Example #1
0
        /// <summary>
        /// Sets the ACL.
        /// </summary>
        /// <param name="control">The control.</param>
        /// <param name="acl">The acl.</param>
        /// <param name="ValidateACL">if set to <c>true</c> [validate ACL].</param>
        public static void SetACL(IIbnControl control, ReportAccessControList acl)
        {
            if(control==null)
                throw new ArgumentNullException("control");

            if(acl==null)
                throw new ArgumentNullException("acl");

            if(acl.OwnerReportId == 0)
                throw new ArgumentException("You can not use a dettached ACL.","acl");

            // Validation 1 - 2
            //			if(ValidateACL)
            //			{
            //				if(acl.Count==0)
            //					throw new AllUserAccessWillBeDeniedException();
            //			}

            using(Mediachase.IBN.Database.DbTransaction tran = Mediachase.IBN.Database.DbTransaction.Begin())
            {
                // Step 3. Update Common ACEs
                if(acl.IsChanged)
                {
                    DBReportAccessControList.Clear(acl.Id);

                    foreach(ReportAccessControlEntry ace in acl)
                    {
                        DBReportAccessControList.AddAce(acl.Id,ace.Role,ace.PrincipalId,ace.Action,ace.Allow, false);

                        if(ace.Allow)
                        {
                            foreach(string BaseAction in control.GetBaseActions(ace.Action))
                            {
                                DBReportAccessControList.AddAce(acl.Id,ace.Role,ace.PrincipalId,BaseAction,ace.Allow, true);
                            }
                        }
                        else
                        {
                            foreach(string BaseAction in control.GetDerivedActions(ace.Action))
                            {
                                DBReportAccessControList.AddAce(acl.Id,ace.Role,ace.PrincipalId,BaseAction,ace.Allow, true);
                            }
                        }
                    }
                }

                // Validation 2 - 2
            //				if(ValidateACL)
            //				{
            //					if(!DBFileStorage.CanUserRunAction(Security.CurrentUser.UserID, control.OwnerContainer.Key , acl.OwnerReportId, "Admin"))
            //						throw new AdminAccessWillBeDeniedException();
            //				}

                tran.Commit();
            }
        }
Example #2
0
        /// <summary>
        /// Sets the ACL.
        /// </summary>
        /// <param name="control">The control.</param>
        /// <param name="acl">The acl.</param>
        /// <param name="ValidateACL">if set to <c>true</c> [validate ACL].</param>
        public static void SetACL(IIbnControl control, AccessControlList acl)
        {
            if (control == null)
            {
                throw new ArgumentNullException("control");
            }

            if (acl == null)
            {
                throw new ArgumentNullException("acl");
            }

            if (acl.OwnerDirectoryId == 0)
            {
                throw new ArgumentException("You can not use a dettached ACL.", "acl");
            }

            using (DBTransaction tran = DBHelper2.DBHelper.BeginTransaction())
            {
                // Step 2. Update Inherited ACEs
                if (acl.IsInheritedChanged)
                {
                    if (acl.IsInherited)
                    {
                        DBAccessControlList.TurnOnIsInherited(acl.Id);
                    }
                    else
                    {
                        DBAccessControlList.TurnOffIsInherited(acl.Id, false);
                    }
                }

                // Step 3. Update Common ACEs
                if (acl.IsChanged)
                {
                    DBAccessControlList.Clear(acl.Id);

                    foreach (AccessControlEntry ace in acl)
                    {
                        if (!ace.IsIherited)
                        {
                            DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, ace.Action, ace.Allow, false);

                            if (ace.Allow)
                            {
                                foreach (string BaseAction in control.GetBaseActions(ace.Action))
                                {
                                    DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true);
                                }
                            }
                            else
                            {
                                foreach (string BaseAction in control.GetDerivedActions(ace.Action))
                                {
                                    DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true);
                                }
                            }
                        }
                    }
                }

                // Step 4. Update child ACL
                DBAccessControlList.RefreshInheritedACL(acl.OwnerDirectoryId);

                tran.Commit();
            }
        }
Example #3
0
        /// <summary>
        /// Sets the ACL.
        /// </summary>
        /// <param name="control">The control.</param>
        /// <param name="acl">The acl.</param>
        /// <param name="ValidateACL">if set to <c>true</c> [validate ACL].</param>
        public static void SetACL(IIbnControl control, AccessControlList acl, bool ValidateACL)
        {
            if(control==null)
                throw new ArgumentNullException("control");

            if(acl==null)
                throw new ArgumentNullException("acl");

            if(acl.OwnerDirectoryId == 0)
                throw new ArgumentException("You can not use a dettached ACL.","acl");

            // Validation 1 - 2
            if(ValidateACL)
            {
                if(acl.Count==0)
                    throw new AllUserAccessWillBeDeniedException();
            }

            using(Mediachase.IBN.Database.DbTransaction tran = Mediachase.IBN.Database.DbTransaction.Begin())
            {
                // Step 2. Update Inherited ACEs
                if(acl.IsInheritedChanged)
                {
                    if(acl.IsInherited)
                    {
                        DBAccessControlList.TurnOnIsInherited(acl.Id);
                    }
                    else
                    {
                        DBAccessControlList.TurnOffIsInherited(acl.Id,false);
                    }
                }

                // Step 3. Update Common ACEs
                if(acl.IsChanged)
                {
                    DBAccessControlList.Clear(acl.Id);

                    foreach(AccessControlEntry ace in acl)
                    {
                        if(!ace.IsIherited)
                        {
                            DBAccessControlList.AddAce(acl.Id,ace.Role,ace.PrincipalId,ace.Action,ace.Allow, false, ace.OwnerKey);

                            if(ace.Allow)
                            {
                                foreach(string BaseAction in control.GetBaseActions(ace.Action))
                                {
                                    DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true, ace.OwnerKey);
                                }
                            }
                            else
                            {
                                foreach(string BaseAction in control.GetDerivedActions(ace.Action))
                                {
                                    DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true, ace.OwnerKey);
                                }
                            }
                        }
                    }
                }

                // Step 4. Update child ACL
                DBAccessControlList.RefreshInheritedACL(acl.OwnerDirectoryId);

                // Validation 2 - 2
                if(ValidateACL)
                {
                    if(!FileStorage.CanUserRunAction(Security.CurrentUser.UserID, control.OwnerContainer.Key, acl.OwnerDirectoryId, "Admin"))
                        throw new AdminAccessWillBeDeniedException();
                }

                tran.Commit();
            }
        }
Example #4
0
        /// <summary>
        /// Sets the ACL.
        /// </summary>
        /// <param name="control">The control.</param>
        /// <param name="acl">The acl.</param>
        /// <param name="ValidateACL">if set to <c>true</c> [validate ACL].</param>
        public static void SetACL(IIbnControl control, AccessControlList acl, bool ValidateACL)
        {
            if (control == null)
            {
                throw new ArgumentNullException("control");
            }

            if (acl == null)
            {
                throw new ArgumentNullException("acl");
            }

            if (acl.OwnerDirectoryId == 0)
            {
                throw new ArgumentException("You can not use a dettached ACL.", "acl");
            }

            // Validation 1 - 2
            if (ValidateACL)
            {
                if (acl.Count == 0)
                {
                    throw new AllUserAccessWillBeDeniedException();
                }
            }

            using (Mediachase.IBN.Database.DbTransaction tran = Mediachase.IBN.Database.DbTransaction.Begin())
            {
                // Step 2. Update Inherited ACEs
                if (acl.IsInheritedChanged)
                {
                    if (acl.IsInherited)
                    {
                        DBAccessControlList.TurnOnIsInherited(acl.Id);
                    }
                    else
                    {
                        DBAccessControlList.TurnOffIsInherited(acl.Id, false);
                    }
                }

                // Step 3. Update Common ACEs
                if (acl.IsChanged)
                {
                    DBAccessControlList.Clear(acl.Id);

                    foreach (AccessControlEntry ace in acl)
                    {
                        if (!ace.IsIherited)
                        {
                            DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, ace.Action, ace.Allow, false, ace.OwnerKey);

                            if (ace.Allow)
                            {
                                foreach (string BaseAction in control.GetBaseActions(ace.Action))
                                {
                                    DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true, ace.OwnerKey);
                                }
                            }
                            else
                            {
                                foreach (string BaseAction in control.GetDerivedActions(ace.Action))
                                {
                                    DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true, ace.OwnerKey);
                                }
                            }
                        }
                    }
                }

                // Step 4. Update child ACL
                DBAccessControlList.RefreshInheritedACL(acl.OwnerDirectoryId);

                // Validation 2 - 2
                if (ValidateACL)
                {
                    if (!FileStorage.CanUserRunAction(Security.CurrentUser.UserID, control.OwnerContainer.Key, acl.OwnerDirectoryId, "Admin"))
                    {
                        throw new AdminAccessWillBeDeniedException();
                    }
                }

                tran.Commit();
            }
        }
Example #5
0
        /// <summary>
        /// Sets the ACL.
        /// </summary>
        /// <param name="control">The control.</param>
        /// <param name="acl">The acl.</param>
        /// <param name="ValidateACL">if set to <c>true</c> [validate ACL].</param>
        public static void SetACL(IIbnControl control, AccessControlList acl)
        {
            if(control==null)
                throw new ArgumentNullException("control");

            if(acl==null)
                throw new ArgumentNullException("acl");

            if(acl.OwnerDirectoryId == 0)
                throw new ArgumentException("You can not use a dettached ACL.","acl");

            using(DBTransaction tran = DBHelper2.DBHelper.BeginTransaction())
            {
                // Step 2. Update Inherited ACEs
                if(acl.IsInheritedChanged)
                {
                    if(acl.IsInherited)
                    {
                        DBAccessControlList.TurnOnIsInherited(acl.Id);
                    }
                    else
                    {
                        DBAccessControlList.TurnOffIsInherited(acl.Id,false);
                    }
                }

                // Step 3. Update Common ACEs
                if(acl.IsChanged)
                {
                    DBAccessControlList.Clear(acl.Id);

                    foreach(AccessControlEntry ace in acl)
                    {
                        if(!ace.IsIherited)
                        {
                            DBAccessControlList.AddAce(acl.Id,ace.Role,ace.PrincipalId,ace.Action,ace.Allow, false);

                            if(ace.Allow)
                            {
                                foreach(string BaseAction in control.GetBaseActions(ace.Action))
                                {
                                    DBAccessControlList.AddAce(acl.Id,ace.Role,ace.PrincipalId,BaseAction,ace.Allow, true);
                                }
                            }
                            else
                            {
                                foreach(string BaseAction in control.GetDerivedActions(ace.Action))
                                {
                                    DBAccessControlList.AddAce(acl.Id,ace.Role,ace.PrincipalId,BaseAction,ace.Allow, true);
                                }
                            }
                        }
                    }
                }

                // Step 4. Update child ACL
                DBAccessControlList.RefreshInheritedACL(acl.OwnerDirectoryId);

                tran.Commit();
            }
        }
Example #6
0
        /// <summary>
        /// Sets the ACL.
        /// </summary>
        /// <param name="control">The control.</param>
        /// <param name="acl">The acl.</param>
        /// <param name="ValidateACL">if set to <c>true</c> [validate ACL].</param>
        public static void SetACL(IIbnControl control, ReportAccessControList acl)
        {
            if (control == null)
            {
                throw new ArgumentNullException("control");
            }

            if (acl == null)
            {
                throw new ArgumentNullException("acl");
            }

            if (acl.OwnerReportId == 0)
            {
                throw new ArgumentException("You can not use a dettached ACL.", "acl");
            }

            // Validation 1 - 2
//			if(ValidateACL)
//			{
//				if(acl.Count==0)
//					throw new AllUserAccessWillBeDeniedException();
//			}

            using (Mediachase.IBN.Database.DbTransaction tran = Mediachase.IBN.Database.DbTransaction.Begin())
            {
                // Step 3. Update Common ACEs
                if (acl.IsChanged)
                {
                    DBReportAccessControList.Clear(acl.Id);

                    foreach (ReportAccessControlEntry ace in acl)
                    {
                        DBReportAccessControList.AddAce(acl.Id, ace.Role, ace.PrincipalId, ace.Action, ace.Allow, false);

                        if (ace.Allow)
                        {
                            foreach (string BaseAction in control.GetBaseActions(ace.Action))
                            {
                                DBReportAccessControList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true);
                            }
                        }
                        else
                        {
                            foreach (string BaseAction in control.GetDerivedActions(ace.Action))
                            {
                                DBReportAccessControList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true);
                            }
                        }
                    }
                }

                // Validation 2 - 2
//				if(ValidateACL)
//				{
//					if(!DBFileStorage.CanUserRunAction(Security.CurrentUser.UserID, control.OwnerContainer.Key , acl.OwnerReportId, "Admin"))
//						throw new AdminAccessWillBeDeniedException();
//				}

                tran.Commit();
            }
        }