internal static void SetBits(SenseNet.Security.PermissionBitMask permissionMask)
{
ulong allowBits = permissionMask.AllowBits;
ulong denyBits = permissionMask.DenyBits;
var perms = PermissionType.PermissionTypes.ToArray();
var values = new SenseNet.Security.PermissionValue[perms.Length];
foreach (var perm in perms)
{
values[perm.Index] = GetValue(allowBits, denyBits, perm);
}
foreach (var perm in perms)
{
if (values[perm.Index] == SenseNet.Security.PermissionValue.Allowed)
{
SetBits(ref allowBits, ref denyBits, perm, SenseNet.Security.PermissionValue.Allowed);
}
}
foreach (var perm in perms)
{
if (values[perm.Index] == SenseNet.Security.PermissionValue.Denied)
{
SetBits(ref allowBits, ref denyBits, perm, SenseNet.Security.PermissionValue.Denied);
}
}
permissionMask.AllowBits = allowBits;
permissionMask.DenyBits = denyBits;
}
/*=========================================================================================== method for backward compatibility */
/// <summary>
/// Allowes, denies or clears a permission on the requested entity for the requested identity.
/// This is a backward compatible legacy method.
/// </summary>
/// <param name="entityId">The requested entity.</param>
/// <param name="identityId">The requested identity.</param>
/// <param name="localOnly">Determines whether the edited entry is inheritable or not.</param>
/// <param name="permission">Permission that will be modified.</param>
/// <param name="value">Value that will be set. It can be Undefined, Allowed or Denied.</param>
/// <returns>A reference to this instance for calling more operations.</returns>
public SnAclEditor SetPermission(int entityId, int identityId, bool localOnly, SenseNet.Security.PermissionTypeBase permission, SenseNet.Security.PermissionValue value)
{
switch (value)
{
case SenseNet.Security.PermissionValue.Allowed: Allow(entityId, identityId, localOnly, permission); break;
case SenseNet.Security.PermissionValue.Denied: Deny(entityId, identityId, localOnly, permission); break;
case SenseNet.Security.PermissionValue.Undefined: ClearPermission(entityId, identityId, localOnly, permission); break;
default: throw new SnNotSupportedException("Unknown PermissionValue: " + value);
}
return(this);
}
/*=========================================================================================== Tools */
internal static void SetBits(ref ulong allowBits, ref ulong denyBits, SenseNet.Security.PermissionTypeBase permissionType, SenseNet.Security.PermissionValue permissionValue)
{
var permCount = PermissionType.PermissionCount;
var y = permissionType.Index;
var thisbit = 1uL << y;
var allowedBefore = (allowBits & thisbit) != 0uL;
var deniedBefore = (denyBits & thisbit) != 0uL;
var dependencyTable = SecurityHandler.PermissionDependencyTable;
switch (permissionValue)
{
case SenseNet.Security.PermissionValue.Allowed:
for (var x = 0; x < permCount; x++)
{
if (dependencyTable[y][x] == 1)
{
allowBits |= 1uL << x;
denyBits &= ~(1uL << x);
}
}
break;
case SenseNet.Security.PermissionValue.Denied:
for (var x = 0; x < permCount; x++)
{
if (dependencyTable[x][y] == 1)
{
allowBits &= ~(1uL << x);
denyBits |= 1uL << x;
}
}
break;
case SenseNet.Security.PermissionValue.Undefined:
if (allowedBefore)
{
for (var x = 0; x < permCount; x++)
{
if (dependencyTable[x][y] == 1)
{
allowBits &= ~(1uL << x);
}
}
}
else if (deniedBefore)
{
for (var x = 0; x < permCount; x++)
{
if (dependencyTable[y][x] == 1)
{
denyBits &= ~(1uL << x);
}
}
}
break;
default:
throw new NotSupportedException("Unknown PermissionValue: " + permissionValue);
}
}
