private string GetPermissionString(FilePermission p)
{
StringBuilder sb = new StringBuilder();
sb.Append(p.CanRead ? "下载 " : "").Append(p.CanWrite ? "上传 " : "").Append(p.GroupCanWrite ? "修改 " : "");
return(sb.ToString());
}
/// <summary>
/// 获得分页列表,无论是否是缓存实体都从数据库直接拿取数据
/// </summary>
/// <param name="pPageIndex">页数</param>
/// <param name="pPageSize">每页列表</param>
/// <param name="pOrderBy">排序</param>
/// <param name="pSortExpression">排序字段</param>
/// <param name="pRecordCount">列表行数</param>
/// <returns>数据分页</returns>
public static List <FilePermissionInfo> GetPagedList(int pPageIndex, int pPageSize, SortDirection pOrderBy, string pSortExpression, out int pRecordCount)
{
if (pPageIndex <= 1)
{
pPageIndex = 1;
}
List <FilePermissionInfo> list = new List <FilePermissionInfo>();
Query q = FilePermission.CreateQuery();
q.PageIndex = pPageIndex;
q.PageSize = pPageSize;
q.ORDER_BY(pSortExpression, pOrderBy.ToString());
FilePermissionCollection collection = new FilePermissionCollection();
collection.LoadAndCloseReader(q.ExecuteReader());
foreach (FilePermission filePermission in collection)
{
FilePermissionInfo filePermissionInfo = new FilePermissionInfo();
LoadFromDAL(filePermissionInfo, filePermission);
list.Add(filePermissionInfo);
}
pRecordCount = q.GetRecordCount();
return(list);
}
//数据持久化
internal static void SaveToDb(FilePermissionInfo pFilePermissionInfo, FilePermission pFilePermission, bool pIsNew)
{
pFilePermission.FilePermissionId = pFilePermissionInfo.filePermissionId;
pFilePermission.FilePermissionName = pFilePermissionInfo.filePermissionName;
pFilePermission.IsNew = pIsNew;
string UserName = SubsonicHelper.GetUserName();
try
{
pFilePermission.Save(UserName);
}
catch (Exception ex)
{
LogManager.getInstance().getLogger(typeof(FilePermissionInfo)).Error(ex);
if (ex.Message.Contains("插入重复键")) //违反了唯一键
{
throw new AppException("此对象已经存在"); //此处等待优化可以从唯一约束中直接取出提示来,如果没有的话,默认为原始的出错提示
}
throw new AppException("保存失败");
}
pFilePermissionInfo.filePermissionId = pFilePermission.FilePermissionId;
//如果缓存存在,更新缓存
if (CachedEntityCommander.IsTypeRegistered(typeof(FilePermissionInfo)))
{
ResetCache();
}
}
/// <summary>
/// 添加组权限规则
/// </summary>
/// <param name="groupname">组名</param>
/// <param name="vPath">虚拟路径</param>
/// <param name="permission">权限,9位UNIX权限</param>
/// <returns></returns>
public bool AddGroupRule(string groupname, string vPath, string permission)
{
FilePermission f;
try
{
f = new FilePermission(permission);
}
catch (FormatException)
{
return(false);
}
if (!UserGroups.ContainsKey(groupname.ToLower()))
{
return(true);
}
var g = UserGroups[groupname.ToLower()];
string pre = vPath.Trim();
if (g.Rules.ContainsKey(pre))
{
g.Rules[pre] = f;
}
else
{
g.Rules.Add(pre, f);
}
return(true);
}
public async Task<IActionResult> Files(string groupid)
{
string userId = this.User.QID();
if (userId == null)
return Unauthorized();
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId);
QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid);
if(role == null)
return BadRequest(new { Data = "Group not found "});
List<object> jres = new List<object>();
List<IPermissible> files = role.List(user, typeof(FilePermission), false);
foreach (FilePermission file_mem in files)
{
FilePermission file = FileRepository.File(file_mem.ID);
if (file != null)
jres.Add(new {
ID = file.ID,
Name = file.Name,
Owner = file.Owner.FirstName + " " + file.Owner.LastName,
Size = file.Size,
Date = (file.Timestamp.ToString("yyyy/MM/dd")),
Type = file.Type,
Permission = (int)role.Permission(null, file_mem)
});
else
role.Remove(file_mem);
}
return Ok(jres);
}
public ChangeModeFileOperationInfo(FileSystemItemInfo item, FilePermission? userMode, FilePermission? groupMode, FilePermission? otherMode, bool? uidBit, bool? gidBit, bool? stickyBit, bool recursive)
: base(item, recursive)
{
this.UserMode = userMode;
this.GroupMode = groupMode;
this.OtherMode = otherMode;
this.UIDBit = uidBit;
this.GIDBit = gidBit;
this.StickyBit = stickyBit;
}
private void btnAdd_Click(object sender, EventArgs e)
{
if (string.IsNullOrEmpty(_groupName))
{
this.Close();
return;
}
if (!FormUsers.Groups.ContainsKey(_groupName))
{
this.Close();
return;
}
var group = FormUsers.Groups[_groupName];
StringBuilder sb = new StringBuilder();
sb.Append(chkR.Checked ? 'r' : '-')
.Append(chkW.Checked ? 'w' : '-')
.Append("xr")
.Append(chkXW.Checked ? 'w' : '-')
.Append("xr-x");
FilePermission f;
try
{
f = new FilePermission(sb.ToString());
}
catch (FormatException)
{
this.Close();
return;
}
string vdir = txtVirtual.Text;
if (_modify)
{
group.Rules.Remove(_olddir);
}
if (!group.Rules.ContainsKey(vdir))
{
group.Rules.Add(vdir, f);
}
else
{
group.Rules[vdir] = f;
}
this.Close();
return;
}
///////////////////////////////////////////////////////////////////////
public static bool HasFlags(
FilePermission flags,
FilePermission hasFlags,
bool all
)
{
if (all)
{
return((flags & hasFlags) == hasFlags);
}
else
{
return((flags & hasFlags) != FilePermission.None);
}
}
/// <summary>
/// 保存
/// </summary>
public override void Save()
{
if (!m_Loaded) //新增
{
FilePermission filePermission = new FilePermission();
SaveToDb(this, filePermission, true);
}
else //修改
{
FilePermission filePermission = new FilePermission(filePermissionId);
if (filePermission.IsNew)
{
throw new AppException("该数据已经不存在了");
}
SaveToDb(this, filePermission, false);
}
}
/// <summary>
/// 删除
/// </summary>
/// <returns>是否成功</returns>
public override void Delete()
{
if (!m_Loaded)
{
throw new AppException("尚未初始化");
}
bool result = (FilePermission.Delete(FilePermissionId) == 1);
//更新缓存
if (result && CachedEntityCommander.IsTypeRegistered(typeof(FilePermissionInfo)))
{
ResetCache();
}
if (!result)
{
throw new AppException("删除失败,数据可能被删除");
}
}
public FileContentResult File(string fid)
{
string userId = this.User.QID();
if (userId == null)
return null;
FilePermission filep = FileRepository.File(fid);
if (filep != null)
return File(filep.Data, filep.Type, filep.Name);
if (fid.Contains("."))
{
filep = FileRepository.File(fid.Substring(0, fid.LastIndexOf(".")));
if (filep != null)
return File(filep.Data, filep.Type, filep.Name);
}
return null;
}
/*Retrieve a list of file names base on directory name
* The directory name is base on the username. We search for the
* node with a matching name and get all files.
*/
public ArrayList retrieveFiles(Message message)
{
//ArrayList fileList = new ArrayList();
//XmlDocument doc = new XmlDocument();
//doc.Load("../../Authentication/user.xml");
//foreach(XmlNode node in doc.DocumentElement)
//{
// string actualDirectoryName = node["username"].InnerText;
// if(actualDirectoryName.Equals(directory))
// {
// string[] files = node["files"].InnerText.ToString().Split('|');
// fileList.AddRange(files);
// break;
// }
//}
//return fileList;
return(FilePermission.retrieveFiles(message));
}
private void LoadFromId(int filePermissionId)
{
if (CachedEntityCommander.IsTypeRegistered(typeof(FilePermissionInfo)))
{
FilePermissionInfo filePermissionInfo = Find(GetList(), filePermissionId);
if (filePermissionInfo == null)
{
throw new AppException("未能在缓存中找到相应的键值对象");
}
Copy(filePermissionInfo, this);
}
else
{
FilePermission filePermission = new FilePermission(filePermissionId);
if (filePermission.IsNew)
{
throw new AppException("尚未初始化");
}
LoadFromDAL(this, filePermission);
}
}
/// <summary>
/// 判断用户是否具有指定权限操作
/// </summary>
/// <param name="uid">用户ID</param>
/// <param name="fileID">文件ID</param>
/// <param name="access">访问动作</param>
/// <returns></returns>
public static bool Auth(int uid, int fileID, FilePermission access)
{
FileAccessService fileService = new FileAccessService();
File file = fileService.GetFileByFID(fileID);
if (file == null)
{
return(false);
}
//判断文件是否已经归档
if (access == FilePermission.Delete && file.FileArchive)
{
return(false);
}
//1.判断文件是否属于自己
if (file.UserID == uid)
{
//if (CheckFilePermission(file.FileOwner, access))
return(true);
}
//2.判断自己的部门是否和文件所在同一个部门
IList <FileDepartment> fileDepartment = fileService.GetDepartmentByFID(fileID);
IList <Department> userDepartment = fileService.GetDepartmentByUID(uid);
if (CheckFileDepartment(userDepartment, fileDepartment, access))
{
return(true);
}
//3.判断文件共享权限
FileUser fileUser = fileService.GetFileShare(uid, fileID);
if (fileUser != null)
{
if (CheckFilePermission(fileUser.FilePermission, access))
{
return(true);
}
}
return(false);
}
/// <summary>
/// 判断用户是否具有指定权限操作
/// </summary>
/// <param name="uid">用户ID</param>
/// <param name="fileID">文件ID</param>
/// <param name="access">访问动作</param>
/// <returns></returns>
public static bool Auth(int uid, int fileID, FilePermission access)
{
FileAccessService fileService = new FileAccessService();
File file = fileService.GetFileByFID(fileID);
//1.判断文件是否属于自己
if (file.UserID == uid)
{
if (CheckFilePermission(file.FileOwner, access))
{
return(true);
}
}
//2.判断自己的组是否处于文件同意的组中
IList <Role> userRoles = fileService.GetRolesByUID(uid);
IList <Role> fileRoles = fileService.GetRolesByFID(fileID);
if (CheckFileRoles(userRoles, fileRoles))
{
//用戶处于文件所属组中
//判断用户是否可以执行指定操作
if (CheckFilePermission(file.FileRole, access))
{
return(true);
}
}
//3.判断其它组是否能执行指定的操作
if (CheckFilePermission(file.FileOther, access))
{
return(true);
}
//4.判断文件是否借阅给当前用户ID
if (access == FilePermission.Read && fileService.IsShareFile(uid, fileID))
{
return(true);
}
return(false);
}
protected bool HasPermission(FilePermission mode)
{
return this.CurrentUID == 0 ||
((this.OtherMode & mode) == mode) ||
((this.GroupMode & mode) == mode && this.CurrentGID.Contains (this.GID)) ||
((this.UserMode & mode) == mode && this.CurrentUID == this.UID);
}
//从后台获取数据
internal static void LoadFromDAL(FilePermissionInfo pFilePermissionInfo, FilePermission pFilePermission)
{
pFilePermissionInfo.filePermissionId = pFilePermission.FilePermissionId;
pFilePermissionInfo.filePermissionName = pFilePermission.FilePermissionName;
pFilePermissionInfo.Loaded = true;
}
private void LoadFromId(int filePermissionId)
{
if (CachedEntityCommander.IsTypeRegistered(typeof(FilePermissionInfo)))
{
FilePermissionInfo filePermissionInfo=Find(GetList(), filePermissionId);
if(filePermissionInfo==null)
throw new AppException("未能在缓存中找到相应的键值对象");
Copy(filePermissionInfo, this);
}
else
{ FilePermission filePermission=new FilePermission( filePermissionId);
if(filePermission.IsNew)
throw new AppException("尚未初始化");
LoadFromDAL(this, filePermission);
}
}
//数据持久化
internal static void SaveToDb(FilePermissionInfo pFilePermissionInfo, FilePermission pFilePermission,bool pIsNew)
{
pFilePermission.FilePermissionId = pFilePermissionInfo.filePermissionId;
pFilePermission.FilePermissionName = pFilePermissionInfo.filePermissionName;
pFilePermission.IsNew=pIsNew;
string UserName = SubsonicHelper.GetUserName();
try
{
pFilePermission.Save(UserName);
}
catch(Exception ex)
{
LogManager.getInstance().getLogger(typeof(FilePermissionInfo)).Error(ex);
if(ex.Message.Contains("插入重复键"))//违反了唯一键
{
throw new AppException("此对象已经存在");//此处等待优化可以从唯一约束中直接取出提示来,如果没有的话,默认为原始的出错提示
}
throw new AppException("保存失败");
}
pFilePermissionInfo.filePermissionId = pFilePermission.FilePermissionId;
//如果缓存存在,更新缓存
if (CachedEntityCommander.IsTypeRegistered(typeof(FilePermissionInfo)))
{
ResetCache();
}
}
//从后台获取数据
internal static void LoadFromDAL(FilePermissionInfo pFilePermissionInfo, FilePermission pFilePermission)
{
pFilePermissionInfo.filePermissionId = pFilePermission.FilePermissionId;
pFilePermissionInfo.filePermissionName = pFilePermission.FilePermissionName;
pFilePermissionInfo.Loaded=true;
}
/// <summary>
/// 保存
/// </summary>
public override void Save()
{
if(!m_Loaded)//新增
{
FilePermission filePermission=new FilePermission();
SaveToDb(this, filePermission,true);
}
else//修改
{
FilePermission filePermission=new FilePermission(filePermissionId);
if(filePermission.IsNew)
throw new AppException("该数据已经不存在了");
SaveToDb(this, filePermission,false);
}
}
/// <summary>
/// Returns the permissions for the given codesource object.
/// The implementation of this method first calls super.getPermissions
/// and then adds permissions based on the URL of the codesource.
/// <para>
/// If the protocol of this URL is "jar", then the permission granted
/// is based on the permission that is required by the URL of the Jar
/// file.
/// </para>
/// <para>
/// If the protocol is "file" and there is an authority component, then
/// permission to connect to and accept connections from that authority
/// may be granted. If the protocol is "file"
/// and the path specifies a file, then permission to read that
/// file is granted. If protocol is "file" and the path is
/// a directory, permission is granted to read all files
/// and (recursively) all files and subdirectories contained in
/// that directory.
/// </para>
/// <para>
/// If the protocol is not "file", then permission
/// to connect to and accept connections from the URL's host is granted.
/// </para>
/// </summary>
/// <param name="codesource"> the codesource </param>
/// <exception cref="NullPointerException"> if {@code codesource} is {@code null}. </exception>
/// <returns> the permissions granted to the codesource </returns>
protected internal override PermissionCollection GetPermissions(CodeSource codesource)
{
PermissionCollection perms = base.GetPermissions(codesource);
URL url = codesource.Location;
Permission p;
URLConnection urlConnection;
try
{
urlConnection = url.OpenConnection();
p = urlConnection.Permission;
}
catch (IOException)
{
p = null;
urlConnection = null;
}
if (p is FilePermission)
{
// if the permission has a separator char on the end,
// it means the codebase is a directory, and we need
// to add an additional permission to read recursively
String path = p.Name;
if (path.EndsWith(File.Separator))
{
path += "-";
p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);
}
}
else if ((p == null) && (url.Protocol.Equals("file")))
{
String path = url.File.Replace('/', System.IO.Path.DirectorySeparatorChar);
path = ParseUtil.decode(path);
if (path.EndsWith(File.Separator))
{
path += "-";
}
p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);
}
else
{
/// <summary>
/// Not loading from a 'file:' URL so we want to give the class
/// permission to connect to and accept from the remote host
/// after we've made sure the host is the correct one and is valid.
/// </summary>
URL locUrl = url;
if (urlConnection is JarURLConnection)
{
locUrl = ((JarURLConnection)urlConnection).JarFileURL;
}
String host = locUrl.Host;
if (host != null && (host.Length() > 0))
{
p = new SocketPermission(host, SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION);
}
}
// make sure the person that created this class loader
// would have this permission
if (p != null)
{
//JAVA TO C# CONVERTER WARNING: The original Java variable was marked 'final':
//ORIGINAL LINE: final SecurityManager sm = System.getSecurityManager();
SecurityManager sm = System.SecurityManager;
if (sm != null)
{
//JAVA TO C# CONVERTER WARNING: The original Java variable was marked 'final':
//ORIGINAL LINE: final java.security.Permission fp = p;
Permission fp = p;
AccessController.doPrivileged(new PrivilegedActionAnonymousInnerClassHelper3(this, sm, fp), Acc);
}
perms.Add(p);
}
return(perms);
}
public FilePermissions(FilePermission user, FilePermission group, FilePermission other)
{
this.User = user;
this.Group = group;
this.Other = other;
}
/// <summary>
/// Initializes a new instance of the <see cref="RtspClient"/> class.
/// </summary>
public RtspClient()
{
this.filePermission = new FilePermission();
}
/*
* compare the file string in the message object to the author. If the author matches
* the file owner, then grant permission to the user of their choice.
*/
public string grantFilePermission(Message message)
{
return(FilePermission.grantFilePermission(message));
}
public ArrayList retrieveSharedFiles(Message message)
{
return(FilePermission.retrieveSharedFiles(message));
}
/// <summary>
/// 验证当前持有的权限是否可以做指定的操作
/// </summary>
/// <param name="holdPermission">当前持有权限</param>
/// <param name="access">目标操作</param>
/// <returns></returns>
private static bool CheckFilePermission(int holdPermission, FilePermission access)
{
return(((int)access & holdPermission) == (int)access);
}
private static bool CheckFileDepartment(IList <Department> userDepartment, IList <FileDepartment> fileDepartment, FilePermission access)
{
foreach (var d1 in userDepartment)
{
foreach (var d2 in fileDepartment)
{
if (d1.DepartmentID == d2.DepartmentID)
{
if (CheckFilePermission((int)d2.FilePermission, access))
{
return(true);
}
}
}
}
return(false);
}
private void btnAdd_Click(object sender, EventArgs e)
{
if (string.IsNullOrEmpty(_groupName))
{
this.Close();
return;
}
var userGroups = FormUsers.Groups;
if (Directory.Exists(txtDir.Text) || File.Exists(txtDir.Text))
{
if (userGroups.ContainsKey(_groupName.ToLower()))
{
var group = userGroups[_groupName.ToLower()];
if (_modify)
{
group.Links.Remove(_oldRealPath);
}
if (!group.Links.ContainsKey(txtDir.Text))
{
group.Links.Add(txtDir.Text, txtVirtual.Text);
}
else
{
group.Links[txtDir.Text] = txtVirtual.Text;
}
if (!chkDefault.Checked)
{
StringBuilder sb = new StringBuilder();
sb.Append(chkR.Checked ? 'r' : '-')
.Append(chkW.Checked ? 'w' : '-')
.Append("xr")
.Append(chkXW.Checked ? 'w' : '-')
.Append("xr-x");
FilePermission f;
try
{
f = new FilePermission(sb.ToString());
}
catch (FormatException)
{
this.Close();
return;
}
string vdir = VPath.Combine(txtVirtual.Text, _fileName); //BUG:有待考证
if (!group.Rules.ContainsKey(vdir))
{
group.Rules.Add(vdir, f);
}
else
{
group.Rules[vdir] = f;
}
}
}
this.Close();
}
else
{
MessageBox.Show("文件路径有误!", "ERROR");
}
return;
}
