }
public static void RemovePermission(Type classType, string identifier, string userName) { if (logger.IsDebugEnabled) { logger.DebugFormat("Finding entity permission: {0} {1}", classType.Name, identifier); } EntityPermission ep = ControllerManager.EntityPermission.Find(classType.Name, identifier); UserMember um = ControllerManager.UserMember.GetById(MembershipHelper.GetUser(userName).UserId); if (ep != null) { if (ep.Users.Contains(um)) { if (logger.IsDebugEnabled) { logger.DebugFormat("Removing entity permission: {0} {1}", classType.Name, identifier); } ep.Users.Remove(um); ControllerManager.EntityPermission.Save(ep); // Remove any cached information string cachedKey = string.Format("LISTIDENTIFIERS_{0}_{1}_{2}", classType.Name.ToString(), PermissionAction.Create.ToString(), MembershipHelper.GetUser(userName).UserId); object result = CacheManager.ExpireItem(cachedKey); } } }
public static bool HasEntityPermission(EntityPermission permission, Entity entity, ErpUser user = null) { if (entity == null) { throw new ArgumentNullException("entity"); } if (user == null) { user = CurrentUser; } if (user != null) { //system user has unlimited permissions :) if (user.Id == SystemIds.SystemUserId) { return(true); } switch (permission) { case EntityPermission.Read: return(user.Roles.Any(x => entity.RecordPermissions.CanRead.Any(z => z == x.Id))); case EntityPermission.Create: return(user.Roles.Any(x => entity.RecordPermissions.CanCreate.Any(z => z == x.Id))); case EntityPermission.Update: return(user.Roles.Any(x => entity.RecordPermissions.CanUpdate.Any(z => z == x.Id))); case EntityPermission.Delete: return(user.Roles.Any(x => entity.RecordPermissions.CanDelete.Any(z => z == x.Id))); default: throw new NotSupportedException("Entity permission type is not supported"); } } else { switch (permission) { case EntityPermission.Read: return(entity.RecordPermissions.CanRead.Any(z => z == SystemIds.GuestRoleId)); case EntityPermission.Create: return(entity.RecordPermissions.CanCreate.Any(z => z == SystemIds.GuestRoleId)); case EntityPermission.Update: return(entity.RecordPermissions.CanUpdate.Any(z => z == SystemIds.GuestRoleId)); case EntityPermission.Delete: return(entity.RecordPermissions.CanDelete.Any(z => z == SystemIds.GuestRoleId)); default: throw new NotSupportedException("Entity permission type is not supported"); } } }
public override OperationStatus HasPermission(EntityPermission permission, MemberUser item = null, Guid?threadId = null) { if (permission == EntityPermission.Add) { return(OperationStatus.Granted); } return(base.HasPermission(permission, item, threadId)); }
public void Insert(EntityPermission ep) { if (_entityPermissions.Any(e => e.Action == ep.Action && e.RoleName == ep.RoleName && e.Id == ep.Id)) { throw new InvalidOperationException("Duplicate EntityPermission."); } _entityPermissions.Add(ep); }
public EntityPermission Change(EntityPermission entityPermission) { if (entityPermission.IsNew) { return(PermissionRepository.Save(entityPermission)); } return(PermissionRepository.Update(entityPermission)); }
/// <summary> /// Gets the actions from an EntityPermission /// </summary> public IReadOnlyList <IAction> FromEntityPermission(EntityPermission entityPermission) { IAction[] actions = this.ToArray(); // no worry: internally, it's already an array return(entityPermission.AssignedPermissions .Where(x => x.Length == 1) .SelectMany(x => actions.Where(y => y.Letter == x[0])) .WhereNotNull() .ToList()); }
public static void RemovePermission(Type classType, string identifier) { EntityPermission ep = ControllerManager.EntityPermission.Find(classType.Name, identifier); if (ep != null) { ControllerManager.EntityPermission.Delete(ep); } }
public override EntityPermission Update(EntityPermission permission) { if (permission.ExplicitPermissionToRelatedContents) { ExplicitPermissionToRelatedContents(permission); } return(base.Update(permission)); }
public override EntityPermission Update(EntityPermission permission) { if (ArticleRepository.IsAnyAggregatedFields(permission.ParentEntityId)) { throw new ActionNotAllowedException(ArticleStrings.OperationIsNotAllowedForAggregated); } return(base.Update(permission)); }
public static void UpdateEntityPermission(Type classType, string identifier, string newIdentifier) { EntityPermission ep = ControllerManager.EntityPermission.Find(classType.Name, identifier); if (ep != null) { ControllerManager.EntityPermission.CreateOrUpdate(ep.Name, ep.Code, ep.Description, ep.PermissionAction, newIdentifier, ep.ClassName, ep.ID); } }
public void Create(EntityPermission entityPermission) { using (var uow = this.GetUnitOfWork()) { var entityPermissionRepository = uow.GetRepository <EntityPermission>(); entityPermissionRepository.Put(entityPermission); uow.Commit(); } }
public void AddPermission(Type type, EntityPermission permission) { if (Permissions.ContainsKey(type)) { return; } Permissions.Add(type, permission); }
public EntityPermission Create <T>(string subjectName, string entityName, Type entityType, long key, List <RightType> rights) where T : Subject { if (string.IsNullOrEmpty(subjectName)) { return(null); } if (string.IsNullOrEmpty(entityName)) { return(null); } if (entityType == null) { return(null); } EntityPermission entityPermission = null; using (var uow = this.GetUnitOfWork()) { var entityRepository = uow.GetReadOnlyRepository <Entity>(); var subjectRepository = uow.GetReadOnlyRepository <Subject>(); var subject = subjectRepository.Query(s => s.Name.ToUpperInvariant() == subjectName.ToUpperInvariant() && s is T).FirstOrDefault(); if (subject == null) { return(null); } var entity = entityRepository.Query(e => e.Name.ToUpperInvariant() == entityName.ToUpperInvariant() && e.EntityType == entityType).FirstOrDefault(); if (entity == null) { return(null); } if (Exists(subject, entity, key)) { return(null); } entityPermission = new EntityPermission() { Subject = subject, Entity = entity, Key = key, Rights = rights.Aggregate(0, (current, right) => current | (int)right) }; var entityPermissionRepository = uow.GetRepository <EntityPermission>(); entityPermissionRepository.Put(entityPermission); uow.Commit(); } return(entityPermission); }
public static PermissionViewModel Create(EntityPermission permission, string tabId, int parentId, IPermissionService service, IPermissionViewModelSettings settings = null, bool?isPostBack = null) { var model = Create <PermissionViewModel>(permission, tabId, parentId); model._service = service; model._settings = settings ?? service.ViewModelSettings; model.IsPostBack = isPostBack ?? false; model.Init(); return(model); }
public static ChildEntityPermission CreateFrom(EntityPermission permission, bool createFromParent = true) => new ChildEntityPermission { UserId = permission.UserId, GroupId = permission.GroupId, PermissionLevelId = permission.PermissionLevelId, PropagateToItems = permission.PropagateToItems, CopyParentPermission = createFromParent, ParentEntityId = permission.ParentEntityId, Hide = permission.Hide };
public void Update(EntityPermission entity) { using (var uow = this.GetUnitOfWork()) { var repo = uow.GetRepository <EntityPermission>(); repo.Merge(entity); var merged = repo.Get(entity.Id); repo.Put(merged); uow.Commit(); } }
public override OperationStatus HasPermission(EntityPermission permission, ContentComment item = null, Guid?threadId = null) { if (!Security.IsCurrentUserValid()) { return(OperationStatus.NoPermission); } if (IsCurrentAdminUser()) { return(OperationStatus.Granted); } if (item != null && permission.IsDataChangePermission()) { var currentThread = _threadWork.GetThread(item.Topic.ThreadId); if (item.IsHidden || item.Topic.IsHidden || currentThread.IsHidden || currentThread.IsAbstract) { return(OperationStatus.CommentHasHidden); } if (item.IsLocked || item.Topic.IsLocked || currentThread.IsLocked) { return(OperationStatus.CommentHasLocked); } if (Security.CurrentUser.UserId != item.UserId) { return(OperationStatus.NoPermission); } } if (PermissionNameDictionary.ContainsKey(permission)) { Guid?tId = null; if (item != null && item.Topic != null) { tId = item.Topic.ThreadId; } else if (threadId.HasValue) { tId = threadId; } if (tId == null) { return(PermissionWork.IsPermissionGranted(Security.CurrentUser.RoleId, PermissionNameDictionary[permission]) ? OperationStatus.Granted : OperationStatus.NoPermission); } else { return(PermissionWork.IsPermissionGranted(Security.CurrentUser.RoleId, PermissionNameDictionary[permission], tId) ? OperationStatus.Granted : OperationStatus.NoPermission); } } return(OperationStatus.NoPermission); }
private EntityPermission InnerReadOrDefault(int parentId, int?userId, int?groupId) { var permission = Read(parentId, userId, groupId); if (permission == null) { permission = EntityPermission.Create(parentId, PermissionRepository); permission.GroupId = groupId; permission.UserId = userId; } return(permission); }
public static AlumniEntityPermission ToAlumniEntityPermission(EntityPermission entityPermission) { var alumniEntityPermission = new AlumniEntityPermission { Entity = entityPermission.Entity, Key = entityPermission.Key, Rights = entityPermission.Rights, Subject = entityPermission.Subject }; return(alumniEntityPermission); }
public static EntityPermission ToEntityPermission(AlumniEntityPermission alumniEntityPermission) { var entityPermission = new EntityPermission { Entity = alumniEntityPermission.Entity, Key = alumniEntityPermission.Key, Rights = alumniEntityPermission.Rights, Subject = alumniEntityPermission.Subject }; return(entityPermission); }
public void Determine_Deepest_Explicit_Permissions_For_Group_For_Path_2() { string path = "-1,1,2,3"; int[] pathIds = path.GetIdsFromPathReversed(); string[] defaults = new[] { "A", "B", "C" }; var permissions = new List <EntityPermission> { new EntityPermission(9876, 1, defaults, isDefaultPermissions: true), new EntityPermission(9876, 2, defaults, isDefaultPermissions: true), new EntityPermission(9876, 3, defaults, isDefaultPermissions: true) }; EntityPermission result = UserService.GetPermissionsForPathForGroup(permissions, pathIds, fallbackToDefaultPermissions: false); Assert.IsNull(result); }
public void Create(Subject subject, Entity entity, long key, int rights) { using (var uow = this.GetUnitOfWork()) { var entityPermission = new EntityPermission() { Subject = subject, Entity = entity, Key = key, Rights = rights }; var entityPermissionRepository = uow.GetRepository <EntityPermission>(); entityPermissionRepository.Put(entityPermission); uow.Commit(); } }
public void Update(EntityPermission entityPermission) { var permission = _entityPermissions.SingleOrDefault(ep => ep.Id == entityPermission.Id); if (permission != null) { permission.EntityId = entityPermission.EntityId; permission.Action = entityPermission.Action; permission.RoleName = entityPermission.RoleName; permission.Permission = entityPermission.Permission; } else { throw new Exception("Entity Permision With this id not found"); } }
public static bool HasEntityPermission(EntityPermission permission, Entity entity, ErpUser user = null) { if (entity == null) throw new ArgumentNullException("entity"); if (user == null) user = CurrentUser; if (user != null) { //system user has unlimited permissions :) if (user.Id == SystemIds.SystemUserId) return true; switch (permission) { case EntityPermission.Read: return user.Roles.Any(x => entity.RecordPermissions.CanRead.Any(z => z == x.Id)); case EntityPermission.Create: return user.Roles.Any(x => entity.RecordPermissions.CanCreate.Any(z => z == x.Id)); case EntityPermission.Update: return user.Roles.Any(x => entity.RecordPermissions.CanUpdate.Any(z => z == x.Id)); case EntityPermission.Delete: return user.Roles.Any(x => entity.RecordPermissions.CanDelete.Any(z => z == x.Id)); default: throw new NotSupportedException("Entity permission type is not supported"); } } else { switch (permission) { case EntityPermission.Read: return entity.RecordPermissions.CanRead.Any(z => z == SystemIds.GuestRoleId); case EntityPermission.Create: return entity.RecordPermissions.CanCreate.Any(z => z == SystemIds.GuestRoleId); case EntityPermission.Update: return entity.RecordPermissions.CanUpdate.Any(z => z == SystemIds.GuestRoleId); case EntityPermission.Delete: return entity.RecordPermissions.CanDelete.Any(z => z == SystemIds.GuestRoleId); default: throw new NotSupportedException("Entity permission type is not supported"); } } }
public ModelViewPermission Update(ModelViewPermission model) { EntityPermission data = new EntityPermission() { ProfileID = model.ProfileID, ModuleID = model.ModuleID, Access = model.Access, Add = model.Add, Delete = model.Delete, Export = model.Export, Read = model.Read, Update = model.Update }; data = new RepositoryPermission().Update(data); return(model); }
public void Create(long?subjectId, long entityId, long key, int rights) { using (var uow = this.GetUnitOfWork()) { var entityRepository = uow.GetReadOnlyRepository <Entity>(); var subjectRepository = uow.GetReadOnlyRepository <Subject>(); var entityPermission = new EntityPermission() { Subject = subjectId == null ? null : subjectRepository.Query(s => s.Id == subjectId).FirstOrDefault(), Entity = entityRepository.Get(entityId), Key = key, Rights = rights }; var entityPermissionRepository = uow.GetRepository <EntityPermission>(); entityPermissionRepository.Put(entityPermission); uow.Commit(); } }
/// <summary> /// Gets explicit and default permissions (if requested) permissions for the group for specified entities /// </summary> /// <param name="groups"></param> /// <param name="fallbackToDefaultPermissions">If true will include the group's default permissions if no permissions are explicitly assigned</param> /// <param name="nodeIds">Array of entity Ids, if empty will return permissions for the group for all entities</param> public EntityPermissionCollection GetPermissions(IReadOnlyUserGroup[] groups, bool fallbackToDefaultPermissions, params int[] nodeIds) { if (groups == null) { throw new ArgumentNullException(nameof(groups)); } var groupIds = groups.Select(x => x.Id).ToArray(); var explicitPermissions = GetPermissions(groupIds, nodeIds); var result = new EntityPermissionCollection(explicitPermissions); // If requested, and no permissions are assigned to a particular node, then we will fill in those permissions with the group's defaults if (fallbackToDefaultPermissions) { //if no node ids are passed in, then we need to determine the node ids for the explicit permissions set nodeIds = nodeIds.Length == 0 ? explicitPermissions.Select(x => x.EntityId).Distinct().ToArray() : nodeIds; //if there are still no nodeids we can just exit if (nodeIds.Length == 0) { return(result); } foreach (var group in groups) { foreach (var nodeId in nodeIds) { // TODO: We could/should change the EntityPermissionsCollection into a KeyedCollection and they key could be // a struct of the nodeid + groupid so then we don't actually allocate this class just to check if it's not // going to be included in the result! var defaultPermission = new EntityPermission(group.Id, nodeId, group.Permissions.ToArray(), isDefaultPermissions: true); //Since this is a hashset, this will not add anything that already exists by group/node combination result.Add(defaultPermission); } } } return(result); }
public void Determine_Deepest_Explicit_Permissions_For_Group_For_Path_3() { string path = "-1,1,2,3"; int[] pathIds = path.GetIdsFromPathReversed(); string[] defaults = new[] { "A", "B" }; var permissions = new List <EntityPermission> { new EntityPermission(9876, 1, defaults, isDefaultPermissions: true), new EntityPermission(9876, 2, defaults, isDefaultPermissions: true), new EntityPermission(9876, 3, defaults, isDefaultPermissions: true) }; EntityPermission result = UserService.GetPermissionsForPathForGroup(permissions, pathIds, fallbackToDefaultPermissions: true); Assert.AreEqual(2, result.AssignedPermissions.Length); Assert.IsTrue(result.IsDefaultPermissions); Assert.IsTrue(result.AssignedPermissions.ContainsAll(defaults)); Assert.AreEqual(3, result.EntityId); Assert.AreEqual(9876, result.UserGroupId); }
private EntityPermission Read(int parentId, int?userId, int?groupId) { EntityPermission permission = null; if (!userId.HasValue && !groupId.HasValue) { return(null); } if (userId.HasValue) { permission = ChangeRepository.ReadForUser(parentId, userId.Value); } else if (groupId.HasValue) { permission = ChangeRepository.ReadForGroup(parentId, groupId.Value); } return(permission); }
public bool GetUserOperationPermission(EntityPermission permission, string employeeid) { using (SysUserBLL bll = new SysUserBLL()) { return bll.GetUserOperationPermission(permission, employeeid); } }