public AccessControlPermission(Core core, long permissionId)
            : base(core)
        {
            ItemLoad += new ItemLoadHandler(AccessControlPermission_ItemLoad);

            try
            {
                LoadItem(permissionId);
            }
            catch (InvalidItemException)
            {
                AccessControlPermission acp = new AccessControlPermission(core, permissionId);
                throw new InvalidAccessControlPermissionException(acp.Name);
            }
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            Server.ScriptTimeout = 1000;
            string assemblyName = core.Http.Query["app"];
            string mode = core.Http.Query["mode"];

            System.Web.Caching.Cache cache = Cache;
            cache.Remove("itemFields");

            if (mode == "update")
            {
                if (core.LoggedInMemberId > 2 || core.LoggedInMemberId == 0)
                {
                    core.Functions.Generate403();
                    return;
                }

                //List<Primitive> members = new List<Primitive>();

                SelectQuery query = new SelectQuery("primitive_apps");
                query.AddFields(ApplicationEntry.GetFieldsPrefixed(core, typeof(ApplicationEntry)));
                query.AddFields(PrimitiveApplicationInfo.GetFieldsPrefixed(core, typeof(PrimitiveApplicationInfo)));
                query.AddJoin(JoinTypes.Inner, new DataField("primitive_apps", "application_id"), new DataField("applications", "application_id"));
                query.AddCondition("applications.application_assembly_name", assemblyName);

                /*SelectQuery query = new SelectQuery("primitive_apps pa");
                query.AddFields(ApplicationEntry.APPLICATION_FIELDS);
                query.AddFields(ApplicationEntry.USER_APPLICATION_FIELDS);
                query.AddFields(UserInfo.GetFieldsPrefixed(typeof(UserInfo)));
                query.AddJoin(JoinTypes.Inner, "applications ap", "ap.application_id", "pa.application_id");
                query.AddJoin(JoinTypes.Inner, "user_info ui", "pa.item_id", "ui.user_id");
                query.AddCondition("pa.item_type", "USER");*/

                DataTable userInfoTable = db.Query(query);

                foreach (DataRow dr in userInfoTable.Rows)
                {
                    dr["user_id"] = dr["item_id"];
                    ItemKey itemKey = new ItemKey((long)dr["item_id"], (long)dr["item_type_id"]);
                    core.PrimitiveCache.LoadPrimitiveProfile(itemKey);
                }

                foreach (DataRow dr in userInfoTable.Rows)
                {
                    ItemKey itemKey = new ItemKey((long)dr["item_id"], (long)dr["item_type_id"]);
                    Primitive member = core.PrimitiveCache[itemKey];
                    //members.Add(member);

                    ApplicationEntry ae = new ApplicationEntry(core, dr);

                    ae.UpdateInstall(core, member);
                }

                core.Display.ShowMessage("Application Updated", "The application has been updated for all users.");
            }
            else
            {

                string assemblyPath = "";
                bool isPrimitive = false;
                bool isInternals = false;
                switch (assemblyName)
                {
                    case "Internals":
                        assemblyPath = "BoxSocial.Internals.dll";
                        isInternals = true;
                        isPrimitive = false;
                        break;
                    case "Groups":
                    case "Networks":
                        assemblyPath = string.Format("{0}.dll", assemblyName);
                        isInternals = false;
                        isPrimitive = true;
                        break;
                    default:
                        assemblyPath = string.Format("applications/{0}.dll", assemblyName);
                        isInternals = false;
                        isPrimitive = false;
                        break;
                }

                Assembly loadApplication = Assembly.LoadFrom(Path.Combine(core.Http.AssemblyPath, assemblyPath));

                if (isInternals)
                {
                    BoxSocial.Internals.Application.InstallTables(core, loadApplication);
                    BoxSocial.Internals.Application.InstallTypes(core, loadApplication, 0);

                    Type[] types = loadApplication.GetTypes();
                    foreach (Type t in types)
                    {
                        //if (t.GetInterfaces().
                        List<PermissionInfo> permissions = AccessControlLists.GetPermissionInfo(t);

                        foreach (PermissionInfo pi in permissions)
                        {
                            try
                            {
                                ItemType it = new ItemType(core, t.FullName);
                                try
                                {
                                    AccessControlPermission acp = new AccessControlPermission(core, it.Id, pi.Key);
                                }
                                catch (InvalidAccessControlPermissionException)
                                {
                                    AccessControlPermission.Create(core, it.Id, pi.Key, pi.Description, pi.PermissionType);
                                }
                            }
                            catch (InvalidItemTypeException)
                            {
                            }
                        }
                    }

                    core.Display.ShowMessage("Internals Updated", "Internals have been updated.");
                }
                else
                {
                    Type[] types = loadApplication.GetTypes();
                    foreach (Type type in types)
                    {
                        if (type.IsSubclassOf(typeof(Application)))
                        {
                            BoxSocial.Internals.Application newApplication = System.Activator.CreateInstance(type, new object[] { core }) as Application;

                            if (newApplication != null)
                            {
                                long updatedRaw = UnixTime.UnixTimeStamp();
                                long applicationId = 0;

                                SelectQuery query1 = Item.GetSelectQueryStub(core, typeof(ApplicationEntry));
                                query1.AddCondition("application_assembly_name", assemblyName);

                                /*DataTable applicationTable = db.Query(string.Format(@"SELECT {0}
                            FROM applications ap
                            WHERE application_assembly_name = '{1}'",
                                    ApplicationEntry.APPLICATION_FIELDS, Mysql.Escape(assemblyName)));*/

                                DataTable applicationTable = db.Query(query1);

                                if (applicationTable.Rows.Count == 1)
                                {
                                    ApplicationEntry updateApplication = new ApplicationEntry(core, applicationTable.Rows[0]);
                                    applicationId = updateApplication.ApplicationId;
                                    string updateKey = updateApplication.Key;

                                    if (updateApplication.CreatorId == core.LoggedInMemberId)
                                    {

                                        //
                                        // Save Icon
                                        //
                                        if (newApplication.Icon != null)
                                        {
                                            if (!Directory.Exists(Server.MapPath(string.Format(@".\images\{0}\", updateKey))))
                                            {
                                                Directory.CreateDirectory(Server.MapPath(string.Format(@".\images\{0}\", updateKey)));
                                            }

                                            newApplication.Icon.Save(Server.MapPath(string.Format(@".\images\{0}\icon.png", updateKey)), System.Drawing.Imaging.ImageFormat.Png);
                                        }

                                        //
                                        // Save StyleSheet
                                        //
                                        if (!string.IsNullOrEmpty(newApplication.StyleSheet))
                                        {
                                            if (!Directory.Exists(Server.MapPath(@".\styles\applications\")))
                                            {
                                                Directory.CreateDirectory(Server.MapPath(@".\styles\applications\"));
                                            }

                                            SaveTextFile(newApplication.StyleSheet, Server.MapPath(string.Format(@".\styles\applications\{0}.css",
                                                updateKey)));
                                        }

                                        //
                                        // Save JavaScript
                                        //
                                        if (!string.IsNullOrEmpty(newApplication.JavaScript))
                                        {
                                            SaveTextFile(newApplication.JavaScript, Server.MapPath(string.Format(@".\scripts\{0}.js",
                                                updateKey)));
                                        }

                                        UpdateQuery query = new UpdateQuery("applications");
                                        query.AddField("application_title", newApplication.Title);
                                        query.AddField("application_description", newApplication.Description);
                                        query.AddField("application_primitive", isPrimitive);
                                        query.AddField("application_primitives", (byte)newApplication.GetAppPrimitiveSupport());
                                        query.AddField("application_comment", newApplication.UsesComments);
                                        query.AddField("application_rating", newApplication.UsesRatings);
                                        query.AddField("application_style", !string.IsNullOrEmpty(newApplication.StyleSheet));
                                        query.AddField("application_script", !string.IsNullOrEmpty(newApplication.JavaScript));
                                        query.AddField("application_icon", string.Format(@"/images/{0}/icon.png", updateKey));
                                        query.AddCondition("application_assembly_name", assemblyName);

                                        db.BeginTransaction();
                                        db.Query(query);
                                    }
                                    else
                                    {
                                        core.Functions.Generate403();
                                        return;
                                    }
                                }
                                else
                                {
                                    applicationId = db.UpdateQuery(string.Format(@"INSERT INTO applications (application_assembly_name, user_id, application_date_ut, application_title, application_description, application_primitive, application_primitives, application_comment, application_rating) VALUES ('{0}', {1}, {2}, '{3}', '{4}', {5}, {6}, {7}, {8});",
                                        Mysql.Escape(assemblyName), core.LoggedInMemberId, tz.GetUnixTimeStamp(tz.Now), Mysql.Escape(newApplication.Title), Mysql.Escape(newApplication.Description), isPrimitive, (byte)newApplication.GetAppPrimitiveSupport(), newApplication.UsesComments, newApplication.UsesRatings));

                                    try
                                    {
                                        ApplicationEntry profileAe = new ApplicationEntry(core, "Profile");
                                        db.UpdateQuery(string.Format(@"INSERT INTO primitive_apps (application_id, item_id, item_type_id) VALUES ({0}, {1}, '{2}');",
                                            profileAe.ApplicationId, applicationId, ItemKey.GetTypeId(core, typeof(ApplicationEntry))));
                                    }
                                    catch
                                    {
                                    }

                                    try
                                    {
                                        ApplicationEntry guestbookAe = new ApplicationEntry(core, "GuestBook");
                                        db.UpdateQuery(string.Format(@"INSERT INTO primitive_apps (application_id, item_id, item_type_id) VALUES ({0}, {1}, '{2}');",
                                            guestbookAe.ApplicationId, applicationId, ItemKey.GetTypeId(core, typeof(ApplicationEntry))));
                                    }
                                    catch
                                    {
                                    }
                                }

                                if (applicationId > 0)
                                {
                                    ApplicationInstallationInfo aii = newApplication.Install();

                                    if (aii.ApplicationSlugs != null)
                                    {
                                        foreach (ApplicationSlugInfo slug in aii.ApplicationSlugs)
                                        {
                                            if (db.UpdateQuery(string.Format(@"UPDATE application_slugs SET slug_primitives = {0}, slug_updated_ut = {1} WHERE slug_stub = '{2}' AND slug_slug_ex = '{3}' AND application_id = {4}",
                                                (byte)slug.Primitives, updatedRaw, Mysql.Escape(slug.Stub), Mysql.Escape(slug.SlugEx), applicationId)) != 1)
                                            {
                                                /*db.UpdateQuery(string.Format(@"INSERT INTO application_slugs (slug_stub, slug_slug_ex, application_id, slug_primitives, slug_updated_ut) VALUES ('{0}', '{1}', {2}, {3}, {4});",
                                                    Mysql.Escape(slug.Stub), Mysql.Escape(slug.SlugEx), applicationId, (byte)slug.Primitives, updatedRaw));*/
                                                ApplicationSlug.Create(core, applicationId, slug);
                                            }
                                        }
                                    }

                                    if (aii.ApplicationModules != null)
                                    {
                                        foreach (ApplicationModule module in aii.ApplicationModules)
                                        {
                                            if (db.UpdateQuery(string.Format(@"UPDATE account_modules SET module_updated_ut = {0} WHERE module_module = '{1}' AND application_id = {2};",
                                                updatedRaw, Mysql.Escape(module.Slug), applicationId)) != 1)
                                            {
                                                db.UpdateQuery(string.Format(@"INSERT INTO account_modules (module_module, application_id, module_updated_ut) VALUES ('{0}', {1}, {2});",
                                                    Mysql.Escape(module.Slug), applicationId, updatedRaw));
                                            }
                                        }
                                    }

                                    if (aii.ApplicationCommentTypes != null)
                                    {
                                        foreach (ApplicationCommentType ct in aii.ApplicationCommentTypes)
                                        {
                                            if (db.UpdateQuery(string.Format(@"UPDATE comment_types SET type_updated_ut = {0} WHERE type_type = '{1}' AND application_id = {2};",
                                                updatedRaw, Mysql.Escape(ct.Type), applicationId)) != 1)
                                            {
                                                db.UpdateQuery(string.Format(@"INSERT INTO comment_types (type_type, application_id, type_updated_ut) VALUES ('{0}', {1}, {2});",
                                                    Mysql.Escape(ct.Type), applicationId, updatedRaw));
                                            }
                                        }
                                    }

                                    /*if (aii.ApplicationItemAccessPermissions != null)
                                    {
                                        foreach (ApplicationItemAccessPermissions iap in aii.ApplicationItemAccessPermissions)
                                        {
                                            try
                                            {
                                                AccessControlPermission acp = new AccessControlPermission(core, iap.TypeId, iap.PermissionName);
                                            }
                                            catch (InvalidAccessControlPermissionException)
                                            {
                                                AccessControlPermission.Create(core, iap.TypeId, iap.PermissionName);
                                            }
                                        }
                                    }*/

                                    db.UpdateQuery(string.Format(@"DELETE FROM application_slugs WHERE application_id = {0} AND slug_updated_ut <> {1};",
                                        applicationId, updatedRaw));

                                    db.UpdateQuery(string.Format(@"DELETE FROM account_modules WHERE application_id = {0} AND module_updated_ut <> {1};",
                                        applicationId, updatedRaw));

                                    db.UpdateQuery(string.Format(@"DELETE FROM comment_types WHERE application_id = {0} AND type_updated_ut <> {1};",
                                        applicationId, updatedRaw));

                                    BoxSocial.Internals.Application.InstallTypes(core, loadApplication, applicationId);
                                    BoxSocial.Internals.Application.InstallTables(core, loadApplication);

                                    //List<Type> types;

                                    foreach (Type t in types)
                                    {
                                        //if (t.FindInterfaces(TypeFilter.Equals, typeof(IPermissibleItem)))
                                        List<PermissionInfo> permissions = AccessControlLists.GetPermissionInfo(t);

                                        foreach (PermissionInfo pi in permissions)
                                        {
                                            try
                                            {
                                                ItemType it = new ItemType(core, t.FullName);
                                                try
                                                {
                                                    AccessControlPermission acp = new AccessControlPermission(core, it.Id, pi.Key);
                                                }
                                                catch (InvalidAccessControlPermissionException)
                                                {
                                                    AccessControlPermission.Create(core, it.Id, pi.Key, pi.Description, pi.PermissionType);
                                                }
                                            }
                                            catch (InvalidItemTypeException)
                                            {
                                            }
                                        }
                                    }

                                }
                                else
                                {
                                    core.Display.ShowMessage("Error", "Error installing application");
                                    EndResponse();
                                }
                            }
                        }
                    }

                    core.Display.ShowMessage("Application Installed", "The application has been installed.");

                }

            }
            EndResponse();
        }
Example #3
0
        public static void CreateGrantForPrimitive(Core core, long itemTypeId, long itemId, ItemKey grantee, params string[] permissionNames)
        {
            if (core == null)
            {
                throw new NullCoreException();
            }

            SelectQuery query = AccessControlPermission.GetSelectQueryStub(core, typeof(AccessControlPermission));
            query.AddCondition("permission_item_type_id", itemTypeId);
            query.AddCondition("permission_name", ConditionEquality.In, permissionNames);
            query.AddSort(SortOrder.Ascending, "permission_type");

            DataTable permissionDataTable = core.Db.Query(query);

            foreach (DataRow dr in permissionDataTable.Rows)
            {
                AccessControlPermission permission = new AccessControlPermission(core, dr);
                AccessControlGrant.Create(core, grantee, new ItemKey(itemId, itemTypeId), permission.PermissionId, AccessControlGrants.Allow);
            }
        }
        internal AccessControlGrant(Core core, ItemKey primitive, ItemKey itemKey, long permissionId)
            : base(core)
        {
            ItemLoad += new ItemLoadHandler(AccessControlGrant_ItemLoad);

            SelectQuery query = new SelectQuery(typeof(AccessControlGrant));

            query.AddCondition("grant_primitive_id", primitive.Id);
            query.AddCondition("grant_primitive_type_id", primitive.TypeId);
            query.AddCondition("grant_item_id", itemKey.Id);
            query.AddCondition("grant_item_type_id", itemKey.TypeId);
            query.AddCondition("grant_permission_id", permissionId);

            System.Data.Common.DbDataReader grantReader = core.Db.ReaderQuery(query);

            if (grantReader.HasRows)
            {
                grantReader.Read();

                try
                {
                    loadItemInfo(grantReader);
                }
                catch (InvalidItemException)
                {
                    AccessControlPermission acp = new AccessControlPermission(core, permissionId);
                    throw new InvalidAccessControlGrantException(acp.Name);
                }

                grantReader.Close();
                grantReader.Dispose();
            }
            else
            {
                grantReader.Close();
                grantReader.Dispose();

                AccessControlPermission acp = new AccessControlPermission(core, permissionId);
                throw new InvalidAccessControlGrantException(acp.Name);
            }
        }