/// <param name="moduleId"></param>
/// <param name="tabId"></param>
/// <param name="permissionKey">You can use the constants, but for modules there are only
/// those two</param>
/// <returns></returns>
public static bool canUserAccessModule(UserInfo user, int portalId, int tabId, ModuleInfo moduleInfo, string permissionKey)
{
var retVal = false;
string permissionsString = null;
if (moduleInfo.InheritViewPermissions)
{
var tabPermissionController = new TabPermissionController();
var tabPermissionCollection =
tabPermissionController.GetTabPermissionsCollectionByTabID(tabId, portalId);
permissionsString = tabPermissionController.GetTabPermissions(tabPermissionCollection, permissionKey);
}
else
{
var modulePermissionController = new ModulePermissionController();
var permissionCollection =
modulePermissionController.GetModulePermissionsCollectionByModuleID(moduleInfo.ModuleID, tabId);
permissionsString = modulePermissionController.GetModulePermissions(permissionCollection, permissionKey);
}
char[] splitter = { ';' };
var roles = permissionsString.Split(splitter);
foreach (var role in roles)
{
if (role.Length > 0)
{
if (user != null && user.IsInRole(role))
{
retVal = true;
}
else if (user == null && role.ToLower().Equals("all users"))
{
retVal = true;
}
}
}
return(retVal);
}
public virtual void SaveModulePermissions(ModuleInfo objModule)
{
if (objModule.ModulePermissions != null)
{
ModulePermissionCollection modulePermissions = ModulePermissionController.GetModulePermissions(objModule.ModuleID, objModule.TabID);
if (!modulePermissions.CompareTo(objModule.ModulePermissions))
{
dataProvider.DeleteModulePermissionsByModuleID(objModule.ModuleID);
foreach (ModulePermissionInfo objModulePermission in objModule.ModulePermissions)
{
if (objModule.InheritViewPermissions && objModulePermission.PermissionKey == "VIEW")
{
dataProvider.DeleteModulePermission(objModulePermission.ModulePermissionID);
}
else
{
dataProvider.AddModulePermission(objModule.ModuleID, objModulePermission.PermissionID, objModulePermission.RoleID, objModulePermission.AllowAccess, objModulePermission.UserID, UserController.GetCurrentUserInfo().UserID);
}
}
}
}
}
private void Create_Click(object sender, EventArgs e)
{
RoleController roleController = new RoleController();
Security.PortalSecurity ps = new Security.PortalSecurity();
txtGroupName.Text = ps.InputFilter(txtGroupName.Text, Security.PortalSecurity.FilterFlag.NoScripting);
txtGroupName.Text = ps.InputFilter(txtGroupName.Text, Security.PortalSecurity.FilterFlag.NoMarkup);
txtDescription.Text = ps.InputFilter(txtDescription.Text, Security.PortalSecurity.FilterFlag.NoScripting);
txtDescription.Text = ps.InputFilter(txtDescription.Text, Security.PortalSecurity.FilterFlag.NoMarkup);
if (roleController.GetRoleByName(PortalId, txtGroupName.Text) != null)
{
lblInvalidGroupName.Visible = true;
return;
}
var modRoles = new List <RoleInfo>();
var modUsers = new List <UserInfo>();
foreach (ModulePermissionInfo modulePermissionInfo in ModulePermissionController.GetModulePermissions(ModuleId, TabId))
{
if (modulePermissionInfo.PermissionKey == "MODGROUP" && modulePermissionInfo.AllowAccess)
{
if (modulePermissionInfo.RoleID > int.Parse(Globals.glbRoleNothing))
{
modRoles.Add(roleController.GetRole(modulePermissionInfo.RoleID, PortalId));
}
else if (modulePermissionInfo.UserID > Null.NullInteger)
{
modUsers.Add(UserController.GetUserById(PortalId, modulePermissionInfo.UserID));
}
}
}
var roleInfo = new RoleInfo()
{
PortalID = PortalId,
RoleName = txtGroupName.Text,
Description = txtDescription.Text,
SecurityMode = SecurityMode.SocialGroup,
Status = RoleStatus.Approved,
IsPublic = rdAccessTypePublic.Checked
};
var userRoleStatus = RoleStatus.Pending;
if (GroupModerationEnabled)
{
roleInfo.Status = RoleStatus.Pending;
userRoleStatus = RoleStatus.Pending;
}
else
{
userRoleStatus = RoleStatus.Approved;
}
var objModulePermissions = new ModulePermissionCollection(CBO.FillCollection(DataProvider.Instance().GetModulePermissionsByModuleID(ModuleId, -1), typeof(ModulePermissionInfo)));
if (ModulePermissionController.HasModulePermission(objModulePermissions, "MODGROUP"))
{
roleInfo.Status = RoleStatus.Approved;
userRoleStatus = RoleStatus.Approved;
}
roleInfo.RoleGroupID = DefaultRoleGroupId;
roleInfo.RoleID = roleController.AddRole(roleInfo);
roleInfo = roleController.GetRole(roleInfo.RoleID, PortalId);
var groupUrl = Globals.NavigateURL(GroupViewTabId, "", new String[] { "groupid=" + roleInfo.RoleID.ToString() });
if (groupUrl.StartsWith("http://") || groupUrl.StartsWith("https://"))
{
const int startIndex = 8; // length of https://
groupUrl = groupUrl.Substring(groupUrl.IndexOf("/", startIndex, StringComparison.InvariantCultureIgnoreCase));
}
roleInfo.Settings.Add("URL", groupUrl);
roleInfo.Settings.Add("GroupCreatorName", UserInfo.DisplayName);
roleInfo.Settings.Add("ReviewMembers", chkMemberApproved.Checked.ToString());
TestableRoleController.Instance.UpdateRoleSettings(roleInfo, true);
if (inpFile.PostedFile != null && inpFile.PostedFile.ContentLength > 0)
{
IFileManager _fileManager = FileManager.Instance;
IFolderManager _folderManager = FolderManager.Instance;
var rootFolderPath = PathUtils.Instance.FormatFolderPath(PortalSettings.HomeDirectory);
IFolderInfo groupFolder = _folderManager.GetFolder(PortalSettings.PortalId, "Groups/" + roleInfo.RoleID);
if (groupFolder == null)
{
groupFolder = _folderManager.AddFolder(PortalSettings.PortalId, "Groups/" + roleInfo.RoleID);
}
if (groupFolder != null)
{
var fileName = Path.GetFileName(inpFile.PostedFile.FileName);
var fileInfo = _fileManager.AddFile(groupFolder, fileName, inpFile.PostedFile.InputStream, true);
roleInfo.IconFile = "FileID=" + fileInfo.FileId;
roleController.UpdateRole(roleInfo);
}
}
var notifications = new Notifications();
roleController.AddUserRole(PortalId, UserId, roleInfo.RoleID, userRoleStatus, true, Null.NullDate, Null.NullDate);
if (roleInfo.Status == RoleStatus.Pending)
{
//Send notification to Group Moderators to approve/reject group.
notifications.AddGroupNotification(Constants.GroupPendingNotification, GroupViewTabId, ModuleId, roleInfo, UserInfo, modRoles, modUsers);
}
else
{
//Send notification to Group Moderators informing of new group.
notifications.AddGroupNotification(Constants.GroupCreatedNotification, GroupViewTabId, ModuleId, roleInfo, UserInfo, modRoles, modUsers);
//Add entry to journal.
GroupUtilities.CreateJournalEntry(roleInfo, UserInfo);
}
Response.Redirect(Globals.NavigateURL(GroupViewTabId, "", new String[] { "groupid=" + roleInfo.RoleID.ToString() }));
}
public static bool HasEditPermissions(int ModuleId, int Tabid)
{
return(ModulePermissionController.HasModulePermission(ModulePermissionController.GetModulePermissions(ModuleId, Tabid), "EDIT"));
}
/// -----------------------------------------------------------------------------
/// <summary>
/// Gets the ModulePermissions from the Data Store
/// </summary>
/// -----------------------------------------------------------------------------
private void GetModulePermissions()
{
_ModulePermissions = new ModulePermissionCollection(ModulePermissionController.GetModulePermissions(ModuleID, TabId));
_PermissionsList = null;
}
/// -----------------------------------------------------------------------------
/// <summary>
/// Gets the ModulePermissions from the Data Store.
/// </summary>
/// -----------------------------------------------------------------------------
private void GetModulePermissions()
{
this._ModulePermissions = new ModulePermissionCollection(ModulePermissionController.GetModulePermissions(this.ModuleID, this.TabId));
this._PermissionsList = null;
}
/// <summary>
/// Determines whether the user has the permission to the module.
/// </summary>
/// <param name="moduleInfo">The module.</param>
/// <param name="permissionKey">The permission's key</param>
/// <returns>
/// <c>true</c> if the user has the permission to the module; otherwise, <c>false</c>.
/// </returns>
private static bool HasModulePermission(ModuleInfo moduleInfo, string permissionKey)
{
return(ModulePermissionController.CanAdminModule(moduleInfo) || ModulePermissionController.HasModulePermission(ModulePermissionController.GetModulePermissions(moduleInfo.ModuleID, moduleInfo.TabID), permissionKey));
}
private ModuleInfo FillModuleInfo(IDataReader dr, bool CheckForOpenDataReader, bool IncludePermissions)
{
ModuleInfo objModuleInfo = new ModuleInfo();
ModulePermissionController objModulePermissionController = new ModulePermissionController();
// read datareader
bool canContinue = true;
if (CheckForOpenDataReader)
{
canContinue = false;
if (dr.Read())
{
canContinue = true;
}
}
if (canContinue)
{
objModuleInfo.PortalID = Convert.ToInt32(Null.SetNull(dr["PortalID"], objModuleInfo.PortalID));
objModuleInfo.TabID = Convert.ToInt32(Null.SetNull(dr["TabID"], objModuleInfo.TabID));
objModuleInfo.TabModuleID = Convert.ToInt32(Null.SetNull(dr["TabModuleID"], objModuleInfo.TabModuleID));
objModuleInfo.ModuleID = Convert.ToInt32(Null.SetNull(dr["ModuleID"], objModuleInfo.ModuleID));
objModuleInfo.ModuleDefID = Convert.ToInt32(Null.SetNull(dr["ModuleDefID"], objModuleInfo.ModuleDefID));
objModuleInfo.ModuleOrder = Convert.ToInt32(Null.SetNull(dr["ModuleOrder"], objModuleInfo.ModuleOrder));
objModuleInfo.PaneName = Convert.ToString(Null.SetNull(dr["PaneName"], objModuleInfo.PaneName));
objModuleInfo.ModuleTitle = Convert.ToString(Null.SetNull(dr["ModuleTitle"], objModuleInfo.ModuleTitle));
objModuleInfo.CacheTime = Convert.ToInt32(Null.SetNull(dr["CacheTime"], objModuleInfo.CacheTime));
objModuleInfo.Alignment = Convert.ToString(Null.SetNull(dr["Alignment"], objModuleInfo.Alignment));
objModuleInfo.Color = Convert.ToString(Null.SetNull(dr["Color"], objModuleInfo.Color));
objModuleInfo.Border = Convert.ToString(Null.SetNull(dr["Border"], objModuleInfo.Border));
objModuleInfo.IconFile = Convert.ToString(Null.SetNull(dr["IconFile"], objModuleInfo.IconFile));
objModuleInfo.AllTabs = Convert.ToBoolean(Null.SetNull(dr["AllTabs"], objModuleInfo.AllTabs));
int intVisibility = 0;
if (((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 0) || ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == Null.NullInteger))
{
objModuleInfo.Visibility = VisibilityState.Maximized;
}
else if ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 1)
{
objModuleInfo.Visibility = VisibilityState.Minimized;
}
else if ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 2)
{
objModuleInfo.Visibility = VisibilityState.None;
}
objModuleInfo.IsDeleted = Convert.ToBoolean(Null.SetNull(dr["IsDeleted"], objModuleInfo.IsDeleted));
objModuleInfo.Header = Convert.ToString(Null.SetNull(dr["Header"], objModuleInfo.Header));
objModuleInfo.Footer = Convert.ToString(Null.SetNull(dr["Footer"], objModuleInfo.Footer));
objModuleInfo.StartDate = Convert.ToDateTime(Null.SetNull(dr["StartDate"], objModuleInfo.StartDate));
objModuleInfo.EndDate = Convert.ToDateTime(Null.SetNull(dr["EndDate"], objModuleInfo.EndDate));
objModuleInfo.ContainerSrc = Convert.ToString(Null.SetNull(dr["ContainerSrc"], objModuleInfo.ContainerSrc));
objModuleInfo.DisplayTitle = Convert.ToBoolean(Null.SetNull(dr["DisplayTitle"], objModuleInfo.DisplayTitle));
objModuleInfo.DisplayPrint = Convert.ToBoolean(Null.SetNull(dr["DisplayPrint"], objModuleInfo.DisplayPrint));
objModuleInfo.DisplaySyndicate = Convert.ToBoolean(Null.SetNull(dr["DisplaySyndicate"], objModuleInfo.DisplaySyndicate));
objModuleInfo.InheritViewPermissions = Convert.ToBoolean(Null.SetNull(dr["InheritViewPermissions"], objModuleInfo.InheritViewPermissions));
objModuleInfo.DesktopModuleID = Convert.ToInt32(Null.SetNull(dr["DesktopModuleID"], objModuleInfo.DesktopModuleID));
objModuleInfo.FriendlyName = Convert.ToString(Null.SetNull(dr["FriendlyName"], objModuleInfo.FriendlyName));
objModuleInfo.Description = Convert.ToString(Null.SetNull(dr["Description"], objModuleInfo.Description));
objModuleInfo.Version = Convert.ToString(Null.SetNull(dr["Version"], objModuleInfo.Version));
objModuleInfo.IsPremium = Convert.ToBoolean(Null.SetNull(dr["IsPremium"], objModuleInfo.IsPremium));
objModuleInfo.IsAdmin = Convert.ToBoolean(Null.SetNull(dr["IsAdmin"], objModuleInfo.IsAdmin));
objModuleInfo.BusinessControllerClass = Convert.ToString(Null.SetNull(dr["BusinessControllerClass"], objModuleInfo.BusinessControllerClass));
objModuleInfo.SupportedFeatures = Convert.ToInt32(Null.SetNull(dr["SupportedFeatures"], objModuleInfo.SupportedFeatures));
objModuleInfo.ModuleControlId = Convert.ToInt32(Null.SetNull(dr["ModuleControlId"], objModuleInfo.ModuleControlId));
objModuleInfo.ControlSrc = Convert.ToString(Null.SetNull(dr["ControlSrc"], objModuleInfo.ControlSrc));
int intControlType = 0;
if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -3)
{
objModuleInfo.ControlType = SecurityAccessLevel.ControlPanel;
}
else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -2)
{
objModuleInfo.ControlType = SecurityAccessLevel.SkinObject;
}
else if (((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -1) || ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == Null.NullInteger))
{
objModuleInfo.ControlType = SecurityAccessLevel.Anonymous;
}
else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 0)
{
objModuleInfo.ControlType = SecurityAccessLevel.View;
}
else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 1)
{
objModuleInfo.ControlType = SecurityAccessLevel.Edit;
}
else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 2)
{
objModuleInfo.ControlType = SecurityAccessLevel.Admin;
}
else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 3)
{
objModuleInfo.ControlType = SecurityAccessLevel.Host;
}
objModuleInfo.ControlTitle = Convert.ToString(Null.SetNull(dr["ControlTitle"], objModuleInfo.ControlTitle));
objModuleInfo.HelpUrl = Convert.ToString(Null.SetNull(dr["HelpUrl"], objModuleInfo.HelpUrl));
if (IncludePermissions)
{
if (objModuleInfo != null)
{
//Get the Module permissions first (then we can parse the collection to determine the View/Edit Roles)
objModuleInfo.ModulePermissions = objModulePermissionController.GetModulePermissionsCollectionByModuleID(objModuleInfo.ModuleID, objModuleInfo.TabID);
objModuleInfo.AuthorizedEditRoles = objModulePermissionController.GetModulePermissions(objModuleInfo.ModulePermissions, "EDIT");
if (objModuleInfo.AuthorizedEditRoles == ";")
{
// this code is here for legacy support - the AuthorizedEditRoles were stored as a concatenated list of roleids prior to DNN 3.0
try
{
objModuleInfo.AuthorizedEditRoles = Convert.ToString(Null.SetNull(dr["AuthorizedEditRoles"], objModuleInfo.AuthorizedEditRoles));
}
catch
{
// the AuthorizedEditRoles field was removed from the Tabs table in 3.0
}
}
try
{
if (objModuleInfo.InheritViewPermissions)
{
TabPermissionController objTabPermissionController = new TabPermissionController();
TabPermissionCollection objTabPermissionCollection = objTabPermissionController.GetTabPermissionsCollectionByTabID(objModuleInfo.TabID, objModuleInfo.PortalID);
objModuleInfo.AuthorizedViewRoles = objTabPermissionController.GetTabPermissions(objTabPermissionCollection, "VIEW");
}
else
{
objModuleInfo.AuthorizedViewRoles = objModulePermissionController.GetModulePermissions(objModuleInfo.ModulePermissions, "VIEW");
}
if (objModuleInfo.AuthorizedViewRoles == ";")
{
// this code is here for legacy support - the AuthorizedViewRoles were stored as a concatenated list of roleids prior to DNN 3.0
try
{
objModuleInfo.AuthorizedViewRoles = Convert.ToString(Null.SetNull(dr["AuthorizedViewRoles"], objModuleInfo.AuthorizedViewRoles));
}
catch
{
// the AuthorizedViewRoles field was removed from the Tabs table in 3.0
}
}
}
catch
{
}
}
}
}
else
{
objModuleInfo = null;
}
return(objModuleInfo);
}
