/// <summary>
/// Gets the child content ids for this tree given a <paramref name="parentId"/>.
/// </summary>
/// <param name="parentId">The parent id.</param>
/// <param name="uow">The uow.</param>
/// <returns></returns>
protected virtual HiveId[] GetChildContentIds(HiveId parentId, IReadonlyGroupUnit <IContentStore> uow)
{
var childIds = uow.Repositories.GetChildRelations(parentId, FixedRelationTypes.DefaultRelationType)
.Select(x => x.DestinationId).ToArray();
return(childIds);
}
public PermissionResult GetExplicitPermission(Guid permissionId, IEnumerable<HiveId> userGroupIds, IReadonlyGroupUnit<ISecurityStore> securityUow, HiveId entityId = default(HiveId))
{
Mandate.ParameterNotNull(userGroupIds, "userGroupIds");
//get/store the result in scoped cache
var ids = userGroupIds.ToList();
ids.Sort((id1, id2) => id1.ToString().CompareTo(id2.ToString())); // Sort the list of ids so that the cache key is the same regardless of order of passed in collection
var key = "explicit-permission-" + (permissionId.ToString("N") + string.Join("", ids.Select(x => x.ToString())) + entityId).ToMd5();
return Hive.FrameworkContext.ScopedCache.GetOrCreateTyped<PermissionResult>(key, () =>
{
// Get the permission reference
if (!_permissions.Exists(permissionId))
throw new InvalidOperationException("Unable to find a Permission with the id '" + permissionId + "'");
// If value is null, or permission is not an entity permission, just use the system root
if (entityId.IsNullValueOrEmpty() || _permissions.Single(x => x.Metadata.Id == permissionId).Metadata.Type != FixedPermissionTypes.EntityAction)
entityId = FixedHiveIds.SystemRoot;
HiveId source;
var status = GetPermissionStatus(permissionId, ids, entityId, out source, securityUow);
return new PermissionResult(_permissions.Get(permissionId).Value, source, status);
});
}
/// <summary>
/// Filters a sequence of <see cref="HiveId"/> where user <paramref name="userId"/> has permission <paramref name="permissionIds"/> by checking with <paramref name="securityService"/>.
/// </summary>
/// <param name="entityIds">The entity ids.</param>
/// <param name="permissionsyService">The permissionsy service.</param>
/// <param name="userId">The user id.</param>
/// <param name="entityUow">The entity uow.</param>
/// <param name="securityUow">The security uow.</param>
/// <param name="permissionIds">The permission ids.</param>
/// <returns></returns>
public static IEnumerable <HiveId> FilterWithPermissions(this IEnumerable <HiveId> entityIds,
IPermissionsService permissionsyService,
HiveId userId,
IReadonlyGroupUnit <IContentStore> entityUow,
IReadonlyGroupUnit <ISecurityStore> securityUow,
params Guid[] permissionIds)
{
return(entityIds.Where(id => permissionsyService.GetEffectivePermissions(userId, entityUow, securityUow, id, permissionIds).AreAllAllowed()));
}
/// <summary>
/// Filters a sequence of <see cref="HiveId"/> where the Anonymous <see cref="UserGroup"/> has permissions <paramref name="permissionIds"/> by checking with <paramref name="securityService"/>.
/// </summary>
/// <param name="entityIds">The entity ids.</param>
/// <param name="securityService">The security service.</param>
/// <param name="entityUow">The entity uow.</param>
/// <param name="securityUow">The security uow.</param>
/// <param name="permissionIds">The permission ids.</param>
/// <returns></returns>
public static IEnumerable <HiveId> FilterAnonymousWithPermissions(this IEnumerable <HiveId> entityIds,
ISecurityService securityService,
IReadonlyGroupUnit <IContentStore> entityUow,
IReadonlyGroupUnit <ISecurityStore> securityUow,
Guid firstPermission,
params Guid[] permissionIds)
{
var anonymousUserGroup = securityService.GetAnonymousUserGroup(securityUow);
if (anonymousUserGroup == null || firstPermission == Guid.Empty)
{
return(Enumerable.Empty <HiveId>());
}
return(entityIds.Where(id => securityService.GetEffectivePermissions(anonymousUserGroup.Id.AsEnumerableOfOne(), entityUow, securityUow, id, firstPermission.AsEnumerableOfOne().Concat(permissionIds).ToArray()).AreAllAllowed()));
}
/// <summary>`
/// Sets up a Member by Member Type alias.
/// </summary>
/// <param name="member">The member.</param>
/// <param name="alias">The alias.</param>
/// <param name="uow">The uow.</param>
public static void SetupFromSchema(this Member member, string alias, IReadonlyGroupUnit<ISecurityStore> uow)
{
var memberGroupRelations = uow.Repositories.Schemas
.GetDescendentRelations(FixedHiveIds.MasterMemberProfileSchema, FixedRelationTypes.DefaultRelationType);
var memberTypes = uow.Repositories.Schemas
.Get<EntitySchema>(true, memberGroupRelations.Select(x => x.DestinationId).ToArray());
var memberType = memberTypes.SingleOrDefault(x => x.Alias.Equals(alias, StringComparison.InvariantCultureIgnoreCase));
if (memberType == null)
throw new ApplicationException(string.Format("No member type found with the alias '{0}'", alias));
var compositeMemberType = uow.Repositories.Schemas.GetComposite(memberType);
member.SetupFromSchema(compositeMemberType);
}
public static Rebel.Framework.Persistence.Model.IO.File GetPackageFileById(IReadonlyGroupUnit <IFileStore> uow,
HiveId id)
{
var folder = uow.Repositories.Get <Rebel.Framework.Persistence.Model.IO.File>(id);
if (folder == null)
{
return(null);
}
var fileIds = uow.Repositories.GetChildRelations(folder.Id).Select(x => x.DestinationId).ToArray();
var files = uow.Repositories.Get <Rebel.Framework.Persistence.Model.IO.File>(true, fileIds);
var packageFile = files.SingleOrDefault(x => x.Name.EndsWith(".nupkg"));
return(packageFile);
}
private string GetViewHtml(IRebelRenderModel model)
{
using (IReadonlyGroupUnit <IFileStore> uow =
_context.Hive.OpenReader <IFileStore>(new Uri("storage://templates")))
{
File templateFile = model.CurrentNode.CurrentTemplate != null
? uow.Repositories.Get <File>(model.CurrentNode.CurrentTemplate.Id)
: null;
if (templateFile != null)
{
return(RenderRazorViewToString(templateFile, model.CurrentNode));
}
}
return(String.Empty);
}
/// <summary>`
/// Sets up a Member by Member Type alias.
/// </summary>
/// <param name="member">The member.</param>
/// <param name="alias">The alias.</param>
/// <param name="uow">The uow.</param>
public static void SetupFromSchema(this Member member, string alias, IReadonlyGroupUnit <ISecurityStore> uow)
{
var memberGroupRelations = uow.Repositories.Schemas
.GetDescendentRelations(FixedHiveIds.MasterMemberProfileSchema, FixedRelationTypes.DefaultRelationType);
var memberTypes = uow.Repositories.Schemas
.Get <EntitySchema>(true, memberGroupRelations.Select(x => x.DestinationId).ToArray());
var memberType = memberTypes.SingleOrDefault(x => x.Alias.Equals(alias, StringComparison.InvariantCultureIgnoreCase));
if (memberType == null)
{
throw new ApplicationException(string.Format("No member type found with the alias '{0}'", alias));
}
var compositeMemberType = uow.Repositories.Schemas.GetComposite(memberType);
member.SetupFromSchema(compositeMemberType);
}
public static PackageDefinition GetPackageDefinitionById(IReadonlyGroupUnit <IFileStore> uow,
HiveId id)
{
var folder = uow.Repositories.Get <Rebel.Framework.Persistence.Model.IO.File>(id);
if (folder == null)
{
return(null);
}
var fileIds = uow.Repositories.GetChildRelations(folder.Id).Select(x => x.DestinationId).ToArray();
var files = uow.Repositories.Get <Rebel.Framework.Persistence.Model.IO.File>(true, fileIds);
var definitionFile = files.SingleOrDefault(x => x.Name.EndsWith(".definition"));
if (definitionFile == null)
{
return(null);
}
var contents = Encoding.UTF8.GetString(definitionFile.ContentBytes);
if (string.IsNullOrWhiteSpace(contents))
{
return(null);
}
try
{
var def = contents.DeserializeJson <PackageDefinition>();
def.Id = id;
return(def);
}
catch (global::System.Exception)
{
return(null);
}
}
public PermissionResult GetExplicitPermission(Guid permissionId, IEnumerable <HiveId> userGroupIds, IReadonlyGroupUnit <ISecurityStore> securityUow, HiveId entityId = default(HiveId))
{
Mandate.ParameterNotNull(userGroupIds, "userGroupIds");
//get/store the result in scoped cache
var ids = userGroupIds.ToList();
ids.Sort((id1, id2) => id1.ToString().CompareTo(id2.ToString())); // Sort the list of ids so that the cache key is the same regardless of order of passed in collection
var key = "explicit-permission-" + (permissionId.ToString("N") + string.Join("", ids.Select(x => x.ToString())) + entityId).ToMd5();
return(Hive.FrameworkContext.ScopedCache.GetOrCreateTyped <PermissionResult>(key, () =>
{
// Get the permission reference
if (!_permissions.Exists(permissionId))
{
throw new InvalidOperationException("Unable to find a Permission with the id '" + permissionId + "'");
}
// If value is null, or permission is not an entity permission, just use the system root
if (entityId.IsNullValueOrEmpty() || _permissions.Single(x => x.Metadata.Id == permissionId).Metadata.Type != FixedPermissionTypes.EntityAction)
{
entityId = FixedHiveIds.SystemRoot;
}
HiveId source;
var status = GetPermissionStatus(permissionId, ids, entityId, out source, securityUow);
return new PermissionResult(_permissions.Get(permissionId).Value, source, status);
}));
}
/// <summary>
/// Gets the permission status using an existing, open unit of work.
/// </summary>
/// <param name="permissionId">The permission id.</param>
/// <param name="userGroupIds">The user group ids.</param>
/// <param name="entityId">The entity id.</param>
/// <param name="source">The source.</param>
/// <param name="uow">The unit of work.</param>
/// <returns></returns>
protected PermissionStatus GetPermissionStatus(Guid permissionId, IEnumerable <HiveId> userGroupIds, HiveId entityId, out HiveId source, IReadonlyGroupUnit <ISecurityStore> uow)
{
// Check for Administrator group membership, and just return true if so
var adminUserGroup = Hive.FrameworkContext.ScopedCache.GetOrCreateTyped("ss_administrator-group",
() => uow.Repositories.Query <UserGroup>().FirstOrDefault(x => x.Name == "Administrator"));
//TODO: Had to change to only compare values, as for some reason, the ProviderGroupRoots are different
var enumeratedGroupIds = userGroupIds.ToArray();
if (adminUserGroup != null && enumeratedGroupIds.Any(x => x.Value == adminUserGroup.Id.Value))
{
source = HiveId.Empty;
return(PermissionStatus.Allow);
}
// Get permission relations for current ancestor
var parentRelationsKey = "ss_parent-relations-" + entityId + string.Join("|", enumeratedGroupIds.OrderBy(x => x.ToString())).ToMd5();
var relations = Hive.FrameworkContext.ScopedCache.GetOrCreateTyped(parentRelationsKey,
() =>
{
var relationByIds = uow.Repositories.GetParentRelations(entityId, FixedRelationTypes.PermissionRelationType).ToArray();
// Comparing by value as schemas are not coming back out of Hive for some reason
return(relationByIds.Where(x => enumeratedGroupIds.Any(y => y.Value == x.SourceId.Value)).ToArray());
});
// Check for an EXPLICIT Deny permission
// Deny comes first, as if multiple permission definitions at same level have conflicting status, Deny trumps Allow
var denyRelation = relations.FirstOrDefault(relation => relation.MetaData.Any(x => x.Key.ToLower() == permissionId.ToString().ToLower() && x.Value == PermissionStatus.Deny.ToString()));
if (denyRelation != null)
{
source = denyRelation.DestinationId;
return(PermissionStatus.Deny);
}
// Check for an EXPLICIT Allow permission
var allowRelation = relations.FirstOrDefault(relation => relation.MetaData.Any(x => x.Key.ToLower() == permissionId.ToString().ToLower() && x.Value == PermissionStatus.Allow.ToString()));
if (allowRelation != null)
{
source = allowRelation.DestinationId;
return(PermissionStatus.Allow);
}
// Check for an EXPLICIT Inherit permission
var inheritRelation = relations.FirstOrDefault(relation => relation.MetaData.Any(x => x.Key.ToLower() == permissionId.ToString().ToLower() && x.Value == PermissionStatus.Inherit.ToString()));
if (inheritRelation != null)
{
source = inheritRelation.DestinationId;
return(PermissionStatus.Inherit);
}
source = HiveId.Empty;
return(PermissionStatus.Inherit);
}
public PermissionResult GetEffectivePermission(Guid permissionId, IEnumerable <HiveId> userGroupIds, IReadonlyGroupUnit <IContentStore> uow, IReadonlyGroupUnit <ISecurityStore> securityUow, HiveId entityId = default(HiveId))
{
Mandate.ParameterNotNull(userGroupIds, "userGroupIds");
var explicitPermission = GetExplicitPermission(permissionId, userGroupIds, securityUow, entityId);
return(explicitPermission.Status != PermissionStatus.Inherit
? explicitPermission
: GetInheritedPermission(permissionId, userGroupIds, uow, entityId));
}
public PermissionResults GetEffectivePermissions(IEnumerable <HiveId> userGroupIds, IReadonlyGroupUnit <IContentStore> uow, IReadonlyGroupUnit <ISecurityStore> securityUow, HiveId entityId = default(HiveId), params Guid[] permissionIds)
{
return(new PermissionResults(permissionIds.Select(permissionId => GetEffectivePermission(permissionId, userGroupIds, uow, securityUow, entityId)).ToArray()));
}
/// <summary>
/// Determines whether the specified entity is media.
/// </summary>
/// <param name="entity">The entity.</param>
/// <param name="uow"></param>
/// <returns>
/// <c>true</c> if the specified entity is media; otherwise, <c>false</c>.
/// </returns>
public static bool IsMedia(this TypedEntity entity, IReadonlyGroupUnit <IContentStore> uow)
{
return(uow.Repositories.GetAncestorRelations(entity.Id, FixedRelationTypes.DefaultRelationType).Any(x => x.SourceId.Value == FixedHiveIds.MediaVirtualRoot.Value));
}
/// <summary>
/// Gets the child content ids for this tree given a <paramref name="parentId"/>.
/// </summary>
/// <param name="parentId">The parent id.</param>
/// <param name="uow">The uow.</param>
/// <returns></returns>
protected virtual HiveId[] GetChildContentIds(HiveId parentId, IReadonlyGroupUnit<IContentStore> uow)
{
var childIds = uow.Repositories.GetChildRelations(parentId, FixedRelationTypes.DefaultRelationType)
.Select(x => x.DestinationId).ToArray();
return childIds;
}
internal static UserGroup GetAnonymousUserGroup(this ISecurityService securityService, IReadonlyGroupUnit<ISecurityStore> openUnit)
{
var group = openUnit.Repositories.Query<UserGroup>().FirstOrDefault(x => x.Name == "Anonymous");
return group;
}
public PermissionResult GetInheritedPermission(Guid permissionId, IEnumerable<HiveId> userGroupIds, IReadonlyGroupUnit<IContentStore> uow, HiveId entityId = default(HiveId))
{
Mandate.ParameterNotNull(userGroupIds, "userGroupIds");
//get/store the result in scoped cache
var ids = userGroupIds.ToList();
ids.Sort((id1, id2) => id1.ToString().CompareTo(id2.ToString())); // Sort the list of ids so that the cache key is the same regardless of order of passed in collection
var key = "inherited-permission-" + (permissionId.ToString("N") + string.Join("", ids.Select(x => x.ToString())) + entityId).ToMd5();
return Hive.FrameworkContext.ScopedCache.GetOrCreateTyped<PermissionResult>(key, () =>
{
// Get the permission reference
if (!_permissions.Exists(permissionId))
throw new InvalidOperationException("Unable to find a Permission with the id '" + permissionId + "'");
if (entityId.IsNullValueOrEmpty())
entityId = FixedHiveIds.SystemRoot;
// Loop through entities ancestors
var ancestorsIds = uow.Repositories.GetAncestorRelations(entityId, FixedRelationTypes.DefaultRelationType)
.Select(x => x.SourceId).ToArray();
foreach (var ancestorId in ancestorsIds)
{
HiveId source;
var status = GetPermissionStatus(permissionId, ids, ancestorId, out source);
// We are not interested in inherit permissions, so if we find one, move on
if (status != PermissionStatus.Inherit)
{
return new PermissionResult(_permissions.Get(permissionId).Value, source, status);
}
// If the ancester is system root, we've reached then end, in which case return a deny result
//BUG: We shouldn't have to compare the system root value but NH is returning content:// for the system root
if (ancestorId == FixedHiveIds.SystemRoot || ancestorId.Value == FixedHiveIds.SystemRoot.Value)
{
return new PermissionResult(_permissions.Get(permissionId).Value, source, PermissionStatus.Deny);
}
}
// We shouldn't get this far, as the last node in ancestors should always be SystemRoot, but we need to supply a fallback
return new PermissionResult(_permissions.Get(permissionId).Value, HiveId.Empty, PermissionStatus.Deny);
});
}
/// <summary>
/// Determines whether the specified entity is content.
/// </summary>
/// <param name="entity">The entity.</param>
/// <param name="uow"></param>
/// <returns>
/// <c>true</c> if the specified entity is content; otherwise, <c>false</c>.
/// </returns>
public static bool IsContent(this TypedEntity entity, IReadonlyGroupUnit<IContentStore> uow)
{
var ancestorRelations = uow.Repositories.GetAncestorRelations(entity.Id, FixedRelationTypes.DefaultRelationType).ToArray();
return ancestorRelations.Any(x => x.SourceId.Value == FixedHiveIds.ContentVirtualRoot.Value);
}
internal static UserGroup GetAnonymousUserGroup(this ISecurityService securityService, IReadonlyGroupUnit <ISecurityStore> openUnit)
{
var group = openUnit.Repositories.Query <UserGroup>().FirstOrDefault(x => x.Name == "Anonymous");
return(group);
}
/// <summary>
/// Determines whether the specified entity is media.
/// </summary>
/// <param name="entity">The entity.</param>
/// <param name="uow"></param>
/// <returns>
/// <c>true</c> if the specified entity is media; otherwise, <c>false</c>.
/// </returns>
public static bool IsMedia(this TypedEntity entity, IReadonlyGroupUnit<IContentStore> uow)
{
return uow.Repositories.GetAncestorRelations(entity.Id, FixedRelationTypes.DefaultRelationType).Any(x => x.SourceId.Value == FixedHiveIds.MediaVirtualRoot.Value);
}
public PermissionResults GetEffectivePermissions(IEnumerable<HiveId> userGroupIds, IReadonlyGroupUnit<IContentStore> uow, IReadonlyGroupUnit<ISecurityStore> securityUow, HiveId entityId = default(HiveId), params Guid[] permissionIds)
{
return new PermissionResults(permissionIds.Select(permissionId => GetEffectivePermission(permissionId, userGroupIds, uow, securityUow, entityId)).ToArray());
}
public PermissionResults GetEffectivePermissions(HiveId userId, IReadonlyGroupUnit<IContentStore> uow, IReadonlyGroupUnit<ISecurityStore> securityUow, HiveId entityId = default(HiveId), params Guid[] permissionIds)
{
var userGroupIds = GetUserGroupIdsForUser(userId);
return GetEffectivePermissions(userGroupIds, uow, securityUow, entityId, permissionIds);
}
/// <summary>
/// Gets the permission status using an existing, open unit of work.
/// </summary>
/// <param name="permissionId">The permission id.</param>
/// <param name="userGroupIds">The user group ids.</param>
/// <param name="entityId">The entity id.</param>
/// <param name="source">The source.</param>
/// <param name="uow">The unit of work.</param>
/// <returns></returns>
protected PermissionStatus GetPermissionStatus(Guid permissionId, IEnumerable<HiveId> userGroupIds, HiveId entityId, out HiveId source, IReadonlyGroupUnit<ISecurityStore> uow)
{
// Check for Administrator group membership, and just return true if so
var adminUserGroup = Hive.FrameworkContext.ScopedCache.GetOrCreateTyped("ss_administrator-group",
() => uow.Repositories.Query<UserGroup>().FirstOrDefault(x => x.Name == "Administrator"));
//TODO: Had to change to only compare values, as for some reason, the ProviderGroupRoots are different
var enumeratedGroupIds = userGroupIds.ToArray();
if (adminUserGroup != null && enumeratedGroupIds.Any(x => x.Value == adminUserGroup.Id.Value))
{
source = HiveId.Empty;
return PermissionStatus.Allow;
}
// Get permission relations for current ancestor
var parentRelationsKey = "ss_parent-relations-" + entityId + string.Join("|", enumeratedGroupIds.OrderBy(x => x.ToString())).ToMd5();
var relations = Hive.FrameworkContext.ScopedCache.GetOrCreateTyped(parentRelationsKey,
() =>
{
var relationByIds = uow.Repositories.GetParentRelations(entityId, FixedRelationTypes.PermissionRelationType).ToArray();
// Comparing by value as schemas are not coming back out of Hive for some reason
return relationByIds.Where(x => enumeratedGroupIds.Any(y => y.Value == x.SourceId.Value)).ToArray();
});
// Check for an EXPLICIT Deny permission
// Deny comes first, as if multiple permission definitions at same level have conflicting status, Deny trumps Allow
var denyRelation = relations.FirstOrDefault(relation => relation.MetaData.Any(x => x.Key.ToLower() == permissionId.ToString().ToLower() && x.Value == PermissionStatus.Deny.ToString()));
if (denyRelation != null)
{
source = denyRelation.DestinationId;
return PermissionStatus.Deny;
}
// Check for an EXPLICIT Allow permission
var allowRelation = relations.FirstOrDefault(relation => relation.MetaData.Any(x => x.Key.ToLower() == permissionId.ToString().ToLower() && x.Value == PermissionStatus.Allow.ToString()));
if (allowRelation != null)
{
source = allowRelation.DestinationId;
return PermissionStatus.Allow;
}
// Check for an EXPLICIT Inherit permission
var inheritRelation = relations.FirstOrDefault(relation => relation.MetaData.Any(x => x.Key.ToLower() == permissionId.ToString().ToLower() && x.Value == PermissionStatus.Inherit.ToString()));
if (inheritRelation != null)
{
source = inheritRelation.DestinationId;
return PermissionStatus.Inherit;
}
source = HiveId.Empty;
return PermissionStatus.Inherit;
}
public PermissionResult GetEffectivePermission(Guid permissionId, IEnumerable<HiveId> userGroupIds, IReadonlyGroupUnit<IContentStore> uow, IReadonlyGroupUnit<ISecurityStore> securityUow, HiveId entityId = default(HiveId))
{
Mandate.ParameterNotNull(userGroupIds, "userGroupIds");
var explicitPermission = GetExplicitPermission(permissionId, userGroupIds, securityUow, entityId);
return explicitPermission.Status != PermissionStatus.Inherit
? explicitPermission
: GetInheritedPermission(permissionId, userGroupIds, uow, entityId);
}
protected virtual TreeNode ConvertEntityToTreeNode(TypedEntity entity, HiveId parentId, FormCollection queryStrings, IReadonlyGroupUnit <IContentStore> uow)
{
var treeNode = CreateTreeNode(entity.Id,
queryStrings,
GetTreeNodeAlias(entity),
GetEditorUrl(entity.Id, queryStrings),
uow.Repositories.GetChildRelations(entity.Id, FixedRelationTypes.DefaultRelationType).Any());
var icon = entity.EntitySchema.GetXmlConfigProperty("icon");
if (!string.IsNullOrEmpty(icon))
{
if (icon.Contains("."))
{
//need to get the path
//TODO: Load this in from the right hive provider --Aaron
treeNode.Icon =
Url.Content(
BackOfficeRequestContext.Application.Settings.UmbracoFolders.
DocTypeIconFolder + "/" + icon);
}
else
{
treeNode.Icon = icon;
}
}
//TODO: This is going to make a few calls to the db for each node, is there a better way?
var snapshot = uow.Repositories.Revisions.GetLatestSnapshot <TypedEntity>(entity.Id);
if (!snapshot.IsPublished())
{
treeNode.Style.DimNode();
}
else if (snapshot.IsPublishPending())
{
treeNode.Style.HighlightNode();
}
//now, check if we're in the recycle bin, if so we need to filter the nodes based on the user's start node
//and where the nodes originated from.
if (parentId == RecycleBinId)
{
//TODO: Hopefully there's a better way of looking all this up as this will make quite a few queries as well...
var recycledRelation = uow.Repositories.GetParentRelations(entity, FixedRelationTypes.RecycledRelationType);
var allowed = true;
foreach (var r in recycledRelation)
{
//get the path of the original parent
var path = uow.Repositories.GetEntityPath(r.SourceId, FixedRelationTypes.DefaultRelationType).ToList();
//append the current node to the path to create the full original path
path.Add(r.DestinationId);
//BUG: This currently will always be false because NH is not returning the correct Ids for 'system' ids.
// so we've commented out the return null below until fixed
//now we can determine if this node can be viewed
if (!path.Contains(RootNodeId, new HiveIdComparer(true)))
{
allowed = false;
}
}
//if (!allowed)
// return null;
}
//TODO: Check if node has been secured
// Add additional data
foreach (var key in queryStrings.AllKeys)
{
treeNode.AdditionalData.Add(key, queryStrings[key]);
}
return(treeNode);
}
public PermissionResult GetInheritedPermission(Guid permissionId, IEnumerable <HiveId> userGroupIds, IReadonlyGroupUnit <IContentStore> uow, HiveId entityId = default(HiveId))
{
Mandate.ParameterNotNull(userGroupIds, "userGroupIds");
//get/store the result in scoped cache
var ids = userGroupIds.ToList();
ids.Sort((id1, id2) => id1.ToString().CompareTo(id2.ToString())); // Sort the list of ids so that the cache key is the same regardless of order of passed in collection
var key = "inherited-permission-" + (permissionId.ToString("N") + string.Join("", ids.Select(x => x.ToString())) + entityId).ToMd5();
return(Hive.FrameworkContext.ScopedCache.GetOrCreateTyped <PermissionResult>(key, () =>
{
// Get the permission reference
if (!_permissions.Exists(permissionId))
{
throw new InvalidOperationException("Unable to find a Permission with the id '" + permissionId + "'");
}
if (entityId.IsNullValueOrEmpty())
{
entityId = FixedHiveIds.SystemRoot;
}
// Loop through entities ancestors
var ancestorsIds = uow.Repositories.GetAncestorRelations(entityId, FixedRelationTypes.DefaultRelationType)
.Select(x => x.SourceId).ToArray();
foreach (var ancestorId in ancestorsIds)
{
HiveId source;
var status = GetPermissionStatus(permissionId, ids, ancestorId, out source);
// We are not interested in inherit permissions, so if we find one, move on
if (status != PermissionStatus.Inherit)
{
return new PermissionResult(_permissions.Get(permissionId).Value, source, status);
}
// If the ancester is system root, we've reached then end, in which case return a deny result
//BUG: We shouldn't have to compare the system root value but NH is returning content:// for the system root
if (ancestorId == FixedHiveIds.SystemRoot || ancestorId.Value == FixedHiveIds.SystemRoot.Value)
{
return new PermissionResult(_permissions.Get(permissionId).Value, source, PermissionStatus.Deny);
}
}
// We shouldn't get this far, as the last node in ancestors should always be SystemRoot, but we need to supply a fallback
return new PermissionResult(_permissions.Get(permissionId).Value, HiveId.Empty, PermissionStatus.Deny);
}));
}
public PermissionResults GetEffectivePermissions(HiveId userId, IReadonlyGroupUnit <IContentStore> uow, IReadonlyGroupUnit <ISecurityStore> securityUow, HiveId entityId = default(HiveId), params Guid[] permissionIds)
{
var userGroupIds = GetUserGroupIdsForUser(userId);
return(GetEffectivePermissions(userGroupIds, uow, securityUow, entityId, permissionIds));
}
protected virtual TreeNode ConvertEntityToTreeNode(TypedEntity entity, HiveId parentId, FormCollection queryStrings, IReadonlyGroupUnit<IContentStore> uow)
{
var treeNode = CreateTreeNode(entity.Id,
queryStrings,
GetTreeNodeAlias(entity),
GetEditorUrl(entity.Id, queryStrings),
uow.Repositories.GetChildRelations(entity.Id, FixedRelationTypes.DefaultRelationType).Any());
var icon = entity.EntitySchema.GetXmlConfigProperty("icon");
if (!string.IsNullOrEmpty(icon))
{
if (icon.Contains("."))
{
//need to get the path
//TODO: Load this in from the right hive provider --Aaron
treeNode.Icon =
Url.Content(
BackOfficeRequestContext.Application.Settings.RebelFolders.
DocTypeIconFolder + "/" + icon);
}
else
{
treeNode.Icon = icon;
}
}
//TODO: This is going to make a few calls to the db for each node, is there a better way?
var snapshot = uow.Repositories.Revisions.GetLatestSnapshot<TypedEntity>(entity.Id);
if (!snapshot.IsPublished())
treeNode.Style.DimNode();
else if (snapshot.IsPublishPending())
treeNode.Style.HighlightNode();
else
{
if (BackOfficeRequestContext.Application.Security.PublicAccess.IsProtected(entity.Id))
{
treeNode.Style.SecureNode();
}
}
//now, check if we're in the recycle bin, if so we need to filter the nodes based on the user's start node
//and where the nodes originated from.
if (parentId == RecycleBinId)
{
//TODO: Hopefully there's a better way of looking all this up as this will make quite a few queries as well...
var recycledRelation = uow.Repositories.GetParentRelations(entity, FixedRelationTypes.RecycledRelationType);
var allowed = true;
foreach (var r in recycledRelation)
{
//get the path of the original parent
var path = uow.Repositories.GetEntityPath(r.SourceId, FixedRelationTypes.DefaultRelationType).ToList();
//append the current node to the path to create the full original path
path.Add(r.DestinationId);
//BUG: This currently will always be false because NH is not returning the correct Ids for 'system' ids.
// so we've commented out the return null below until fixed
//now we can determine if this node can be viewed
if (!path.Contains(RootNodeId, new HiveIdComparer(true)))
{
allowed = false;
}
}
//if (!allowed)
// return null;
}
//TODO: Check if node has been secured
AddQueryStringsToAdditionalData(treeNode, queryStrings);
return treeNode;
}
/// <summary>
/// Determines whether the specified entity is content.
/// </summary>
/// <param name="entity">The entity.</param>
/// <param name="uow"></param>
/// <returns>
/// <c>true</c> if the specified entity is content; otherwise, <c>false</c>.
/// </returns>
public static bool IsContent(this TypedEntity entity, IReadonlyGroupUnit <IContentStore> uow)
{
var ancestorRelations = uow.Repositories.GetAncestorRelations(entity.Id, FixedRelationTypes.DefaultRelationType).ToArray();
return(ancestorRelations.Any(x => x.SourceId.Value == FixedHiveIds.ContentVirtualRoot.Value));
}
